cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.1.17.19 - Nicolas Coolman (17/01/2014)
~ Lancé par Nanie (19/01/2014 11:44:31)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16750
GCIE: Google Chrome v31.0.1650.63 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8, 64-bit (Build 9200)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : DRPMG
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2011
Windows Defender W8

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 5960 MB (83% free)
System Restore: Activé (Enable)
System drive C: has 631 GB (92%) free of 681 GB

---\\ Mode de connexion au système
~ Computer Name: MELANIE
~ User Name: Nanie
~ All Users Names: Nanie, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Nanie\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Nanie\AppData\Roaming\
~ %Desktop% : C:\Users\Nanie\Desktop\
~ %Favorites% : C:\Users\Nanie\Favorites\
~ %LocalAppData% : C:\Users\Nanie\AppData\Local\
~ %StartMenu% : C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 631 Go of 681 Go)
D: CD-ROM drive (Free 0 Go of 0 Go)
E: Floppy drive, Flash card reader, USB Key (Free 4 Go of 4 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 41 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.E7099336BF7531B6FCC920DCB5101259] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.25/10/2013 - 07:19:22.) -- C:\Windows\System32\wininet.dll [2241536]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.04/09/2013 - 04:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/58
~ Mes musiques (My Musics) : 1/518
~ Mes Videos (My Videos) : 1/5
~ Mes Favoris (My Favorites) : 1/7
~ Mes Documents (My Documents) : 1/374
~ Mon Bureau (My Desktop) : 1/7
~ Menu demarrer (Programs) : 1/25
~ Hidden Files: Scanned in 00mn 02s



---\\ Processus lancés
[MD5.1B38F4C2BCDB133B757E22BEB61FB3FC] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1176176] [PID.2172]
[MD5.90D787A2DF45B1E82C276DFD1A91AE61] - (...) -- C:\Users\Nanie\AppData\Roaming\cacaoweb\cacaoweb.exe [471552] [PID.3964] =>PUP.CacaoWeb
[MD5.AFEBF9E0B223FF04709F747C172D3540] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024] [PID.4056]
[MD5.8E5651B04BE775696B32F7F1F5DA8871] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8336896] [PID.4896]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://start.mysearchdial.com =>Adware.MyWebSearch
G0 - GCSP: Preference [User Data\Default] http://www.google.fr
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Documents Google v.0.5 (Activé)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.5.2 (Activé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] avast! Online Security v.9.0.2005.45, (Activé)
G2 - GCE: Preference [User Data\Default] [hhlmghjmomaoodfgjeikphfdljhpcpkl] Plus-HD-1.3 v.1.26.131, (Activé) =>Adware.PlusHD
G2 - GCE: Preference [User Data\Default] [ifohbjbgfchkkfhphahclmkpgejiplfo] Lightning Newtab v.1.1.8.4, (Activé) =>PUP.Elex
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial v.9.4.12 (Activé) =>Adware.MyWebSearch
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)
~ Google Browser: 20 Scanned in 00mn 03s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com =>Adware.MyWebSearch
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com =>Adware.MyWebSearch
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com =>PUP.AArtemis
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://aartemis.com =>PUP.AArtemis
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com =>PUP.AArtemis
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com =>PUP.AArtemis
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://aartemis.com =>PUP.AArtemis
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com =>PUP.AArtemis
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://start.mysearchdial.com =>Adware.MyWebSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com =>PUP.AArtemis
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://aartemis.com =>PUP.AArtemis
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com =>PUP.AArtemis
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 22 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0031257 [64Bits] - {11111111-1111-1111-1111-110311121157} . (.Plus HD - Plus-HD-1.3 BHO.) -- C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho.dll =>Adware.PlusHD
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: delta Helper Object [64Bits] - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} . (.Delta-search.com - Pas de description.) -- C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll =>Toolbar.DeltaSearch
O2 - BHO: mysearchdial Helper Object [64Bits] - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} . (.Ironsource Israel (2011) LTD - Pas de description.) -- C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll =>Adware.MyWebSearch
O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
~ BHO: 7 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Acheter en ligne.lnk . (...) -- C:\Program Files (x86)\Accessory Store\StartUrl.exe (.not file.)
O4 - GS\Desktop [Public]: avast! Free Antivirus.lnk . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - GS\Desktop [Public]: eBay.lnk . (...) -- c:\Windows\Installer\{A694AF57-9891-4D62-824C-7E55A1361A14}\_5D21023432338C3A124C18.exe =>Toolbar.eBay
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://aartemis.com =>PUP.AArtemis
O4 - GS\Desktop [Public]: Help and Support.lnk - Clé orpheline
O4 - GS\Desktop [Public]: Help.lnk . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - GS\Desktop [Public]: Picasa 3.lnk . (.Google Inc. - Picasa.) -- C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline
O4 - GS\Program [Public]: Microsoft Office.lnk . (...) -- C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe
O4 - GS\Program [Public]: Windows Store.lnk . (...) -- C:\Windows\WinStore\WinStore.htm
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (...) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe (.not file.)
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d’écran.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Enregistreur d’actions.) -- C:\Windows\system32\psr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [Nanie]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://aartemis.com =>PUP.AArtemis
O4 - GS\QuickLaunch [Nanie]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://aartemis.com =>PUP.AArtemis
O4 - GS\QuickLaunch [Nanie]: Picasa 3.lnk . (.Google Inc. - Picasa.) -- C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
O4 - GS\TaskBar [Nanie]: File Explorer.lnk . (...) -- C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Libraries
O4 - GS\TaskBar [Nanie]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://aartemis.com =>PUP.AArtemis
O4 - GS\TaskBar [Nanie]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://aartemis.com =>PUP.AArtemis
O4 - GS\TaskBar [Nanie]: Packard Bell Device Fast-lane.lnk . (...) -- C:\Program Files (x86)\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneUI.exe (.not file.)
O4 - GS\TaskBar [Nanie]: Packard Bell Power Button.lnk . (...) -- C:\Program Files (x86)\Packard Bell\Packard Bell Power Management\ePowerButton.exe (.not file.)
O4 - GS\Program [Nanie]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://aartemis.com =>PUP.AArtemis
O4 - GS\Accessories [Nanie]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Desktop [Nanie]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://aartemis.com =>PUP.AArtemis
O4 - GS\Desktop [Nanie]: PhotoFiltre.lnk . (.Antonio Da Cruz - PhotoFiltre.) -- C:\Program Files (x86)\PhotoFiltre\PhotoFiltre.exe
O4 - GS\Desktop [Nanie]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [Nanie]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 38 Scanned in 00mn 01s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKCU\..\Run: [cacaoweb] . (...) -- C:\Users\Nanie\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O4 - HKLM\..\Wow6432Node\Run: [LManager] Clé orpheline
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKUS\S-1-5-21-4013745662-1720046193-3924850484-1001\..\Run: [cacaoweb] . (...) -- C:\Users\Nanie\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
~ Application: Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0150E0A3-F2ED-4409-AB12-BA93EAF19135}: DhcpNameServer = 192.168.64.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{99A99380-3AF9-4D93-BAC7-1299EC5A2E84}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{0150E0A3-F2ED-4409-AB12-BA93EAF19135}: DhcpDomain = ANCG.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{0150E0A3-F2ED-4409-AB12-BA93EAF19135}: DhcpNameServer = 192.168.64.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{99A99380-3AF9-4D93-BAC7-1299EC5A2E84}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{0150E0A3-F2ED-4409-AB12-BA93EAF19135}: DhcpDomain = ANCG.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll (.not file.) =>PUP.BitGuard
~ AppInit DLL: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) . (.Dritek System Inc. - Dritek WMI Service.) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: Elan Service (ETDService) . (.ELAN Microelectronics Corp. - ELAN Windows Service.) - C:\Program Files\Elantech\ETDService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Patch Tool..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: C:\Program Files (x86)\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) . (.Dritek System INC. - RfBtnSvc Application.) - C:\Windows\RfBtnSvc64.exe
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: ZAtheros Wlan Agent (ZAtheros Wlan Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
~ Services: 12 Scanned in 00mn 24s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1078]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1082]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\MySearchDial.job [308] =>Adware.MyWebSearch
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-1.3-chromeinstaller.job [1922] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-1.3-codedownloader.job [1214] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-1.3-enabler.job [1114] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-1.3-updater.job [1312] =>Adware.PlusHD
[MD5.B1298BDD59EC1F6FA718FE475FA17798] [APT] [ALU] (...) -- C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [3331216]
[MD5.BD0BA490E0300E859DB99DA3AB024371] [APT] [ALUAgent] (...) -- C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [39568]
[MD5.24DC2A6F110B79787D6C5D5FF52A0235] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [765176]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.CCFEE663F7DD308FFC47CD29D0861C17] [APT] [MySearchDial] (...) -- C:\Users\Nanie\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.exe [106496] =>Adware.MyWebSearch
[MD5.3FB69FBE65375914C3F48A1D7A3AB9EF] [APT] [Plus-HD-1.3-chromeinstaller] (.Plus HD.) -- C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-chromeinstaller.exe [502120] =>Adware.PlusHD
[MD5.764216EF251D9964AC269EAEF426C951] [APT] [Plus-HD-1.3-codedownloader] (.Plus HD.) -- C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-codedownloader.exe [518504] =>Adware.PlusHD
[MD5.84BDDDB7E2A2D334CA9BA12AABF959AB] [APT] [Plus-HD-1.3-enabler] (.Plus HD.) -- C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-enabler.exe [338792] =>Adware.PlusHD
[MD5.23FB59BF0721096A7CEDFEA7EF871A34] [APT] [Plus-HD-1.3-updater] (.Plus HD.) -- C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-updater.exe [350568] =>Adware.PlusHD
[MD5.5659ADFFA101D3AC0C62CED889991357] [APT] [Power Management] (.Acer Incorporated.) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [5294736]
~ Scheduled Task: 25 Scanned in 00mn 05s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Drivers: 40 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: CyberLink PowerDVD 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: CyberLink PowerDVD 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: DMUninstaller - (...) [HKLM][64Bits] -- DMUninstaller
O42 - Logiciel: Delta Chrome Toolbar - (.Visual Tools.) [HKLM][64Bits] -- Delta Chrome Toolbar =>Toolbar.DeltaSearch
O42 - Logiciel: Delta toolbar - (.Delta.) [HKLM][64Bits] -- delta =>Toolbar.DeltaSearch
O42 - Logiciel: ETDWare PS/2-X64 11.6.8.001_WHQL - (.ELAN Microelectronic Corp..) [HKLM][64Bits] -- Elantech
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {56D4499E-AC3E-4B8D-91C9-C700C148C44B}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Identity Card - (.Packard Bell.) [HKLM][64Bits] -- {3D9CB654-99AD-4301-89C6-0D12A790767C}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
O42 - Logiciel: Launch Manager - (.Packard Bell.) [HKLM][64Bits] -- LManager
O42 - Logiciel: Live Updater - (.Packard Bell.) [HKLM][64Bits] -- {EE26E302-876A-48D9-9058-3129E5B99999}
O42 - Logiciel: Mysearchdial - (.Mysearchdial.) [HKLM][64Bits] -- mysearchdial =>Adware.MyWebSearch
O42 - Logiciel: Nero 12 Essentials OEM.a01 - (.Nero AG.) [HKLM][64Bits] -- {9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}
O42 - Logiciel: Nero BackItUp - (.Nero AG.) [HKLM][64Bits] -- {E70B2F2C-94D1-4287-B5B0-CBBE618E2652}
O42 - Logiciel: Nero BackItUp 12 Essentials OEM.a01 - (.Nero AG.) [HKLM][64Bits] -- {B2B0EC73-AD4A-4716-A3DE-CEA8440B309B}
O42 - Logiciel: Nero BackItUp Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {EF0D1292-8FC1-41BE-9740-DBC134F66415}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {ABC88553-8770-4B97-B43E-5A90647A5B63}
O42 - Logiciel: Nero ControlCenter Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {C994C746-C6D0-4EBA-B09E-DF7B18381B69}
O42 - Logiciel: Nero Core Components - (.Nero AG.) [HKLM][64Bits] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263}
O42 - Logiciel: Nero Express - (.Nero AG.) [HKLM][64Bits] -- {848A7C68-0ADC-4193-8A89-2CEA78E56A0C}
O42 - Logiciel: Nero Express Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {0708FF30-78C0-47B0-81F0-C84604DC769C}
O42 - Logiciel: Nero Launcher - (.Nero AG.) [HKLM][64Bits] -- {0E4630AF-0AB7-440E-A978-1A78FC4F43B9}
O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM][64Bits] -- {A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}
O42 - Logiciel: Nero RescueAgent Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {0B311221-05A5-4766-8D03-7A6446794156}
O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM][64Bits] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
O42 - Logiciel: Packard Bell Device Fast-lane - (.Packard Bell.) [HKLM][64Bits] -- {3F62D2FD-13C1-49A2-8B5D-47623D9460D7}
O42 - Logiciel: Packard Bell Power Management - (.Packard Bell.) [HKLM][64Bits] -- {91F52DE4-B789-42B0-9311-A349F10E5479}
O42 - Logiciel: Packard Bell Recovery Management - (.Packard Bell.) [HKLM][64Bits] -- {07F2005A-8CAC-4A4B-83A2-DA98A722CA61}
O42 - Logiciel: PhotoFiltre - (...) [HKCU][64Bits] -- PhotoFiltre
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM][64Bits] -- Picasa 3
O42 - Logiciel: Plus-HD-1.3 - (.Plus HD.) [HKLM][64Bits] -- Plus-HD-1.3 =>Adware.PlusHD
O42 - Logiciel: Qualcomm Atheros WiFi Driver Installation - (.Qualcomm Atheros.) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek PCIE Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {C1594429-8296-4652-BF54-9DBE4932A44C}
O42 - Logiciel: WinRAR 5.00 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: avast! Free Antivirus v9.0.2011 - (.Avast Software.) [HKLM][64Bits] -- avast
O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM][64Bits] -- {A694AF57-9891-4D62-824C-7E55A1361A14} =>Toolbar.eBay
~ Logic: 42 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\868d8bb23aec43] =>Hijacker.Eazel
[HKCU\Software\AVAST Software]
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\Plus-HD-1.3] =>Adware.PlusHD
[HKCU\Software\AppDataLow]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Delta]
[HKCU\Software\Dritek]
[HKCU\Software\Elantech]
[HKCU\Software\FileScout] =>PUP.FileScout
[HKCU\Software\Google]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\Intel]
[HKCU\Software\Lake]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mine]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\OEM]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SYNCJM]
[HKCU\Software\Symantec]
[HKCU\Software\TeleCharger]
[HKCU\Software\TeleCharger_v2]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKCU\Software\mozilla]
[HKCU\Software\mysearchdial] =>Adware.MyWebSearch
[HKLM\Software\ATI Technologies]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cyberlink]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Macromedia]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\Policies]
[HKLM\Software\Qualcomm Atheros Fast Reconnect]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SonicFocus]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\868d8bb23aec43] =>Hijacker.Eazel
[HKLM\Software\Wow6432Node\ATHEROS]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\Canon]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Delta]
[HKLM\Software\Wow6432Node\DivXNetworks]
[HKLM\Software\Wow6432Node\Dritek]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Qualcomm Atheros WiFi Driver Installation]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Uniblue]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\WinRAR]
[HKLM\Software\Wow6432Node\aartemisSoftware] =>PUP.AArtemis
[HKLM\Software\Wow6432Node]
~ Key Software: 193 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 02/03/2013 - 21:39:26 - [308,962] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 07/12/2012 - 19:37:25 - [189,845] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 15/07/2013 - 19:28:10 - [2,336] ----D C:\Program Files (x86)\Delta
O43 - CFD: 14/05/2013 - 16:06:06 - [609,733] ----D C:\Program Files (x86)\Google
O43 - CFD: 07/12/2012 - 19:38:42 - [65,085] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 07/12/2012 - 19:18:31 - [169,249] ----D C:\Program Files (x86)\Intel
O43 - CFD: 09/01/2014 - 13:52:39 - [4,633] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 07/12/2012 - 19:15:40 - [27,936] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 19/05/2013 - 10:27:23 - [567,187] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 02/03/2013 - 21:29:05 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 02/03/2013 - 21:26:49 - [1,323] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 03/03/2013 - 13:44:49 - [3,554] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 02/03/2013 - 21:28:53 - [7,797] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 15/07/2013 - 19:28:06 - [0] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 02/03/2013 - 21:29:09 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 26/11/2013 - 18:15:58 - [2,654] ----D C:\Program Files (x86)\Mysearchdial =>Adware.MyWebSearch
O43 - CFD: 01/11/2012 - 02:56:11 - [318,437] ----D C:\Program Files (x86)\Nero
O43 - CFD: 19/02/2013 - 01:44:33 - [0,105] ----D C:\Program Files (x86)\OEM
O43 - CFD: 01/11/2012 - 02:55:27 - [5,216] ----D C:\Program Files (x86)\Packard Bell
O43 - CFD: 26/11/2013 - 18:16:58 - [3,529] ----D C:\Program Files (x86)\PhotoFiltre
O43 - CFD: 16/11/2013 - 15:27:22 - [7,427] ----D C:\Program Files (x86)\Plus-HD-1.3 =>Adware.PlusHD
O43 - CFD: 07/12/2012 - 19:26:52 - [7,935] ----D C:\Program Files (x86)\Qualcomm Atheros
O43 - CFD: 07/12/2012 - 19:23:24 - [31,180] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 01/11/2012 - 02:46:39 - [36,536] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 01/11/2012 - 02:57:46 - [2,444] ----D C:\Program Files (x86)\SymSilent
O43 - CFD: 07/12/2012 - 19:23:47 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 02/10/2013 - 13:30:03 - [1,038] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 08/12/2012 - 03:56:26 - [5,466] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 12/03/2013 - 12:54:27 - [3,494] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 26/07/2012 - 09:12:59 - [7,243] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 25/06/2013 - 19:08:43 - [5,226] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/07/2012 - 09:12:59 - [0] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 16/11/2013 - 15:27:39 - [4,593] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 19/01/2014 - 11:43:05 - [17,257] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 02/03/2013 - 21:29:05 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 07/12/2012 - 19:23:22 - [2,009] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 05/03/2013 - 23:47:34 - [244,741] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 01/11/2012 - 02:55:59 - [20,044] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 07/12/2012 - 19:17:14 - [0,185] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 26/07/2012 - 09:13:01 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 07/12/2013 - 10:23:37 - [0] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 05/03/2013 - 19:34:52 - [41,893] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 08/12/2013 - 16:07:38 - [-370,606] ----D C:\ProgramData\AVAST Software
O43 - CFD: 15/07/2013 - 19:27:34 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 19/02/2013 - 01:32:39 - [0] -SH-D C:\ProgramData\Bureau
O43 - CFD: 24/03/2013 - 17:05:16 - [33,953] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 07/12/2012 - 19:38:48 - [0] ----D C:\ProgramData\CLSK
O43 - CFD: 03/01/2014 - 21:12:49 - [0,054] ----D C:\ProgramData\CyberLink
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 07/12/2012 - 19:18:31 - [0,248] ----D C:\ProgramData\Intel
O43 - CFD: 12/03/2013 - 18:10:02 - [0] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 19/02/2013 - 01:32:39 - [0] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 19/01/2014 - 00:12:56 - [1674,513] -S--D C:\ProgramData\Microsoft
O43 - CFD: 06/01/2014 - 15:11:17 - [0,062] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 19/02/2013 - 01:32:39 - [0] -SH-D C:\ProgramData\Modèles
O43 - CFD: 01/11/2012 - 02:56:32 - [2,353] ----D C:\ProgramData\Nero
O43 - CFD: 07/12/2013 - 10:25:00 - [2,099] ----D C:\ProgramData\Norton
O43 - CFD: 01/11/2012 - 02:57:12 - [13,985] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 19/02/2013 - 01:44:16 - [0,001] ----D C:\ProgramData\OEM
O43 - CFD: 01/11/2012 - 02:55:27 - [0,230] ----D C:\ProgramData\Packard Bell
O43 - CFD: 05/03/2013 - 23:52:26 - [1,518] ----D C:\ProgramData\PRICache
O43 - CFD: 07/12/2012 - 19:26:45 - [0,021] ----D C:\ProgramData\Qualcomm Atheros
O43 - CFD: 26/07/2012 - 08:52:44 - [0,001] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 07/12/2012 - 19:37:49 - [0,356] ----D C:\ProgramData\Temp
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Templates
O43 - CFD: 14/01/2014 - 19:39:27 - [0,521] ----D C:\ProgramData\WildTangent
O43 - CFD: 19/02/2013 - 01:44:01 - [0] ----D C:\Users\Nanie\AppData\Roaming\Adobe
O43 - CFD: 10/12/2013 - 17:51:34 - [0] ----D C:\Users\Nanie\AppData\Roaming\AVAST Software
O43 - CFD: 15/07/2013 - 19:28:09 - [1,662] ----D C:\Users\Nanie\AppData\Roaming\BabSolution =>Hijacker.BabSolution
O43 - CFD: 15/07/2013 - 19:27:34 - [0,010] ----D C:\Users\Nanie\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 18/01/2014 - 23:30:48 - [0,450] ----D C:\Users\Nanie\AppData\Roaming\cacaoweb =>PUP.CacaoWeb
O43 - CFD: 22/06/2013 - 13:45:48 - [0,002] ----D C:\Users\Nanie\AppData\Roaming\CyberLink
O43 - CFD: 15/07/2013 - 19:28:05 - [0,259] ----D C:\Users\Nanie\AppData\Roaming\Delta
O43 - CFD: 25/09/2013 - 14:45:30 - [0,308] ----D C:\Users\Nanie\AppData\Roaming\File Scout =>PUP.FileScout
O43 - CFD: 29/03/2013 - 20:53:56 - [0] ----D C:\Users\Nanie\AppData\Roaming\Identities
O43 - CFD: 19/02/2013 - 01:43:27 - [0,482] ----D C:\Users\Nanie\AppData\Roaming\lm
O43 - CFD: 02/03/2013 - 21:51:09 - [0,002] ----D C:\Users\Nanie\AppData\Roaming\Macromedia
O43 - CFD: 12/03/2013 - 18:10:14 - [0,001] ----D C:\Users\Nanie\AppData\Roaming\Malwarebytes
O43 - CFD: 18/01/2014 - 23:58:56 - [3,014] -S--D C:\Users\Nanie\AppData\Roaming\Microsoft
O43 - CFD: 26/11/2013 - 18:16:19 - [0,174] ----D C:\Users\Nanie\AppData\Roaming\mysearchdial =>Adware.MyWebSearch
O43 - CFD: 26/11/2013 - 18:46:22 - [0,001] ----D C:\Users\Nanie\AppData\Roaming\PhotoFiltre
O43 - CFD: 14/01/2014 - 19:39:26 - [0] ----D C:\Users\Nanie\AppData\Roaming\WildTangent
O43 - CFD: 16/11/2013 - 15:29:29 - [0] ----D C:\Users\Nanie\AppData\Roaming\WinRAR
O43 - CFD: 19/01/2014 - 11:45:16 - [0,016] ----D C:\Users\Nanie\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 19/02/2013 - 01:42:09 - [0] -SH-D C:\Users\Nanie\AppData\Local\Application Data
O43 - CFD: 02/03/2013 - 22:11:27 - [1,557] ----D C:\Users\Nanie\AppData\Local\Apps
O43 - CFD: 15/09/2013 - 19:00:23 - [0,103] ----D C:\Users\Nanie\AppData\Local\avgchrome
O43 - CFD: 18/01/2014 - 23:35:03 - [19,013] ----D C:\Users\Nanie\AppData\Local\CrashDumps
O43 - CFD: 25/07/2013 - 17:59:41 - [0,002] ----D C:\Users\Nanie\AppData\Local\Cyberlink
O43 - CFD: 02/03/2013 - 22:11:51 - [0] ----D C:\Users\Nanie\AppData\Local\Deployment
O43 - CFD: 18/01/2014 - 23:53:37 - [1,269] ----D C:\Users\Nanie\AppData\Local\Diagnostics
O43 - CFD: 14/05/2013 - 16:06:08 - [224,434] ----D C:\Users\Nanie\AppData\Local\Google
O43 - CFD: 19/02/2013 - 01:42:09 - [0] -SH-D C:\Users\Nanie\AppData\Local\Historique
O43 - CFD: 19/01/2014 - 00:12:56 - [232,899] ----D C:\Users\Nanie\AppData\Local\Microsoft
O43 - CFD: 02/03/2013 - 21:26:27 - [0] ----D C:\Users\Nanie\AppData\Local\Microsoft Help
O43 - CFD: 05/03/2013 - 23:52:29 - [121,105] ----D C:\Users\Nanie\AppData\Local\Packages
O43 - CFD: 19/01/2014 - 11:43:15 - [122,434] ----D C:\Users\Nanie\AppData\Local\Temp
O43 - CFD: 19/02/2013 - 01:42:09 - [0] -SH-D C:\Users\Nanie\AppData\Local\Temporary Internet Files
O43 - CFD: 19/02/2013 - 01:42:41 - [0] ----D C:\Users\Nanie\AppData\Local\VirtualStore
O43 - CFD: 26/07/2012 - 09:13:00 - [0,004] R---D C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/07/2012 - 09:13:00 - [0,001] R---D C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 27/10/2013 - 20:27:52 - [0] R---D C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 21/11/2013 - 17:15:48 - [0,001] ----D C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard =>PUP.BitGuard
O43 - CFD: 26/07/2012 - 09:13:00 - [0] ----D C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 26/11/2013 - 18:16:58 - [0] ----D C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre
O43 - CFD: 27/10/2013 - 20:27:52 - [0] R---D C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/07/2012 - 09:13:00 - [0,005] R---D C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 16/11/2013 - 15:27:41 - [0,004] ----D C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 113 Scanned in 00mn 21s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.857433889008F86728E8C099C740729D] - 04/01/2014 - 13:21:07 ---A- . (.Microsoft Corporation - Port Class (Class Driver for Port/Miniport.) -- C:\Windows\System32\Drivers\portcls.sys [288768]
O44 - LFC:[MD5.A10B2CB810FF727328872C8D5673D491] - 04/01/2014 - 13:21:13 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [4036608]
O44 - LFC:[MD5.F5BAFB32D8EC6286B96C23E27CEF2578] - 04/01/2014 - 13:21:14 ---A- . (.Microsoft Corporation - Microsoft ® Console Based Script Host.) -- C:\Windows\System32\cscript.exe [146944]
O44 - LFC:[MD5.907B7589463313452942F17297D8CDB7] - 04/01/2014 - 13:21:14 ---A- . (.Microsoft Corporation - Microsoft ® Script Runtime.) -- C:\Windows\System32\scrrun.dll [194048]
O44 - LFC:[MD5.D890ECBF9D1BE08B81C7832690DD16B0] - 04/01/2014 - 13:21:14 ---A- . (.Microsoft Corporation - Windows Script Host Runtime Library.) -- C:\Windows\System32\wshom.ocx [143872]
O44 - LFC:[MD5.C867433D5C96E4F616F0AEC2E0E46B5D] - 04/01/2014 - 13:21:14 ---A- . (.Microsoft Corporation - Windows ® Script Component Runtime.) -- C:\Windows\System32\scrobj.dll [222720]
O44 - LFC:[MD5.1D40913DA534B116B8F15CCC747918A3] - 04/01/2014 - 13:21:32 ---A- . (.Microsoft Corporation - Authentication Provider.) -- C:\Windows\System32\storewuauth.dll [175104]
O44 - LFC:[MD5.E363AD0D35F79615E6596AE70184FEE2] - 04/01/2014 - 13:21:32 ---A- . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\System32\wuapp.exe [40448]
O44 - LFC:[MD5.493C5728796ABBF760147CA38C3418E9] - 04/01/2014 - 13:21:32 ---A- . (.Microsoft Corporation - Windows Update Vista Web Control.) -- C:\Windows\System32\wuwebv.dll [142848]
O44 - LFC:[MD5.E6434F7D79D112FAB2EF83D340E06EE1] - 04/01/2014 - 13:21:32 ---A- . (.Microsoft Corporation - Windows Update WUDriver Stub.) -- C:\Windows\System32\wudriver.dll [99328]
O44 - LFC:[MD5.D2096B322A5F8D9354B61B4BFDFA7132] - 04/01/2014 - 13:21:33 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [385528]
O44 - LFC:[MD5.A7045F139A9C3ABE4AA838E17D1DB8C7] - 04/01/2014 - 13:21:33 ---A- . (.Microsoft Corporation - Expérience utilisateur du client Windows Up.) -- C:\Windows\System32\wucltux.dll [1622016]
O44 - LFC:[MD5.8C30507C9EAA8F1E7D62D4388DC5330E] - 04/01/2014 - 13:21:33 ---A- . (.Microsoft Corporation - Windows Update Modern WuApp.) -- C:\Windows\System32\WUSettingsProvider.dll [252928]
O44 - LFC:[MD5.AAE63132AEE6A66A8DA6DADB7EC6C28F] - 04/01/2014 - 13:21:33 ---A- . (.Microsoft Corporation - Windows Update.) -- C:\Windows\System32\wuauclt.exe [59416]
O44 - LFC:[MD5.9110193D93960E38B8692E4519C75D72] - 04/01/2014 - 13:21:34 ---A- . (.Microsoft Corporation - Storage Spaces Driver.) -- C:\Windows\System32\Drivers\spaceport.sys [285016]
O44 - LFC:[MD5.E5F7328B1D29BCE791862CD3C0DD382A] - 04/01/2014 - 13:21:35 ---A- . (.Microsoft Corporation - USB3 HUB Driver.) -- C:\Windows\System32\Drivers\USBHUB3.SYS [447320]
O44 - LFC:[MD5.E6AF4DF1817953D73C519B17CF849756] - 04/01/2014 - 13:21:36 ---A- . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys [1455448]
O44 - LFC:[MD5.D728042519B8FCBEE14EC250E3F050B8] - 04/01/2014 - 13:21:36 ---A- . (.Microsoft Corporation - Microsoft Cluster Resource Utility DLL.) -- C:\Windows\System32\resutils.dll [626688]
O44 - LFC:[MD5.BB1B37C53D09CA41E2A55DD9D6C1B32E] - 04/01/2014 - 13:21:36 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\Windows\System32\oleaut32.dll [778752]
O44 - LFC:[MD5.C9549BC9C3E3DECD8BE81E527137B85F] - 04/01/2014 - 13:21:37 ---A- . (.Microsoft Corporation - API du client Windows Update.) -- C:\Windows\System32\wuapi.dll [773120]
O44 - LFC:[MD5.DE9FDB812157F77CA4EB46E3ABB40448] - 04/01/2014 - 13:21:37 ---A- . (.Microsoft Corporation - Bibliothèque d’API de cluster.) -- C:\Windows\System32\clusapi.dll [374784]
O44 - LFC:[MD5.311E5E1976E0BD9110A88B93158055D5] - 04/01/2014 - 13:21:38 ---A- . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll [3279872]
O44 - LFC:[MD5.544A2EB9629532C6C8D4FE7DB9181FA4] - 04/01/2014 - 13:21:43 ---A- . (.Microsoft Corporation - Windows NT Image Helper.) -- C:\Windows\System32\imagehlp.dll [62976]
O44 - LFC:[MD5.51107DD3E8DF825ED09CF028F6C8B138] - 04/01/2014 - 13:25:09 ---A- . (.Microsoft Corporation - Bibliothèque de thèmes Ux Microsoft.) -- C:\Windows\System32\uxtheme.dll [915968]
O44 - LFC:[MD5.69066C0F7E2BDF63462388390A5DFB2C] - 04/01/2014 - 13:25:10 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe [51712]
O44 - LFC:[MD5.422EF1C2294F03C56F9639BAF837A4B4] - 04/01/2014 - 13:25:18 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll [3959808]
O44 - LFC:[MD5.7A94C5BB4A430394B3C3800281CBD3D0] - 04/01/2014 - 13:25:20 ---A- . (.Microsoft Corporation - Utilitaire à l’exécution pour Internet Expl.) -- C:\Windows\System32\iertutil.dll [2648576]
O44 - LFC:[MD5.F164B9D9EB6AA4FED10AC2DA8CB4A89A] - 04/01/2014 - 13:25:33 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [19271168]
O44 - LFC:[MD5.E7099336BF7531B6FCC920DCB5101259] - 04/01/2014 - 13:25:35 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2241536]
O44 - LFC:[MD5.C1AD905DCD475A88802FA8C4A5283AA6] - 04/01/2014 - 13:25:38 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll [855552]
O44 - LFC:[MD5.62608962D83846E12529032E56D97AC2] - 04/01/2014 - 13:25:38 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [15404032]
O44 - LFC:[MD5.4398619B257439867B80E7F5239479F1] - 04/01/2014 - 13:25:40 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [603136]
O44 - LFC:[MD5.2DA75D0CC0A3CE775C7F823E6C2355DA] - 04/01/2014 - 13:25:41 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1365504]
O44 - LFC:[MD5.709AF101E72F2FB30B1A47B7EBD8034C] - 05/01/2014 - 14:50:19 ---A- . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Inter.) -- C:\Windows\System32\msieftp.dll [312320]
O44 - LFC:[MD5.6669946CF2CF5B5299A90B22C9189350] - 05/01/2014 - 14:50:27 ---A- . (.Microsoft Corporation - Codec pour photographie Windows Media Photo.) -- C:\Windows\System32\WMPhoto.dll [420864]
O44 - LFC:[MD5.CC9AEDAA3C140ECC8EA9A1EFA4F9D3F6] - 06/01/2014 - 15:11:41 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [90708896]
O44 - LFC:[MD5.4D5FD79A075B9BD9ACEFD6FAA753318A] - 09/01/2014 - 13:58:53 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [43152]
O44 - LFC:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 09/01/2014 - 13:58:54 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O44 - LFC:[MD5.9C2BEA3957EFFD45F352F0938DFB3721] - 09/01/2014 - 13:58:54 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [78648]
O44 - LFC:[MD5.52B5F8FAF7E78C02D26B0B6E3A05F596] - 09/01/2014 - 13:58:54 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [1034464]
O44 - LFC:[MD5.251360C2FCA22BAFE0583314B3262F98] - 09/01/2014 - 13:58:54 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswSP.sys [422216]
O44 - LFC:[MD5.FC6C916BDACC594802064A78225A3E6B] - 09/01/2014 - 13:58:54 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [334136]
O44 - LFC:[MD5.AAB5F5336EDBB5D99CC7E1A9F4D8F63F] - 09/01/2014 - 13:59:14 ---A- . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\Drivers\aswstm.sys [79672]
O44 - LFC:[MD5.D5E5745755FDE41853E9476C4710D43B] - 09/01/2014 - 14:01:00 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [424472]
O44 - LFC:[MD5.FA8671F3CDC65FC11148C34AEEB9F753] - 18/01/2014 - 23:29:51 ---A- . (...) -- C:\Windows\PFRO.log [631726]
O44 - LFC:[MD5.3D7E690B66DE418A236A351E03841E6C] - 19/01/2014 - 00:26:26 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1057180]
O44 - LFC:[MD5.E65203AC07D933A61BF5CDFDDEC7F1C1] - 19/01/2014 - 11:40:45 ---A- . (...) -- C:\Windows\setupact.log [31925]
O44 - LFC:[MD5.E187EF2967FD4CE5D353EE03FD3C9DB7] - 19/01/2014 - 11:40:55 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.75FCBFA584A33DB66C59DC5438332C88] - 19/01/2014 - 11:42:45 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1793362]
O44 - LFC:[MD5.60848F26202F113F568988F91286CB32] - 19/01/2014 - 11:42:45 ---A- . (...) -- C:\Windows\System32\perfc009.dat [132614]
O44 - LFC:[MD5.9EE422AA9513AE1F93BFBDC37DEF742C] - 19/01/2014 - 11:42:45 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [155650]
O44 - LFC:[MD5.588A60C2D869ECF17BEBA0F05427E1BB] - 19/01/2014 - 11:42:45 ---A- . (...) -- C:\Windows\System32\perfh009.dat [710244]
O44 - LFC:[MD5.5CB45BBAB10914D0F3803C07043B1D06] - 19/01/2014 - 11:42:45 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [800978]
~ Files: 53 Scanned in 00mn 13s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.609CE0BEBE66D1F3AB9DF1848E39EAA0] - 01/01/2014 - 01:38:46 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-276AC160.pf
O45 - LFCP:[MD5.D62693298EFF4062F451E835B2F4EF25] - 02/01/2014 - 13:55:40 ---A- - C:\Windows\Prefetch\GLCND.EXE-DD45F588.pf
O45 - LFCP:[MD5.A37221ACA115D6920BE8AB73BB3F531C] - 02/01/2014 - 14:00:32 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-26AA101A.pf
O45 - LFCP:[MD5.262E02C2CCF4BB1B01FA2A1A30A1581D] - 03/01/2014 - 21:12:14 ---A- - C:\Windows\Prefetch\POWERDVD10.EXE-6CD2ECA6.pf
O45 - LFCP:[MD5.35DE209390260F697E3714D8757BEC21] - 03/01/2014 - 21:12:20 ---A- - C:\Windows\Prefetch\CLUPDATER.EXE-64D36E25.pf
O45 - LFCP:[MD5.79D47C8FBC5702C5A652ED826F4A1590] - 06/01/2014 - 15:11:23 ---A- - C:\Windows\Prefetch\dynreservedpri.db
O45 - LFCP:[MD5.E5400B02644968D954F46618DB4B3C9F] - 06/01/2014 - 20:24:53 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-22AD8A37.pf
O45 - LFCP:[MD5.1A0E7D458B6401BAD9B35EEBDE6A5D43] - 06/01/2014 - 20:24:53 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5511E724.pf
O45 - LFCP:[MD5.511A9D821D9AC373BC2E2E0DC1DC3C3F] - 08/01/2014 - 09:26:10 ---A- - C:\Windows\Prefetch\PLUS-HD-1.3-CHROMEINSTALLER.E-43A7E5E8.pf =>Adware.PlusHD
O45 - LFCP:[MD5.0B94E2B91DFDFF1154055B7E53E1F888] - 08/01/2014 - 09:27:00 ---A- - C:\Windows\Prefetch\PLUS-HD-1.3-ENABLER.EXE-63DB11A9.pf =>Adware.PlusHD
O45 - LFCP:[MD5.DE43CD36DD75217886A1EDC2CB539672] - 08/01/2014 - 10:37:33 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-9F989E84.pf
O45 - LFCP:[MD5.9072D12CDE5FE84A9936C1DD9CDEA303] - 08/01/2014 - 10:37:37 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-4DB88ADA.pf
O45 - LFCP:[MD5.6286772CD60D92B240418DF70EE0108A] - 08/01/2014 - 10:37:37 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-CD4E002C.pf
O45 - LFCP:[MD5.F4DE5EAEE658CBF62F0195BA44F17619] - 08/01/2014 - 10:52:04 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.97C7C6C473B69D4EEF07F84E73C91BD4] - 08/01/2014 - 10:52:06 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EA0A52C8.pf
O45 - LFCP:[MD5.914EDA3CB9D1EE342AD0E2C7F14BBFF0] - 08/01/2014 - 10:52:15 ---A- - C:\Windows\Prefetch\SETTINGSYNCHOST.EXE-DD400067.pf
O45 - LFCP:[MD5.0B27824BA38CD0C8ABE758AF1566D8A6] - 08/01/2014 - 10:52:16 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-9E940D77.pf
O45 - LFCP:[MD5.030EE4C81D3A4407A921CDC1F72DF3A6] - 08/01/2014 - 10:52:16 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-3C5D03F7.pf
O45 - LFCP:[MD5.5E171A5331F257DD8BCC27C2F9D356B2] - 08/01/2014 - 10:52:42 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-55FE3087.pf
O45 - LFCP:[MD5.449E2C673F9C1D9EF466E7243035E8D7] - 08/01/2014 - 10:52:42 ---A- - C:\Windows\Prefetch\NGEN.EXE-383F81D5.pf
O45 - LFCP:[MD5.F569270B4F325B49B547CD6FEA4634B5] - 08/01/2014 - 10:52:42 ---A- - C:\Windows\Prefetch\NGEN.EXE-A8DBB043.pf
O45 - LFCP:[MD5.9876679ED8F48750A4884C00FFC4144B] - 08/01/2014 - 10:52:50 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-D593A5D9.pf
O45 - LFCP:[MD5.7404F5314BA348F31AD7ECD56E563F27] - 09/01/2014 - 13:52:18 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-4A7CF88B.pf
O45 - LFCP:[MD5.F7F7783027F98FB5A6E8A6BFF88DA20D] - 09/01/2014 - 13:52:40 ---A- - C:\Windows\Prefetch\POQEXEC.EXE-43A49B23.pf
O45 - LFCP:[MD5.10E35194270A34478BA35CBD819D82C4] - 09/01/2014 - 13:56:06 ---A- - C:\Windows\Prefetch\IGFXTRAY.EXE-21BDFE68.pf
O45 - LFCP:[MD5.615FCA50AB830E869736B486832A0B1F] - 09/01/2014 - 13:56:13 ---A- - C:\Windows\Prefetch\MRT.EXE-07B7D631.pf
O45 - LFCP:[MD5.E339A5CFD7F61469E3BA4BBB023B3908] - 09/01/2014 - 13:56:40 ---A- - C:\Windows\Prefetch\INSTUP.EXE-E16D015F.pf
O45 - LFCP:[MD5.BB01591ADD7A33A1BCB2419098177C3D] - 09/01/2014 - 13:57:35 ---A- - C:\Windows\Prefetch\SRTASKS.EXE-29C2E869.pf
O45 - LFCP:[MD5.33660BB01DC9263E1B3FB6A04040FA88] - 09/01/2014 - 13:59:01 ---A- - C:\Windows\Prefetch\2C0B2C93-9F66-4D4C-AA3E-9FC9E-050ABA10.pf
O45 - LFCP:[MD5.5BF7865B16B4680E5EF573BA50B4365E] - 09/01/2014 - 13:59:12 ---A- - C:\Windows\Prefetch\1508D7FB-0324-4046-B5AF-EC84C-C6682719.pf
O45 - LFCP:[MD5.D103D6B34A3A44A4B422BC030B11F0A7] - 09/01/2014 - 13:59:15 ---A- - C:\Windows\Prefetch\REGSVR64.EXE-4FD717B0.pf
O45 - LFCP:[MD5.1B713333BCFF42F3E753C23ED9FF8DF1] - 09/01/2014 - 13:59:21 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-8D368B00.pf
O45 - LFCP:[MD5.977373D21909C3EF95635DFEB68729A7] - 09/01/2014 - 14:02:11 ---A- - C:\Windows\Prefetch\OLD-VISTHAUX.EXE-49364BE9.pf
O45 - LFCP:[MD5.CB16F62DB4141812BA742CC911754F66] - 09/01/2014 - 14:21:22 ---A- - C:\Windows\Prefetch\OFFDIAG.EXE-8AE4D533.pf
O45 - LFCP:[MD5.17227828073297DBE2A9DB90C302C5FB] - 09/01/2014 - 14:25:29 ---A- - C:\Windows\Prefetch\ODSERV.EXE-4B8FA052.pf
O45 - LFCP:[MD5.304191CAF6DC44D249B946B85292499F] - 09/01/2014 - 14:27:45 ---A- - C:\Windows\Prefetch\FILEHISTORY.EXE-982E7044.pf
O45 - LFCP:[MD5.F7FFE9E99979E2B9073FFE278C1F2A2F] - 09/01/2014 - 14:30:54 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-BAE57A74.pf
O45 - LFCP:[MD5.9BBB060B32E6485BBCF3A76EB990C999] - 09/01/2014 - 22:11:54 ---A- - C:\Windows\Prefetch\EPOWEREVENT.EXE-57DB0DA4.pf
O45 - LFCP:[MD5.FDBC139F85923AA44209721578C2D75F] - 12/01/2014 - 12:55:21 ---A- - C:\Windows\Prefetch\HKCMD.EXE-15DC91D5.pf
O45 - LFCP:[MD5.0047C2567B9D0A932C120523BCD9559B] - 12/01/2014 - 12:55:22 ---A- - C:\Windows\Prefetch\IGFXPERS.EXE-82C794F2.pf
O45 - LFCP:[MD5.5F385B105EA1353CDE1D923B6721A0A1] - 12/01/2014 - 12:55:24 ---A- - C:\Windows\Prefetch\RAVCPL64.EXE-C0BB540D.pf
O45 - LFCP:[MD5.F4517F8890FE95162BAA99FC2B07880A] - 12/01/2014 - 14:14:27 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-E874B0D0.pf
O45 - LFCP:[MD5.01D7FB854C226C6B342D53CC8EC34604] - 12/01/2014 - 14:14:31 ---A- - C:\Windows\Prefetch\AVASTEMUPDATE.EXE-0DD1597D.pf
O45 - LFCP:[MD5.B3D99075877B3914858BD189924D32FF] - 12/01/2014 - 14:14:33 ---A- - C:\Windows\Prefetch\MMDX64FX.EXE-4C9473D7.pf
O45 - LFCP:[MD5.4744112C83B19A8DB108F057C120C400] - 12/01/2014 - 14:14:34 ---A- - C:\Windows\Prefetch\IGFXEXT.EXE-B04096D5.pf
O45 - LFCP:[MD5.C59F4C542186C8AEEF11BCADD79A8CB5] - 12/01/2014 - 14:14:38 ---A- - C:\Windows\Prefetch\AVASTUI.EXE-DC11C262.pf
O45 - LFCP:[MD5.FA57357D59F7FAB390561B2F6EDF6AED] - 14/01/2014 - 18:44:59 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-3C40F7FB.pf
O45 - LFCP:[MD5.6631D4415ABC588343D3D7386C4D0EBE] - 14/01/2014 - 18:44:59 ---A- - C:\Windows\Prefetch\PLUS-HD-1.3-UPDATER.EXE-6695AE1D.pf =>Adware.PlusHD
O45 - LFCP:[MD5.7F28404561A63D84ACA032B38E5274FD] - 14/01/2014 - 18:44:59 ---A- - C:\Windows\Prefetch\SPOOLSV.EXE-AC422BB0.pf
O45 - LFCP:[MD5.88A2A481C0CFFEC3AE38737161B069CE] - 14/01/2014 - 18:44:59 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-D926A5CA.pf
O45 - LFCP:[MD5.44A05686B10131FCC0C1B8CAE6306518] - 14/01/2014 - 18:49:05 ---A- - C:\Windows\Prefetch\EPOWERSVC.EXE-76E124E6.pf
O45 - LFCP:[MD5.07D89D03D57315D720D50A9C77AD39B6] - 14/01/2014 - 18:49:05 ---A- - C:\Windows\Prefetch\IGFXSRVC.EXE-F41E6E8E.pf
O45 - LFCP:[MD5.A332CB7DCEF5F4ADF8DCA95B06C38D8A] - 14/01/2014 - 18:49:05 ---A- - C:\Windows\Prefetch\UNSECAPP.EXE-454AB5C0.pf
O45 - LFCP:[MD5.06FC097718CF585BE6EEF1EA47D45D4C] - 14/01/2014 - 19:04:45 ---A- - C:\Windows\Prefetch\ETDCTRLHELPER.EXE-6A174316.pf
O45 - LFCP:[MD5.8F717117F8EBCD44D1D2BB219C9F065D] - 14/01/2014 - 19:04:45 ---A- - C:\Windows\Prefetch\RELPOST.EXE-AC41CDAF.pf
O45 - LFCP:[MD5.A2A5834739F3FF4717300C5710C925F9] - 14/01/2014 - 19:04:45 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-DACB5D4F.pf
O45 - LFCP:[MD5.75B77DB23481A5C0275817AF6ED608C5] - 14/01/2014 - 19:04:45 ---A- - C:\Windows\Prefetch\THUMBNAILEXTRACTIONHOST.EXE-C3FB8861.pf
O45 - LFCP:[MD5.C602B7DDF918627D229C536B11451A43] - 14/01/2014 - 19:06:45 ---A- - C:\Windows\Prefetch\CACAONEWD9F773.EXE-40C6D2B0.pf =>PUP.CacaoWeb
O45 - LFCP:[MD5.22D6CD546F45528558B560CDD175B4CB] - 14/01/2014 - 19:07:21 ---A- - C:\Windows\Prefetch\CACAOWEB.EXE-CEB953E8.pf =>PUP.CacaoWeb
O45 - LFCP:[MD5.D9C7505A41C7C86571A444F20DF1D364] - 14/01/2014 - 19:28:10 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.0D457A232A64E909009FBDC3494EA2C1] - 14/01/2014 - 19:33:49 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.ADAF74EAC7F398BECEA69948FA0E266D] - 14/01/2014 - 19:34:43 ---A- - C:\Windows\Prefetch\AVASTBCL-SFX.EXE-7A14434F.pf
O45 - LFCP:[MD5.DA257A803B9888F3445BBE94B60E00F9] - 14/01/2014 - 19:34:43 ---A- - C:\Windows\Prefetch\BROWSERCLEANUP.EXE-8CD2CD58.pf
O45 - LFCP:[MD5.FE7A5C9C6431382F7E423B6F5B142402] - 14/01/2014 - 19:38:00 ---A- - C:\Windows\Prefetch\CONTROL.EXE-5BCB0217.pf
O45 - LFCP:[MD5.3EE1D67F4F227DE8FAD3BF36E27E2823] - 14/01/2014 - 19:38:38 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-7242160E.pf
O45 - LFCP:[MD5.37C7C507279E8D13A97C6ABC36CF5D57] - 14/01/2014 - 19:38:38 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-E4BCDBFE.pf
O45 - LFCP:[MD5.1550A930016C4FABE4B9A28297B32F63] - 14/01/2014 - 19:38:45 ---A- - C:\Windows\Prefetch\AU_.EXE-1B01C356.pf
O45 - LFCP:[MD5.CEC7A52528366109C8DF67CEC887F182] - 14/01/2014 - 19:39:12 ---A- - C:\Windows\Prefetch\MUILINK.EXE-7887ADEF.pf
O45 - LFCP:[MD5.2589A9B57B934E4FCF709023511CA492] - 14/01/2014 - 19:39:20 ---A- - C:\Windows\Prefetch\GAMESAPPINTEGRATIONSERVICE.EX-D44D8C89.pf
O45 - LFCP:[MD5.32F76E876DF71B54F8FC40736D1D0BF9] - 14/01/2014 - 19:39:20 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-D50DC528.pf
O45 - LFCP:[MD5.90395D3A5ED88A14BE7D70AD8C3FBF52] - 14/01/2014 - 19:39:22 ---A- - C:\Windows\Prefetch\WTAPP_PROTOCOLHANDLER.EXE-021E5BCD.pf
O45 - LFCP:[MD5.4EB0DF00D0F5FCB467F210FC3A6F5B22] - 14/01/2014 - 19:39:25 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-E212EBE5.pf
O45 - LFCP:[MD5.BE06E0830D3306A0CDDC6B95514C91E0] - 14/01/2014 - 19:40:17 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-7AD13FAD.pf
O45 - LFCP:[MD5.54F5C43D8244FFC4390F338C20D070E4] - 14/01/2014 - 19:40:18 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-FA97D9B9.pf
O45 - LFCP:[MD5.27D61CFE7BC528D1D1F438D472EE8710] - 14/01/2014 - 19:41:43 ---A- - C:\Windows\Prefetch\GAME.DAT-81362BDD.pf
O45 - LFCP:[MD5.1B907AD3E548A5FAA203BD0F85CAFCB3] - 14/01/2014 - 19:41:43 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-FB09BA72.pf
O45 - LFCP:[MD5.A92CBA84401A769D682C127353938CB5] - 14/01/2014 - 19:41:43 ---A- - C:\Windows\Prefetch\TOUCHPOINTS.DAT-2939A083.pf
O45 - LFCP:[MD5.5A15C0C9D1F4C2106C8026C23DA56265] - 14/01/2014 - 19:41:43 ---A- - C:\Windows\Prefetch\UNINSTALL.DAT-2C4BEB3D.pf
O45 - LFCP:[MD5.0595F4BC6B73D219F4BA9F3B72638D11] - 14/01/2014 - 19:41:43 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-A19372CB.pf
O45 - LFCP:[MD5.DE96323C701A7BE30276AA887A2F0B2C] - 14/01/2014 - 19:41:43 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-AD6DBE7F.pf
O45 - LFCP:[MD5.95C9CD55B0E72BDD77D96D29C6903830] - 14/01/2014 - 19:42:39 ---A- - C:\Windows\Prefetch\GAME.DAT-99D9B6CB.pf
O45 - LFCP:[MD5.25E0C3C5AE2379FC65724DA580996D5F] - 14/01/2014 - 19:42:39 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-7984D480.pf
O45 - LFCP:[MD5.AAB78229F11CBCB8E2D628A74C4BFD8A] - 14/01/2014 - 19:42:39 ---A- - C:\Windows\Prefetch\TOUCHPOINTS.DAT-4FFBD3A1.pf
O45 - LFCP:[MD5.F3AD156BD9090F10B545B8084987B6C3] - 14/01/2014 - 19:42:44 ---A- - C:\Windows\Prefetch\UNINSTALL.DAT-A0B5A03B.pf
O45 - LFCP:[MD5.B5A3D11102C5EEDB14EF6E280A986E86] - 14/01/2014 - 19:42:52 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-53053035.pf
O45 - LFCP:[MD5.6BC3F0000445A2B2738653B3675E3ECE] - 14/01/2014 - 19:42:55 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-BC5DEA73.pf
O45 - LFCP:[MD5.A2C5EAEF7924DF3176F46C511A0D628C] - 14/01/2014 - 19:43:26 ---A- - C:\Windows\Prefetch\GAME.DAT-5B81F525.pf
O45 - LFCP:[MD5.7B7C26A3DED3D48E90EAA1FA8133501A] - 14/01/2014 - 19:43:45 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-7FC4F73A.pf
O45 - LFCP:[MD5.662B9E0B1F05228776135F4785D251AF] - 14/01/2014 - 19:43:51 ---A- - C:\Windows\Prefetch\TOUCHPOINTS.DAT-016D910B.pf
O45 - LFCP:[MD5.CE78AD03F07C7E636235A629F9E92166] - 14/01/2014 - 19:43:51 ---A- - C:\Windows\Prefetch\UNINSTALL.DAT-3DA5A445.pf
O45 - LFCP:[MD5.74EC27E36574177040E640C8E5F4F699] - 14/01/2014 - 19:44:07 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-18FF1A0C.pf
O45 - LFCP:[MD5.913989AFB8CFBB994EA75E01BDB03913] - 14/01/2014 - 19:44:08 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-D4E8D7B2.pf
O45 - LFCP:[MD5.5B70DB22331BFD30084B47BB922A81A6] - 14/01/2014 - 19:44:42 ---A- - C:\Windows\Prefetch\GAME.DAT-BD04FDA4.pf
O45 - LFCP:[MD5.3D2E4DD587F8D2DB7FEBFB723A370EE6] - 14/01/2014 - 19:45:56 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-070F5EC9.pf
O45 - LFCP:[MD5.4CD02F7CB403FFAE250536B4000FACF7] - 14/01/2014 - 19:45:56 ---A- - C:\Windows\Prefetch\TOUCHPOINTS.DAT-C7677AE2.pf
O45 - LFCP:[MD5.F639C46F2885E530C2713853EB003449] - 14/01/2014 - 19:45:56 ---A- - C:\Windows\Prefetch\UNINSTALL.DAT-5911138C.pf
O45 - LFCP:[MD5.782F0A9DF17C7D2B79CF8A2C03D09E91] - 14/01/2014 - 19:45:56 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-22DABB4C.pf
O45 - LFCP:[MD5.24D94A70B20FD0B126A8800784ED9DAB] - 14/01/2014 - 19:45:56 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-E5610533.pf
O45 - LFCP:[MD5.C7E3BD4FBFD78E3E63BD516ACE9CC0B2] - 14/01/2014 - 19:46:05 ---A- - C:\Windows\Prefetch\GAME.DAT-6E3D9CE4.pf
O45 - LFCP:[MD5.3FAB8D193725432F65CDC28E4EA518A6] - 14/01/2014 - 19:46:36 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-E6EB4A09.pf
O45 - LFCP:[MD5.904F641B1BE1C9BEF597FB37A9EF0BFF] - 14/01/2014 - 19:46:39 ---A- - C:\Windows\Prefetch\TOUCHPOINTS.DAT-D1431C22.pf
O45 - LFCP:[MD5.71BF52870DB60A804C1CF33EAB8214C6] - 14/01/2014 - 19:46:54 ---A- - C:\Windows\Prefetch\UNINSTALL.DAT-54D4C8CC.pf
O45 - LFCP:[MD5.239AE78078B15DF8B340911FF98CDA5E] - 14/01/2014 - 19:46:55 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-A91F6F00.pf
O45 - LFCP:[MD5.0ED1D03EC6D022984AC96BBDCE176A7E] - 14/01/2014 - 19:46:58 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-E62C33A0.pf
O45 - LFCP:[MD5.A6A34DC14611D0A04EC0453AE4047070] - 14/01/2014 - 19:47:28 ---A- - C:\Windows\Prefetch\GAME.DAT-6D4FF778.pf
O45 - LFCP:[MD5.03A1EF9E71B9F6B880F1B8DBC9A63E6A] - 14/01/2014 - 19:47:57 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-D52A6F5D.pf
O45 - LFCP:[MD5.9F121F8EB7B30F8236AFDBC2FC60FAA8] - 14/01/2014 - 19:47:57 ---A- - C:\Windows\Prefetch\TOUCHPOINTS.DAT-5787CFD6.pf
O45 - LFCP:[MD5.B4396D50EF01A315BAB5EDF9B99D0267] - 14/01/2014 - 19:47:57 ---A- - C:\Windows\Prefetch\UNINSTALL.DAT-13D697C0.pf
O45 - LFCP:[MD5.7C318FEE7E0CAA5836B3E55FAB34B82B] - 14/01/2014 - 19:48:06 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-ADCFCC76.pf
O45 - LFCP:[MD5.E171702AD1A4D39D8A2E35C3AC144DBB] - 14/01/2014 - 19:48:08 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-06CF02C6.pf
O45 - LFCP:[MD5.6A4AB6E3981CC9D7AA941340303EE56F] - 14/01/2014 - 19:48:39 ---A- - C:\Windows\Prefetch\GAME.DAT-7DB2A8FE.pf
O45 - LFCP:[MD5.B87C9FFF60C48FDD570F9282C5165664] - 14/01/2014 - 19:48:57 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-46231E83.pf
O45 - LFCP:[MD5.677528318B4DD224D07C517164A51F3F] - 14/01/2014 - 19:49:00 ---A- - C:\Windows\Prefetch\TOUCHPOINTS.DAT-5C382D4C.pf
O45 - LFCP:[MD5.79D2E519EC344A56BBE884F58975A919] - 14/01/2014 - 19:49:02 ---A- - C:\Windows\Prefetch\UNINSTALL.DAT-16875C96.pf
O45 - LFCP:[MD5.077EC4332B52AF390527188572B168C1] - 14/01/2014 - 19:49:15 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-8D27288E.pf
O45 - LFCP:[MD5.7B2C22F84B30F9CCA32E9C4D1598EB67] - 14/01/2014 - 19:49:16 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-654D58DF.pf
O45 - LFCP:[MD5.232A71AC39E188DBFD32323CDD8E3062] - 14/01/2014 - 19:49:45 ---A- - C:\Windows\Prefetch\GAME.DAT-CD5E4B56.pf
O45 - LFCP:[MD5.521613FEEB33F25856914E7BD45A8057] - 14/01/2014 - 19:49:47 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-F0BB335B.pf
O45 - LFCP:[MD5.D214FF98B4B2A7A6C45DF0D0AB2F5EB3] - 14/01/2014 - 19:50:12 ---A- - C:\Windows\Prefetch\TOUCHPOINTS.DAT-3B8F8964.pf
O45 - LFCP:[MD5.81D33CF05E170201234C4A8A501AD1E8] - 14/01/2014 - 19:50:12 ---A- - C:\Windows\Prefetch\UNINSTALL.DAT-A624BA2E.pf
O45 - LFCP:[MD5.A98A5CF86CCE67B8DD2A4154BBBFD0B1] - 14/01/2014 - 19:50:23 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-5845444C.pf
O45 - LFCP:[MD5.EEA410A0D2123AB2718FB9D4BA079261] - 14/01/2014 - 19:50:25 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-ED3204F2.pf
O45 - LFCP:[MD5.7728417B222E2B610D01AE2729AE174B] - 14/01/2014 - 19:50:57 ---A- - C:\Windows\Prefetch\GAME.DAT-2F027DE4.pf
O45 - LFCP:[MD5.B13A08D6B4F41DF3E6018D192628B627] - 14/01/2014 - 19:51:14 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-E1DB1B09.pf
O45 - LFCP:[MD5.B82A8524DE5F8F1DB3AD7F7992AF0971] - 14/01/2014 - 19:51:18 ---A- - C:\Windows\Prefetch\TOUCHPOINTS.DAT-06ADA522.pf
O45 - LFCP:[MD5.07A512E032607D5FE627F2BDEA636645] - 14/01/2014 - 19:51:21 ---A- - C:\Windows\Prefetch\UNINSTALL.DAT-AEFFE1CC.pf
O45 - LFCP:[MD5.25522CC42DF1FCDD59CBD9D11AE3161D] - 14/01/2014 - 19:51:26 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-807945D6.pf
O45 - LFCP:[MD5.778C5B505C882A7E95229E3944027A5E] - 14/01/2014 - 19:51:38 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-8B9FDAD5.pf
O45 - LFCP:[MD5.9EA51524B153D5ED4200E64F9503F8B1] - 14/01/2014 - 19:51:41 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-AD5C1ABB.pf
O45 - LFCP:[MD5.DD611A5E752113E0B55237C0098E2DD2] - 14/01/2014 - 19:52:26 ---A- - C:\Windows\Prefetch\GAME.DAT-1AE68EC5.pf
O45 - LFCP:[MD5.42B3086DB8B8FB39CCA46DC9A5FC66C4] - 14/01/2014 - 19:52:44 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-363096DA.pf
O45 - LFCP:[MD5.5C6F1768054568237BA33AE38D917E89] - 14/01/2014 - 19:52:55 ---A- - C:\Windows\Prefetch\TOUCHPOINTS.DAT-3A083BAB.pf
O45 - LFCP:[MD5.327455CD04819234D3F22AB6E00795B1] - 14/01/2014 - 19:52:55 ---A- - C:\Windows\Prefetch\UNINSTALL.DAT-6AF1F8E5.pf
O45 - LFCP:[MD5.C715D0BAAB395E02AED9974DDFA7A002] - 14/01/2014 - 19:53:11 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-6CB22DD5.pf
O45 - LFCP:[MD5.0B5E1BE25EAC306CF0F9E25D146B29FE] - 14/01/2014 - 19:53:14 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-87085537.pf
O45 - LFCP:[MD5.F14A12056026E848DB0028F928F2D3E1] - 14/01/2014 - 19:53:53 ---A- - C:\Windows\Prefetch\GAME.DAT-115D29C5.pf
O45 - LFCP:[MD5.8DEB865342F6E19576BFBEA1E3A535AD] - 15/01/2014 - 11:23:35 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-9BE081DA.pf
O45 - LFCP:[MD5.8AE4F3513DC3FA865DD9434C8F4B5469] - 15/01/2014 - 11:28:09 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4013745662-1720046193-3924850484-1001.db
O45 - LFCP:[MD5.7FED34B1C40B780BCEE137FB88BB300D] - 15/01/2014 - 11:28:09 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-4013745662-1720046193-3924850484-1001.db
O45 - LFCP:[MD5.5960C797F3CB1DD3614CC5AD9B49F235] - 15/01/2014 - 11:33:40 ---A- - C:\Windows\Prefetch\AgCx_SC2.db
O45 - LFCP:[MD5.4C5AD914B479E2FA9B45D23472CFE226] - 18/01/2014 - 23:31:14 ---A- - C:\Windows\Prefetch\ATH_WLANAGENT.EXE-920A5F75.pf
O45 - LFCP:[MD5.E364FBF2B784AA1048DC3FB5B28BCFA0] - 18/01/2014 - 23:31:14 ---A- - C:\Windows\Prefetch\DKRUN32.EXE-8583E6AC.pf
O45 - LFCP:[MD5.14E10FAA3B8E11CA3C15622CADD79F1F] - 18/01/2014 - 23:31:14 ---A- - C:\Windows\Prefetch\LMANAGER.EXE-49876884.pf
O45 - LFCP:[MD5.DC211B50995CCB4BB732C4DB3B715433] - 18/01/2014 - 23:31:14 ---A- - C:\Windows\Prefetch\RFBTNSVC64.EXE-4CA3F3BE.pf
O45 - LFCP:[MD5.66F336506DDA5BB1A648BD0547FF5270] - 18/01/2014 - 23:31:14 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-EF8503D3.pf
O45 - LFCP:[MD5.23930077BE12DFC337C7F8996C66273C] - 18/01/2014 - 23:31:14 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-3BF9CDB0.pf
O45 - LFCP:[MD5.DF521EC91A0FF49F0F46FE4040D300E3] - 18/01/2014 - 23:32:24 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-05B3EDF6.pf
O45 - LFCP:[MD5.519AEAC8CBB0D0A880D981557134A0E1] - 18/01/2014 - 23:32:24 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-F2C7AEBC.pf
O45 - LFCP:[MD5.B681E7FCF1E10A90BBD7728BFAD1328B] - 18/01/2014 - 23:32:35 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-7779B832.pf
O45 - LFCP:[MD5.90AA4D8AF7D563135DADA0AA5A00E7B5] - 18/01/2014 - 23:32:41 ---A- - C:\Windows\Prefetch\DASHOST.EXE-38AAABF0.pf
O45 - LFCP:[MD5.E6504794DEE809C4089D38E6251DC22D] - 18/01/2014 - 23:32:46 ---A- - C:\Windows\Prefetch\INSTUP.EXE-3AF05CB9.pf
O45 - LFCP:[MD5.CBB51AEE4C2EE1E0AF0C22785C36309F] - 18/01/2014 - 23:34:17 ---A- - C:\Windows\Prefetch\FLASHUTIL_ACTIVEX.EXE-4E6AE223.pf
O45 - LFCP:[MD5.69B8C522EC2AA2B1B591EC84368A7B81] - 18/01/2014 - 23:35:02 ---A- - C:\Windows\Prefetch\WERMGR.EXE-A349767A.pf
O45 - LFCP:[MD5.ABAAE6D9DDC638B425F5490585B0B40F] - 18/01/2014 - 23:35:18 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-8DD14920.pf
O45 - LFCP:[MD5.955BBB3E51AE226314D97685DC17E02F] - 18/01/2014 - 23:38:09 ---A- - C:\Windows\Prefetch\DEVICEFASTLANEEVENT.EXE-0D33B9ED.pf
O45 - LFCP:[MD5.0B77FA0475D833698BF1590948A0AE8D] - 18/01/2014 - 23:38:09 ---A- - C:\Windows\Prefetch\DEVICEFASTLANESVC.EXE-E86CADBF.pf
O45 - LFCP:[MD5.2E0585E49085970D6194A9A386305C8E] - 18/01/2014 - 23:38:09 ---A- - C:\Windows\Prefetch\DEVICEFASTLANEUI.EXE-CF5A78A9.pf
O45 - LFCP:[MD5.F99DEA7DB05C2836E76097C047C542A3] - 18/01/2014 - 23:38:35 ---A- - C:\Windows\Prefetch\GFXUI.EXE-2E721AA9.pf
O45 - LFCP:[MD5.04A4B4B1617FEDC9F0571883D8DE53E8] - 18/01/2014 - 23:45:20 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-37BED555.pf
O45 - LFCP:[MD5.6E232511ED36F7931DC471B692D88DE9] - 18/01/2014 - 23:45:21 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-915425C1.pf
O45 - LFCP:[MD5.67265EE9E5DD6FA68A26331278F6732F] - 18/01/2014 - 23:47:06 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-86395D58.pf
O45 - LFCP:[MD5.5AA91E74CD28D5DBE1AB6EBEC9F0B737] - 18/01/2014 - 23:47:14 ---A- - C:\Windows\Prefetch\MSDT.EXE-A16F1692.pf
O45 - LFCP:[MD5.F4C1DE4C68300A82F18B86D0B5C17932] - 18/01/2014 - 23:47:17 ---A- - C:\Windows\Prefetch\SDIAGNHOST.EXE-D8BC1DC6.pf
O45 - LFCP:[MD5.F15ADE2310969D3D3B320DF3EE1B98D5] - 18/01/2014 - 23:49:48 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-6F45D74E.pf
O45 - LFCP:[MD5.0712BE55BE40BD52D4656CAFB78A8344] - 18/01/2014 - 23:49:53 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-8329E055.pf
O45 - LFCP:[MD5.15254211D793B2DFB43313CC74605623] - 18/01/2014 - 23:50:49 ---A- - C:\Windows\Prefetch\IPCONFIG.EXE-EEA91845.pf
O45 - LFCP:[MD5.1BEE172FF57278475D33F49CE619EF95] - 18/01/2014 - 23:51:02 ---A- - C:\Windows\Prefetch\ROUTE.EXE-C5FB9965.pf
O45 - LFCP:[MD5.DE29CC5808B9A14205267663EC6393F6] - 18/01/2014 - 23:51:08 ---A- - C:\Windows\Prefetch\RECOVERYDRIVE.EXE-0EE8638F.pf
O45 - LFCP:[MD5.7CB41F2ED1E1C30898F8F8A9B628502E] - 18/01/2014 - 23:51:37 ---A- - C:\Windows\Prefetch\ASWOFFERTOOL.EXE-4EF92049.pf
O45 - LFCP:[MD5.05A289AADE010B6620B002F8B8F966E5] - 18/01/2014 - 23:51:43 ---A- - C:\Windows\Prefetch\DELEGATE_EXECUTE.EXE-09EF6B82.pf
O45 - LFCP:[MD5.0FC4B14EA047E7E2F3AECB0DABC4D27A] - 18/01/2014 - 23:51:52 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3F4.pf
O45 - LFCP:[MD5.862D0ECC33D1F918EFC945DD204724D7] - 18/01/2014 - 23:52:44 ---A- - C:\Windows\Prefetch\WBENGINE.EXE-86775975.pf
O45 - LFCP:[MD5.6B5BE72589F7A157126BF2F20DD07C21] - 18/01/2014 - 23:53:03 ---A- - C:\Windows\Prefetch\RSTRUI.EXE-F76EBF17.pf
O45 - LFCP:[MD5.158F8068C9D849E27E9F67F0C5A9037B] - 18/01/2014 - 23:53:04 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-BB49B536.pf
O45 - LFCP:[MD5.0B8C479C007D21EECEF483C5292F7EAE] - 18/01/2014 - 23:53:36 ---A- - C:\Windows\Prefetch\MAKECAB.EXE-E962779E.pf
O45 - LFCP:[MD5.61D30AC25D7871245A567FB153331409] - 18/01/2014 - 23:55:33 ---A- - C:\Windows\Prefetch\WERMGR.EXE-D948C216.pf
O45 - LFCP:[MD5.0F06DC2F835CDDED2B718DA636BC1FD4] - 18/01/2014 - 23:56:54 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B865F023.pf
O45 - LFCP:[MD5.82FEB9CC1B32C68DCC48047A25A00809] - 18/01/2014 - 23:56:54 ---A- - C:\Windows\Prefetch\SYSTEMSETTINGS.EXE-D8CC3B5E.pf
O45 - LFCP:[MD5.4499CD0CA7325656C84C01F70983A1D9] - 18/01/2014 - 23:57:18 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-214598FD.pf
O45 - LFCP:[MD5.B70E01D8284E4A9D9A9564BAB37DDC1B] - 18/01/2014 - 23:57:55 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-94CE7668.pf
O45 - LFCP:[MD5.591625A868F9154B3DB70CA2F53285A9] - 18/01/2014 - 23:59:07 ---A- - C:\Windows\Prefetch\MMC.EXE-787EFBBC.pf
O45 - LFCP:[MD5.FD7EF3EB2BBF077C34FCCEDB5FD45E85] - 18/01/2014 - 23:59:55 ---A- - C:\Windows\Prefetch\HELPPANE.EXE-5A92E3D5.pf
O45 - LFCP:[MD5.5F71BEC548F4771EBD7A5D7A54D1A526] - 19/01/2014 - 00:03:03 ---A- - C:\Windows\Prefetch\SYSTEMPROPERTIESPROTECTION.EX-9E926287.pf
O45 - LFCP:[MD5.C1ADF03C2ED1D8BCD05806141912FE7D] - 19/01/2014 - 00:03:04 ---A- - C:\Windows\Prefetch\VSSVC.EXE-206E55B3.pf
O45 - LFCP:[MD5.702EDB60FF63F597476EFDBC0DA52757] - 19/01/2014 - 00:03:10 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-574A519D.pf
O45 - LFCP:[MD5.ABB873515570720ACD68EC330C7BBAFA] - 19/01/2014 - 00:07:48 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-BD0DD634.pf
O45 - LFCP:[MD5.C9F8F1607EF36150E404847D648D2FCF] - 19/01/2014 - 00:07:57 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.2B119C7EDD8FD17078B31986C51804C1] - 19/01/2014 - 00:07:58 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.E7C8BB7B5B801DFCCEF79FDD1C1EF06C] - 19/01/2014 - 00:08:29 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.45122C85F6219A02E68A796E0B091EC6] - 19/01/2014 - 00:08:29 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.07CDE813AD7EEEC2077343DD367ED6C5] - 19/01/2014 - 00:08:49 ---A- - C:\Windows\Prefetch\RECDISC.EXE-BB25A273.pf
O45 - LFCP:[MD5.8DEA899C29B294262EDD7D00F628E8EB] - 19/01/2014 - 00:09:54 ---A- - C:\Windows\Prefetch\SETAPM.EXE-9D9BA1F2.pf
O45 - LFCP:[MD5.282337D4168AEE36116316C95E82B6C9] - 19/01/2014 - 00:10:18 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EE2FB4D9.pf
O45 - LFCP:[MD5.607AD3CDC7FED4C961D831242A4446FF] - 19/01/2014 - 00:13:28 ---A- - C:\Windows\Prefetch\COMPMGMTLAUNCHER.EXE-726206F8.pf
O45 - LFCP:[MD5.B5726EB5398A87742F9767C07C424561] - 19/01/2014 - 00:13:28 ---A- - C:\Windows\Prefetch\MMC.EXE-D8BF067A.pf
O45 - LFCP:[MD5.E1DC2E4C0014DFF1041164BEDAEF293B] - 19/01/2014 - 00:13:28 ---A- - C:\Windows\Prefetch\VDS.EXE-F11BF333.pf
O45 - LFCP:[MD5.C2E435E3216C2042C433D9E7FADFF53C] - 19/01/2014 - 00:13:28 ---A- - C:\Windows\Prefetch\VDSLDR.EXE-35269815.pf
O45 - LFCP:[MD5.5EB729EADF801F56C1B8F30273D049C5] - 19/01/2014 - 00:16:12 ---A- - C:\Windows\Prefetch\UPDATE~1.EXE-71A3AC66.pf
O45 - LFCP:[MD5.BDBFC8143408ED8BEC2337AD6343A11F] - 19/01/2014 - 00:20:42 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-7D20CFB0.pf
O45 - LFCP:[MD5.53F3654F4094F569D22C79576F9F2F95] - 19/01/2014 - 00:21:24 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-29D61DAB.pf
O45 - LFCP:[MD5.F20CAD53DD681DC1C469630811A0F3AA] - 19/01/2014 - 00:24:37 ---A- - C:\Windows\Prefetch\EPOWERBUTTON.EXE-80D380BE.pf
O45 - LFCP:[MD5.5FC274BAB5E55B803F86D0F4E2DE7127] - 19/01/2014 - 00:25:24 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-E35F76FB.pf
O45 - LFCP:[MD5.201BD8027BC6ABB5580BADD48701D36B] - 19/01/2014 - 00:25:33 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-B0E2D755.pf
O45 - LFCP:[MD5.E297D452EEE38B5AD693CAEEADDB3865] - 19/01/2014 - 00:26:11 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-B018CCBF.pf
O45 - LFCP:[MD5.F0C02928CADA97B9B8C16D9756B2C9DB] - 19/01/2014 - 00:26:13 ---A- - C:\Windows\Prefetch\TIWORKER.EXE-375F3D59.pf
O45 - LFCP:[MD5.D0636605A464EE38BC40DCBDB30D18DB] - 19/01/2014 - 00:26:39 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.6114705E55F133F10BE2B0C8EC64CECB] - 19/01/2014 - 11:39:54 ---A- - C:\Windows\Prefetch\ETDCTRL.EXE-91BAE8DE.pf
O45 - LFCP:[MD5.E121A2787058BB846F807AFF09311584] - 19/01/2014 - 11:39:54 ---A- - C:\Windows\Prefetch\ETDSERVICE.EXE-1791FC1A.pf
O45 - LFCP:[MD5.2045842A55142603DB8CB273F9E742A1] - 19/01/2014 - 11:39:54 ---A- - C:\Windows\Prefetch\HECISERVER.EXE-AD396A6A.pf
O45 - LFCP:[MD5.D42FB5DFDF22BB806DD6D221A32CAECE] - 19/01/2014 - 11:39:54 ---A- - C:\Windows\Prefetch\JHI_SERVICE.EXE-9CD021CB.pf
O45 - LFCP:[MD5.BCCC7EC83341EFB0BAFF2F512A41A717] - 19/01/2014 - 11:39:54 ---A- - C:\Windows\Prefetch\LMUTILPS32.EXE-9827F12C.pf
O45 - LFCP:[MD5.9951ABE46FA1655DA99E3C228D074570] - 19/01/2014 - 11:39:59 ---A- - C:\Windows\Prefetch\AVBUGREPORT.EXE-E4EA699E.pf
O45 - LFCP:[MD5.230F28F27106136D0001A8BEBF7AE7B9] - 19/01/2014 - 11:40:02 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6AA5D6C5.pf
O45 - LFCP:[MD5.B70C37E0D1830811DB1AF0741F914A1D] - 19/01/2014 - 11:40:03 ---A- - C:\Windows\Prefetch\PLUS-HD-1.3-BUTTONUTIL64.EXE-8C540340.pf =>Adware.PlusHD
O45 - LFCP:[MD5.FBCC0EF3B78240863531BF7A761529DE] - 19/01/2014 - 11:40:06 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf
O45 - LFCP:[MD5.5D1EED5D0228CC1C8A187BBCFCDE2220] - 19/01/2014 - 11:40:07 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf
O45 - LFCP:[MD5.3D4A76D4BFE8D5002EAA67A482B09585] - 19/01/2014 - 11:40:07 ---A- - C:\Windows\Prefetch\PLUS-HD-1.3-CODEDOWNLOADER.EX-442F55A6.pf =>Adware.PlusHD
O45 - LFCP:[MD5.3FB12512B8833E58861737527ACD1AF7] - 19/01/2014 - 11:40:09 ---A- - C:\Windows\Prefetch\PLUS-HD-1.3-BG.EXE-D6C3F4E1.pf =>Adware.PlusHD
O45 - LFCP:[MD5.75010CDC53EB41C9D91707BB1B23B8CA] - 19/01/2014 - 11:40:24 ---A- - C:\Windows\Prefetch\Op-EXPLORER.EXE-03C49D11-000000F5.pf
O45 - LFCP:[MD5.34E93ED2451CC92DFE2F05085974A785] - 19/01/2014 - 11:40:29 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C7028A70.pf
O45 - LFCP:[MD5.0BED0B5B239FD029D16ADBF1D1752A20] - 19/01/2014 - 11:40:45 ---A- - C:\Windows\Prefetch\DRVINST.EXE-26FFA444.pf
O45 - LFCP:[MD5.2108556531EAAB704735F844326F1BCB] - 19/01/2014 - 11:40:50 ---A- - C:\Windows\Prefetch\DSMUSERTASK.EXE-D4A83970.pf
O45 - LFCP:[MD5.0ED5F67F3B0692CFD81FE4DE7A648A9D] - 19/01/2014 - 11:40:54 ---A- - C:\Windows\Prefetch\WUDFHOST.EXE-0D78D366.pf
O45 - LFCP:[MD5.A3DD206CB3CE9D2A0A4BE996F4564BBB] - 19/01/2014 - 11:41:24 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-62E5E10F.pf
O45 - LFCP:[MD5.51A99E6A5F0AE7EF37520DFAD994B055] - 19/01/2014 - 11:41:30 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-6520183E.pf
O45 - LFCP:[MD5.D04F1C495FA21253C44ADD3ACD2AEF85] - 19/01/2014 - 11:41:35 ---A- - C:\Windows\Prefetch\RICONMAN.EXE-D63AD6B8.pf
O45 - LFCP:[MD5.E30B9255EC10CFE7CBB0321799197FE3] - 19/01/2014 - 11:41:36 ---A- - C:\Windows\Prefetch\LMS.EXE-409EDB07.pf
O45 - LFCP:[MD5.587B145F2145DE78D504E38C8FE7FE9D] - 19/01/2014 - 11:41:37 ---A- - C:\Windows\Prefetch\NASVC.EXE-314DC6C9.pf
O45 - LFCP:[MD5.973381A4830E832869D95A9FBB07775A] - 19/01/2014 - 11:41:40 ---A- - C:\Windows\Prefetch\UNS.EXE-9B1279FB.pf
O45 - LFCP:[MD5.33BA6682CCB4F0244164D3DA8CBB2F3F] - 19/01/2014 - 11:42:07 ---A- - C:\Windows\Prefetch\TASKHOSTEX.EXE-7356AAC0.pf
O45 - LFCP:[MD5.D0687A699D5D9B0675E7983DF868B74B] - 19/01/2014 - 11:42:13 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-985C34E6.pf
O45 - LFCP:[MD5.0805E00915CB9D7135C6C9433D4B7083] - 19/01/2014 - 11:42:17 ---A- - C:\Windows\Prefetch\CONSENT.EXE-2D674CE4.pf
O45 - LFCP:[MD5.85D61DF279494BBA9E7CA8C0CC550840] - 19/01/2014 - 11:42:27 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-7BBFAD0B.pf
O45 - LFCP:[MD5.15C3755EF31E88D45DFBC44824C28EBF] - 19/01/2014 - 11:42:28 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-9848A323.pf
O45 - LFCP:[MD5.20CDDD73C8299653CABAD4AE2E6F548E] - 19/01/2014 - 11:42:30 ---A- - C:\Windows\Prefetch\ASWRUNDLL.EXE-812C3585.pf
O45 - LFCP:[MD5.B945B5764E7A77093054F58ABA416E71] - 19/01/2014 - 11:42:36 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-10E4267C.pf
O45 - LFCP:[MD5.DDC9AC6AEA4CCB166E908693B023D38C] - 19/01/2014 - 11:42:36 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-C6CFE2A8.pf
O45 - LFCP:[MD5.88BBB9E066BA53E236A43D254D3AB3F9] - 19/01/2014 - 11:42:43 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-69C46368.pf
O45 - LFCP:[MD5.970C892C784D7834D1048D01504E03B4] - 19/01/2014 - 11:42:49 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50AF0BCC.pf
O45 - LFCP:[MD5.712EA29256165426E6DBEAE6083247C6] - 19/01/2014 - 11:42:55 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-A9D66020.pf
O45 - LFCP:[MD5.FBAAEAE3BF5D1126DFFB6A4574FEB4CD] - 19/01/2014 - 11:42:57 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-F3C56F15.pf
O45 - LFCP:[MD5.FB5802FB6AFD6B330ED5CB3A59AC17D3] - 19/01/2014 - 11:43:10 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-7D63BB4C.pf
O45 - LFCP:[MD5.CB6FE88C04331036B901FE47BE557310] - 19/01/2014 - 11:43:11 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-38926D07.pf
O45 - LFCP:[MD5.D0B1F8873C01BC5B1247C9A8C6592C56] - 19/01/2014 - 11:43:17 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-210D3DBE.pf
O45 - LFCP:[MD5.90E2B61CBA358A969E5E6A6A4DB19513] - 19/01/2014 - 11:43:49 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-5F2753B1.pf
O45 - LFCP:[MD5.649A7FC23496AC86FBC7EADB1E4AB461] - 19/01/2014 - 11:43:59 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-C7289479.pf
O45 - LFCP:[MD5.BE1F32E8DA09053716484197A35010F9] - 19/01/2014 - 11:44:35 ---A- - C:\Windows\Prefetch\CONHOST.EXE-F98A1078.pf
O45 - LFCP:[MD5.8CE4B022B49E9DA29D95E8A56F2860B3] - 19/01/2014 - 11:44:35 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-E9FF6526.pf
O45 - LFCP:[MD5.A2DF6143A8C107B7467D8E82F3492B18] - 19/01/2014 - 11:44:40 ---A- - C:\Windows\Prefetch\PV.EXE-D9D90B9C.pf
O45 - LFCP:[MD5.95917E64672FF33FB2688FC56F3A671F] - 19/01/2014 - 11:44:43 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-0C8A533A.pf
O45 - LFCP:[MD5.1C1BE830D14440B83F4C55C3D95588A0] - 19/01/2014 - 11:44:44 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-7B160CA5.pf
O45 - LFCP:[MD5.DD2A419958C5B089C3426F43E22AFF91] - 19/01/2014 - 11:44:50 ---A- - C:\Windows\Prefetch\CMD.EXE-2EB3E6E2.pf
O45 - LFCP:[MD5.26DA8445B2CCBD4342E12F0859DED0F3] - 19/01/2014 - 11:44:52 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-D08B2113.pf
O45 - LFCP:[MD5.16094D4CF11AB2F5E14E8A1089246D3F] - 19/01/2014 - 11:44:54 ---A- - C:\Windows\Prefetch\TASKENG.EXE-23205583.pf
O45 - LFCP:[MD5.4D9B2024C91B90BFBAB0109FAD42607C] - 19/01/2014 - 11:45:16 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-0AD36442.pf
O45 - LFCP:[MD5.03AE9A3AB7D6F12E6C6736706FBEBCEB] - 19/01/2014 - 11:45:32 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5B401A7E.pf
O45 - LFCP:[MD5.18CDE787FAE42DA41060F33690F9E311] - 22/12/2013 - 20:17:37 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-F7FB8768.pf
O45 - LFCP:[MD5.CA0560B406540B4EA02F7EBEAEAD4E94] - 24/12/2013 - 15:57:39 ---A- - C:\Windows\Prefetch\POWERPNT.EXE-6410969F.pf
O45 - LFCP:[MD5.B30D41C76AD51882ECCA9688CE19FAFA] - 30/12/2013 - 13:33:23 ---A- - C:\Windows\Prefetch\PHOTOFILTRE.EXE-714CEA23.pf
O45 - LFCP:[MD5.FF3741BA03007E8FEB29C652A49143F2] - 31/12/2013 - 18:29:50 ---A- - C:\Windows\Prefetch\BROWSERCLEANUP.EXE-78A9DC5D.pf
~ Prefetcher: 260 Scanned in 00mn 04s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{c6604dcf-7a2b-11e2-be6f-7054d24d1efa}\AutoRun\command. (...) -- E:\WD SmartWare.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 18 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ MWPE Keys: 3 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.4F18D4C7EA14F11A7211F60D553C03DB] - 26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [106736]
O58 - SDL:[MD5.93C6388592B99925C1D1576E465BC80F] - 26/07/2012 - 06:00:49 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [492272]
O58 - SDL:[MD5.D27763E0247292654E7F7D16444C7C72] - 26/07/2012 - 06:00:48 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [340720]
O58 - SDL:[MD5.67B90070FF48F794AF19F9FCF0080D75] - 26/07/2012 - 06:00:49 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [184048]
O58 - SDL:[MD5.35A0EB5AECB0FA3C41A2FB514A562304] - 26/07/2012 - 06:00:49 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [76016]
O58 - SDL:[MD5.00452671904F5EE94B50BF0219C97164] - 26/07/2012 - 06:00:49 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [258288]
O58 - SDL:[MD5.EA3FFE53E92E59C87E3ECA9BEB20D9B7] - 26/07/2012 - 06:00:48 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [26352]
O58 - SDL:[MD5.AF038FA3D3748B7595FE7096AD803696] - 07/12/2012 - 19:20:39 ---A- . (.Dritek System Inc. - PS/2 KB to HID Device Driver.) -- C:\Windows\System32\Drivers\aPs2Kb2Hid.sys [26736]
O58 - SDL:[MD5.E933401B392387F4BE34DE8BAF1722A7] - 26/07/2012 - 06:00:49 ---A- . (.PMC-Sierra, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [104688]
O58 - SDL:[MD5.07CA323EF2E8247A568AB0F3662AD644] - 26/07/2012 - 06:00:48 ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [108272]
O58 - SDL:[MD5.9C2BEA3957EFFD45F352F0938DFB3721] - 09/01/2014 - 13:58:54 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [78648]
O58 - SDL:[MD5.679712B7A353EE665B9301592164A172] - 08/12/2013 - 16:09:19 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [92544]
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 08/12/2013 - 16:09:20 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.52B5F8FAF7E78C02D26B0B6E3A05F596] - 09/01/2014 - 13:58:54 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [1034464]
O58 - SDL:[MD5.251360C2FCA22BAFE0583314B3262F98] - 09/01/2014 - 13:58:54 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswSP.sys [422216]
O58 - SDL:[MD5.AAB5F5336EDBB5D99CC7E1A9F4D8F63F] - 09/01/2014 - 13:59:14 ---A- . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\Drivers\aswstm.sys [79672]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 09/01/2014 - 13:58:54 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O58 - SDL:[MD5.F17ABC4AA1FE4989E812858261414FE5] - 01/08/2012 - 11:41:34 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athw8x.sys [3618304]
O58 - SDL:[MD5.87AB5BB072A3F128541D5B815F82FFDD] - 20/09/2012 - 08:55:24 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [533224]
O58 - SDL:[MD5.733A4767D59459282B55B6C780239F47] - 30/08/2012 - 10:05:12 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [318864]
O58 - SDL:[MD5.5AB97B3282D7D6114949D1EB5C8598E4] - 20/09/2012 - 08:55:27 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3265256]
O58 - SDL:[MD5.772A1DEEDFDBC244183B5C805D1B7D85] - 02/07/2012 - 08:16:02 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\HECIx64.sys [62784]
O58 - SDL:[MD5.64DB7A8D97CA53DCCF93D0A1E08342CF] - 26/07/2012 - 06:00:52 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [64752]
O58 - SDL:[MD5.0FE66A51D81A25AACEAAE4C26308121D] - 09/07/2012 - 13:43:12 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\Drivers\iaStorA.sys [645952]
O58 - SDL:[MD5.5E394EBD26FD68AA9300332C46BEDD62] - 26/07/2012 - 06:00:52 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [411888]
O58 - SDL:[MD5.A1CF07D24EDCDC6870535471654D957C] - 23/10/2012 - 04:37:42 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [5343584]
O58 - SDL:[MD5.24847A06B84339FEEDE5CABF3D27D320] - 26/07/2012 - 06:00:52 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [45296]
O58 - SDL:[MD5.F5495B38BFB9149925F54F65AB40EFBF] - 19/06/2012 - 00:40:50 ---A- . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [342528]
O58 - SDL:[MD5.E8394F7CA5107A61A60729CEA7A21FF6] - 21/06/2012 - 22:02:52 ---A- . (.Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet Controlle.) -- C:\Windows\System32\Drivers\L1C63x64.sys [110744]
O58 - SDL:[MD5.022CDD12161B063D7852B1075BF3FFF2] - 26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [108784]
O58 - SDL:[MD5.07AD59D669B996F29F91817F0ECFA34F] - 26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [92400]
O58 - SDL:[MD5.216FB796AA4E252ACCE93B1BCB80B5EC] - 26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [116976]
O58 - SDL:[MD5.5E80530AF37102488EE980B4A92AF99F] - 26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sss.sys [81136]
O58 - SDL:[MD5.DE5D0DD632EE6977979799DE64CE0951] - 29/11/2010 - 17:42:06 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [24152]
O58 - SDL:[MD5.9B0D829C3BE4E7472DB9DD2B79908E3C] - 26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys [51952]
O58 - SDL:[MD5.ECC3F54C7AFC318271C4F0B4606D8DB0] - 26/07/2012 - 06:00:52 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [353008]
O58 - SDL:[MD5.3A1E095277BBD406CEA8EA6B76950664] - 26/07/2012 - 06:00:55 ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\Drivers\mvumis.sys [64240]
O58 - SDL:[MD5.12DD2800E4EEA37DC9AE256AD62423B4] - 26/07/2012 - 06:00:55 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [52464]
O58 - SDL:[MD5.D6D34118263412D3AAA8348A9572B7F2] - 26/07/2012 - 06:00:55 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [150256]
O58 - SDL:[MD5.27AFC428D1D32ABD04A86763A4EDDEA9] - 26/07/2012 - 06:00:55 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [168176]
O58 - SDL:[MD5.DDC860724AEF8F8E42AC61E6585769C6] - 31/07/2012 - 11:10:34 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [4102928]
O58 - SDL:[MD5.7BFDFD1D2244B444D7BBC55087426518] - 04/07/2012 - 03:41:58 ---A- . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7/Win8.) -- C:\Windows\System32\Drivers\RtsPStor.sys [339600]
O58 - SDL:[MD5.A02C8EA09D5601FA0148739A95F31AEF] - 30/06/2012 - 03:00:53 ---A- . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driverr.) -- C:\Windows\System32\Drivers\rtwlane.sys [1119232]
O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 26/07/2012 - 09:11:43 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:[MD5.2560721D6F16D5B611C36A3A9D28C1B2] - 26/07/2012 - 06:00:55 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [44784]
O58 - SDL:[MD5.3AA8FDE1DBF65BB8B88B053529554A0D] - 26/07/2012 - 06:00:56 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [81648]
O58 - SDL:[MD5.0B3F6C8F93C5C25977EA5A8B2E656357] - 04/06/2013 - 08:15:02 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [103448]
O58 - SDL:[MD5.EA8F41484CCC5BA6A1455C2AD3D1BE3C] - 04/06/2013 - 08:15:00 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [203672]
O58 - SDL:[MD5.4E85355B94CFCB67C135F6521A4895A7] - 26/07/2012 - 06:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
O58 - SDL:[MD5.F5B4A14B00E89250C50982AC762DDD1D] - 26/07/2012 - 06:00:58 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [19184]
O58 - SDL:[MD5.38A60CD9C009C55C6D3B5586F8E6A353] - 26/07/2012 - 06:00:58 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [164080]
O58 - SDL:[MD5.A0F6FE0FC2F647C22BBFD6BD4249DBCC] - 26/07/2012 - 06:00:58 ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\Drivers\VSTXRAID.SYS [322800]
~ Drivers: 18 Scanned in 00mn 06s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 18/01/2014 - 11:46:06 ---A- . (...) -- C:\Users\Nanie\AppData\Local\CrashDumps\iexplore.exe(1).3272.dmp [2595132]
O61 - LFC: 18/01/2014 - 11:46:06 ---A- . (...) -- C:\Users\Nanie\AppData\Local\CrashDumps\iexplore.exe.3272.dmp [2656163]
O61 - LFC: 18/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Diagnostics\1158610846\2014011822.000\BF466898-CB2F-4C6F-ABCA-24429A33CCBE.Diagnose.0.etl [196608]
O61 - LFC: 18/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Diagnostics\1158610846\2014011822.000\NetworkConfiguration.cab [1786]
O61 - LFC: 18/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Diagnostics\1158610846\2014011822.000\results.xsl [49097]
O61 - LFC: 18/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Archived History [8019968]
O61 - LFC: 18/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Archived History-journal [16384]
O61 - LFC: 18/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Cookies [1077248]
O61 - LFC: 18/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal [16384]
O61 - LFC: 18/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Current Session [339]
O61 - LFC: 18/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Current Tabs [1025]
O61 - LFC: 18/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies [8192]
O61 - LFC: 18/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies-journal [6704]
O61 - LFC: 18/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT [16]
O61 - LFC: 18/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG [151]
O61 - LFC: 18/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old [151]
O61 - LFC: 18/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-001456 [1278]
O61 - LFC: 18/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extension State\CURRENT [16]
O61 - LFC: 18/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG [151]
O61 - LFC: 18/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-002265 [1146] =>.Google Inc
O61 - LFC: 18/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_hhlmghjmomaoodfgjeikphfdljhpcpkl_0\7 [28672] =>Adware.PlusHD
O61 - LFC: 18/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [5]
O61 - LFC: 18/01/2014 - 11:46:13 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Favicons [3592192]
O61 - LFC: 18/01/2014 - 11:46:13 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal [16384]
O61 - LFC: 18/01/2014 - 11:46:13 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT [16]
O61 - LFC: 18/01/2014 - 11:46:13 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG [148]
O61 - LFC: 18/01/2014 - 11:46:13 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000509 [160]
O61 - LFC: 18/01/2014 - 11:46:13 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0 [45056]
O61 - LFC: 18/01/2014 - 11:46:13 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1 [270336]
O61 - LFC: 18/01/2014 - 11:46:14 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\History [6246400]
O61 - LFC: 18/01/2014 - 11:46:14 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache [219356]
O61 - LFC: 18/01/2014 - 11:46:14 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\History-journal [16384]
O61 - LFC: 18/01/2014 - 11:46:14 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Last Session [1669]
O61 - LFC: 18/01/2014 - 11:46:14 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hhlmghjmomaoodfgjeikphfdljhpcpkl\CURRENT [16] =>Adware.PlusHD
O61 - LFC: 18/01/2014 - 11:46:14 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hhlmghjmomaoodfgjeikphfdljhpcpkl\LOG [267] =>Adware.PlusHD
O61 - LFC: 18/01/2014 - 11:46:14 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hhlmghjmomaoodfgjeikphfdljhpcpkl\MANIFEST-000679 [126] =>Adware.PlusHD
O61 - LFC: 18/01/2014 - 11:46:14 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gomekmidlodglbbmalcneegieacbdmki_0.localstorage [1502208]
O61 - LFC: 18/01/2014 - 11:46:14 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gomekmidlodglbbmalcneegieacbdmki_0.localstorage-journal [16384]
O61 - LFC: 18/01/2014 - 11:46:14 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage [494592] =>PUP.Elex
O61 - LFC: 18/01/2014 - 11:46:14 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage-journal [16384] =>PUP.Elex
O61 - LFC: 18/01/2014 - 11:46:14 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage [28672] =>Adware.MyWebSearch
O61 - LFC: 18/01/2014 - 11:46:14 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage-journal [16384] =>Adware.MyWebSearch
O61 - LFC: 18/01/2014 - 11:46:17 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor [237568]
O61 - LFC: 18/01/2014 - 11:46:17 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal [16384]
O61 - LFC: 18/01/2014 - 11:46:19 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Preferences [138679]
O61 - LFC: 18/01/2014 - 11:46:19 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\QuotaManager [15360]
O61 - LFC: 18/01/2014 - 11:46:19 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal [8768]
O61 - LFC: 18/01/2014 - 11:46:19 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Session Storage\002623.ldb [147]
O61 - LFC: 18/01/2014 - 11:46:19 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT [16]
O61 - LFC: 18/01/2014 - 11:46:19 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG [788]
O61 - LFC: 18/01/2014 - 11:46:19 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old [274]
O61 - LFC: 18/01/2014 - 11:46:19 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-002620 [735] =>.Google Inc
O61 - LFC: 18/01/2014 - 11:46:19 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Shortcuts [122880]
O61 - LFC: 18/01/2014 - 11:46:19 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal [16384]
O61 - LFC: 18/01/2014 - 11:46:19 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Top Sites [376832]
O61 - LFC: 18/01/2014 - 11:46:19 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal [16384]
O61 - LFC: 18/01/2014 - 11:46:19 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Visited Links [524192]
O61 - LFC: 18/01/2014 - 11:46:19 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Local State [53059]
O61 - LFC: 18/01/2014 - 11:46:20 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom_new [0]
O61 - LFC: 18/01/2014 - 11:46:20 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies [6144]
O61 - LFC: 18/01/2014 - 11:46:20 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal [4640]
O61 - LFC: 18/01/2014 - 11:46:20 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist_new [0]
O61 - LFC: 18/01/2014 - 11:46:20 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist_new [0]
O61 - LFC: 18/01/2014 - 11:46:20 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Safe Browsing Download_new [0]
O61 - LFC: 18/01/2014 - 11:46:20 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist_new [0]
O61 - LFC: 18/01/2014 - 11:46:25 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Temp\BF466898-CB2F-4C6F-ABCA-24429A33CCBE.Diagnose.0.etl [196608]
O61 - LFC: 19/01/2014 - 11:46:06 ---A- . (...) -- C:\Users\Nanie\AppData\Local\CrashDumps\iexplore.exe.4928.dmp [3002888]
O61 - LFC: 19/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Diagnostics\1158610846\2014011822.000\NetworkDiagnostics.debugreport.xml [73723]
O61 - LFC: 19/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Diagnostics\1158610846\2014011822.000\ResultReport.xml [41735]
O61 - LFC: 19/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Diagnostics\1158610846\2014011822.000\results.xml [556]
O61 - LFC: 19/01/2014 - 11:46:07 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Diagnostics\1158610846\latest.cab [22518]
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\background.html [1567] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\crossriderManifest.json [738] =>PUP.CrossRider
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\manifest.xml [1728] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\101_cortica_m.js [743] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\102_dealply_m.js [2247] =>PUP.DealPly
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\103_intext_5_m.js [3094] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\104_jollywallet_m.js [1383] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\105_corticas_m.js [632] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\108_icm_m.js [5117] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\116_ads_only_5_m.js [2989] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\117_coupons_intext_ads_5_m.js [3217] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\119_similar_web_m.js [5227] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\120_luck_m.js [1239] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\123_intext_adv_m.js [908] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js [790] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\125_arcadi2_m.js [922] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\126_revizer_ws_m.js [1366] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\127_revizer_p_m.js [1247] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\128_superfish_pricora_m.js [763] =>Adware.Pricora
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\129_widdit_m.js [585] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\135_arcadi3_m.js [922] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\138_getdeal_m.js [1416] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\13_CrossriderAppUtils.js [7056] =>PUP.CrossRider
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\141_corticas_ru_m.js.js [720] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\142_intext_fa_m.js [819] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\14_CrossriderUtils.js [12369] =>PUP.CrossRider
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\155_ibario_pops_m.js [735] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\158_50onred_ads_only_no_fb_m.js [2402] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\159_cortica_rollover_m.js [775] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\170_icm1_5_m.js [6470] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\171_arcadi2_sourceID_m.js [997] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js [981] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\175_coolmirage_m.js [3549] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\178_revizer_ws_dynamic_m.js [1094] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\179_revizer_p_dynamic_m.js [1092] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\17_jQuery.js [79982] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:09 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\19_CHAppAPIWrapper.js [6327] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins.json [12880] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\1_base.js [6908] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\21_debug.js [3676] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\22_resources.js [9082] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\28_initializer.js [664] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\47_resources_background.js [7720] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\4_jquery_1_7_1.js [94180] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\64_appApiMessage.js [2332] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\72_appApiValidation.js [23239] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\78_CrossriderInfo.js [2234] =>PUP.CrossRider
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\7_hooks.js [801] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\80_CHPopupAppAPI.js [194] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\87_ginyas_wrapper.js [20377] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\91_monetizationLoader.js.js [141750] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\92_superfish_m.js [695] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\93_superfish_no_coupons_m.js [775] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\97_resourceApiWrapper.js [3299] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\plugins\9_search_engine_hook.js [2285] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\userCode\background.js [428] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\extensionData\userCode\extension.js [734] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\icons\actions\1.png [1223] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\icons\icon128.png [3997] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\icons\icon16.png [827] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\icons\icon48.png [2266] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\api\chrome.js [11521] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\api\cookie.js [11793] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\api\message.js [3346] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\api\pageAction.js [1737] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\api\pageActionBG.js [2519] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\background.js [28910] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\lib\app_api.js [6317] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\lib\bg_app_api.js [4502] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\lib\consts.js [335] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\lib\cookie_store.js [5905] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\lib\crossriderAPI.js [11366] =>PUP.CrossRider
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\lib\delegate.js [2002] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\lib\events.js [5757] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\lib\extensionDataStore.js [6294] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\lib\installer.js [284] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\lib\logFile.js [775] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\lib\logging.js [944] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\lib\onBGDocumentLoad.js [480] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\lib\popupResource\newPopup.js [40] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\lib\popupResource\popup.js [45] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\lib\reports.js [4841] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\lib\storageWrapper.js [903] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\lib\updateManager.js [5665] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\lib\util.js [5142] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\lib\xhr.js [2478] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\js\main.js [8452] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\manifest.json [1206] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:10 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.93_0\popup.html [139] =>Adware.PlusHD
O61 - LFC: 19/01/2014 - 11:46:21 --HA- . (...) -- C:\Users\Nanie\AppData\Local\IconCache.db [156524]
O61 - LFC: 19/01/2014 - 11:46:31 ---A- . (...) -- C:\Users\Nanie\AppData\Roaming\cacaoweb\npdfile.dat [156] =>PUP.CacaoWeb
O61 - LFC: 19/01/2014 - 11:46:31 ---A- . (...) -- C:\Users\Nanie\AppData\Roaming\cacaoweb\storage.db [25] =>PUP.CacaoWeb
O61 - LFC: 19/01/2014 - 11:46:32 ---A- . (...) -- C:\Users\Nanie\AppData\Roaming\ZHP\Log.txt [17620] =>.Nicolas Coolman
O61 - LFC: 19/01/2014 - 11:46:32 ---A- . (...) -- C:\Users\Nanie\AppData\Roaming\ZHP\TestsZHPDiag.txt [2825] =>.Nicolas Coolman
~ 1 Fichiers temporaires (Temporary files)
~ Files: 165 Scanned in 00mn 36s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://aartemis.com =>PUP.AArtemis
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Delta Search) - http://www1.delta-search.com =>Toolbar.DeltaSearch
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} [DefaultScope] - (Mysearchdial) - http://start.mysearchdial.com =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {65BE43EB-1D96-451C-80E4-B2E15825094D} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {77AA745B-F4F8-45DA-9B14-61D2D95054C8} - (aartemis) - http://www.aartemis.com =>PUP.AArtemis
~ Keys: Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [190976]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [309248]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1366016]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1160192]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99840]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll [358400]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [107520]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [62976]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [438784]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [305664]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [3279872]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [826368]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [565760]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [894464]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [151552]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [105472]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1285632]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [219648]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [80896]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [291328]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [190976]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1964544]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [47104]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [207872]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll [161792]
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [180224]

~ Services: 34 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.E96A0D9ECB4F5A219B45B16F72A46D9F] [SPRF][19/02/2013] (...) -- C:\Users\Nanie\AppData\Local\Temp\1EC67EEF-84A2-45DE-9B5D-921DC598B197.dat [39174]
[MD5.83C2D7340628FABEAD9AF90D13ED1493] [SPRF][19/02/2013] (...) -- C:\Users\Nanie\AppData\Local\Temp\2172AC83-3B9D-42B6-B625-9FD40F9401E9.dat [39518]
[MD5.14D1FC889059117E41951BF4E33CE55C] [SPRF][19/02/2013] (...) -- C:\Users\Nanie\AppData\Local\Temp\25D8D9C9-E9C8-4EE3-8372-E75609BE0A75.dat [38758]
[MD5.090ECA792FDD8C3BFCD8709B3DE6139E] [SPRF][19/02/2013] (...) -- C:\Users\Nanie\AppData\Local\Temp\6FB7C79B-7482-4F8A-BA65-DF54F03F295B.dat [39485]
[MD5.245683BDEA19B8426100863404CAEE44] [SPRF][25/09/2013] (...) -- C:\Users\Nanie\AppData\Local\Temp\setup_fsu_cid.exe [182201]
[MD5.8241B3A2AEB7371B4C21C36862F6922A] [SPRF][07/12/2013] (.Symantec Corporation - Norton Internet Security.) -- C:\Users\Nanie\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_2586.exe [999152]
[MD5.90D787A2DF45B1E82C276DFD1A91AE61] [SPRF][19/01/2014] (...) -- C:\Users\Nanie\Desktop\cacaoweb.exe [471552] =>PUP.CacaoWeb
~ Files: 7 Scanned in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "vm-monitoring-rpc" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "vm-monitoring-dcom" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe
O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Netlogon-TCP-RPC-In" | In - None - P6 - FALSE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "ProximityUxHost-Sharing-In-TCP-NoScope" | In - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe
O87 - FAEL: "ProximityUxHost-Sharing-Out-TCP-NoScope" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-DAS-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-DAS-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PlayTo-In-UDP-NoScope" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-UDP-LocalSubnetScope" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-NoScope" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-LocalSubnetScope" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-NoScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-LocalSubnetScope" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-SSDP-Discovery-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PlayTo-QWave-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PlayTo-QWave-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PlayTo-QWave-In-TCP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PlayTo-QWave-Out-TCP-PlayToScope" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "TPMVSCMGR-Server-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-Server-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "TPMVSCMGR-Server-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-Server-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" |In - None - P6 - TRUE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-In-TCP" |In - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-TERMSRV-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-Prov-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcx2prov.exe (.not file.)
O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-McrMgr-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcrmgr.exe (.not file.)
O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "{91AFD029-5493-48EC-A7CC-C7622D6014D4}" | In - Public - P6 - TRUE | .(.Nero AG - Nero BackItUp.) -- C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe
O87 - FAEL: "{A399A7F1-BB8D-4BBC-A9CA-D6CFAAD3BA52}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDVD 10.0.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.exe
O87 - FAEL: "{A9CF7064-53F2-44D4-8AF2-F4EEF3F36761}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files (x86)\Microsoft Office\Office12\outlook.exe =>.Microsoft Corporation
O87 - FAEL: "TCP Query User{BC18D503-E1AB-4CC4-82C0-D3509DA29A25}C:\users\nanie\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Public - P6 - TRUE | .(...) -- C:\users\nanie\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{AAEA22A7-302A-4D9A-8795-45D0FC1225B7}C:\users\nanie\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Public - P17 - TRUE | .(...) -- C:\users\nanie\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O87 - FAEL: "TCP Query User{09373DCD-6CE6-4D8D-89CA-A94663E693CC}C:\users\nanie\desktop\cacaoweb.exe" | In - Public - P6 - TRUE | .(...) -- C:\users\nanie\desktop\cacaoweb.exe =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{1A1C7328-D3ED-464F-BDFF-50A93E5E53A2}C:\users\nanie\desktop\cacaoweb.exe" | In - Public - P17 - TRUE | .(...) -- C:\users\nanie\desktop\cacaoweb.exe =>PUP.CacaoWeb
O87 - FAEL: "TCP Query User{CBC22CB8-2A12-4C7A-9741-92F4BB3409FD}C:\users\nanie\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Private - P6 - TRUE | .(...) -- C:\users\nanie\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{576BA4B8-E69D-4485-8FA3-6893DEC59431}C:\users\nanie\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Private - P17 - TRUE | .(...) -- C:\users\nanie\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
~ Firewall: 213 Scanned in 00mn 01s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "00004159070000000000000000F01FEC" . (.Microsoft Office.) -- C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe
O90 - PUC: "03FF80700C870B74180F8C6440CD67C9" . (.Nero Express Help (CHM).) -- C:\windows\Installer\{0708FF30-78C0-47B0-81F0-C84604DC769C}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945
O90 - PUC: "122113B05A506674D830A74664971465" . (.Nero RescueAgent Help (CHM).) -- c:\windows\Installer\{0B311221-05A5-4766-8D03-7A6446794156}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945
O90 - PUC: "18034D2AB7FC73649A3F2E56A15A4C8A" . (.Nero RescueAgent.) -- c:\windows\Installer\{A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}\ARPPRODUCTICON.exe
O90 - PUC: "203E62EEA6789D84098513925E9B9999" . (.Live Updater.) -- C:\windows\Installer\{EE26E302-876A-48D9-9058-3129E5B99999}\icon.ico
O90 - PUC: "2921D0FE1CF8EB147904BD1C436F4651" . (.Nero BackItUp Help (CHM).) -- c:\windows\Installer\{EF0D1292-8FC1-41BE-9740-DBC134F66415}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945
O90 - PUC: "35588CBA077879B44BE3A50946A7B536" . (.Nero ControlCenter.) -- C:\windows\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ARPPRODUCTICON.exe
O90 - PUC: "37CE0B2BA4DA61743AEDEC8A44B003B9" . (.Nero BackItUp 12 Essentials OEM.a01.) -- c:\windows\Installer\{B2B0EC73-AD4A-4716-A3DE-CEA8440B309B}\ARPPRODUCTICON.exe
O90 - PUC: "3A80BAA3921F5DB44B90EA76F43957D9" . (.Prerequisite installer.) -- C:\windows\Installer\{3AAB08A3-F129-4BD5-B409-AE674F93759D}\ARPPRODUCTICON.exe
O90 - PUC: "456BC9D3DA991034986CD0217A0967C7" . (.Identity Card.) -- C:\windows\Installer\{3D9CB654-99AD-4301-89C6-0D12A790767C}\icon.ico
O90 - PUC: "647C499C0D6CABE40BE9FDB78183B196" . (.Nero ControlCenter Help (CHM).) -- C:\windows\Installer\{C994C746-C6D0-4EBA-B09E-DF7B18381B69}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D
O90 - PUC: "7040BB568CC47CD459E2E3FEFD5006A2" . (.Nero Update.) -- C:\windows\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe
O90 - PUC: "75FA496A198926D428C4E7551A63A141" . (.eBay Worldwide.) -- c:\Windows\Installer\{A694AF57-9891-4D62-824C-7E55A1361A14}\_853F67D554F05449430E7E.exe =>Toolbar.eBay
O90 - PUC: "86C7A848CDA03914A898C2AE875EA6C0" . (.Nero Express.) -- C:\windows\Installer\{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}\ARPPRODUCTICON.exe
O90 - PUC: "A5002F70CAC8B4A4382AAD897A22AC16" . (.Recovery Management.) -- C:\windows\Installer\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}\.\Bitmaps\eRecoveryicon.ico
O90 - PUC: "C2F2B07E1D4978245B0BBCEB16E86225" . (.Nero BackItUp.) -- c:\windows\Installer\{E70B2F2C-94D1-4287-B5B0-CBBE618E2652}\ARPPRODUCTICON.exe
O90 - PUC: "DE532CED4A8571542A874CE1D8EABAB3" . (.PowerDVD.) -- C:\Windows\Installer\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\ARPPRODUCTICON.exe
O90 - PUC: "E9944D65E3CAD8B4199C7C001C844CB4" . (.Google Drive.) -- C:\Windows\Installer\{56D4499E-AC3E-4B8D-91C9-C700C148C44B}\DriveIcon
O90 - PUC: "EF9D0FB939897464189B717BEB4A6EDF" . (.Nero 12 Essentials OEM.a01.) -- C:\windows\Installer\{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}\ARPPRODUCTICON.exe
O90 - PUC: "FA0364E07BA0E0449A87A187CFF4349B" . (.Nero Launcher.) -- C:\windows\Installer\{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}\ARPPRODUCTICON.exe
~ Update Products: 54 Scanned in 00mn 00s



---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\868d8bb23aec43\2.6.1519.190\upd]:="upd=1" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\2.6.1673.238\upd]:="upd=1" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\2.6.1694.246\upd]:="upd=" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\2.7.1769.27\upd]:="upd=" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\2.7.1832.68\upd]:="upd=" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:dllName="BrowserDefender.dll" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:exeName="BrowserDefender.exe" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:folderName="BrowserDefender" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:serviceName="BrowserDefendert" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:version="2.6.1339.144" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:dllName="BrowserDefender.dll" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:exeName="BrowserDefender.exe" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:folderName="BrowserDefender" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:serviceName="BrowserDefendert" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:version="2.6.1519.190" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:dllName="BitGuard.dll" =>PUP.BitGuard
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:exeName="BitGuard.exe" =>PUP.BitGuard
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:folderName="BitGuard" =>PUP.BitGuard
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:serviceName="BitGuard" =>PUP.BitGuard
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:version="2.6.1673.238" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:dllName="BitGuard.dll" =>PUP.BitGuard
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:exeName="BitGuard.exe" =>PUP.BitGuard
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:folderName="BitGuard" =>PUP.BitGuard
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:serviceName="BitGuard" =>PUP.BitGuard
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:version="2.6.1694.246" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:SERVICE_NAME="BitGuard" =>PUP.BitGuard
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:dllName="BitGuard.dll" =>PUP.BitGuard
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:exeName="BitGuard.exe" =>PUP.BitGuard
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:folderName="BitGuard" =>PUP.BitGuard
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:version="2.7.1769.27" =>Hijacker.Eazel
[HKCU\Software\868d8bb23aec43]:version="2.7.1832.68" =>Hijacker.Eazel
[HKLM\Software\Wow6432Node\868d8bb23aec43]:version="2.7.1832.68" =>Hijacker.Eazel
~ Export Key Software: Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.47FE6777BC5F33EC9FB4A6741E96E665] [WIS][07/12/2013] (.Google, Inc. - Google Drive.) -- C:\Windows\Installer\3121cc.msi [31694848]
~ WIS: 54 Scanned in 00mn 05s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 23/10/2012 277024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 23/08/2012 468624 | (DeviceFastLaneService) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
SS - | Auto 02/03/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 02/03/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/05/2011 136120 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 09/01/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 21/08/2012 348784 | (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
SR - | Demand 22/08/2012 658576 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
SR - | Auto 30/08/2012 28560 | (ETDService) . (.ELAN Microelectronics Corp..) - C:\Program Files\Elantech\ETDService.exe
SR - | Auto 13/07/2012 2451456 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 17/07/2012 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 17/07/2012 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 26/11/2011 687400 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 07/12/2012 93296 | (RfButtonDriverService) . (.Dritek System INC..) - C:\Windows\RfBtnSvc64.exe
SR - | Auto 17/07/2012 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 01/08/2012 81536 | (ZAtheros Wlan Agent) . (.Atheros.) - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

~ Services: Scanned in 00mn 07s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Nanie at 19/01/2014 11:47:38
~ OS 64 not supported by MBR tool

~ MBR: 0 Scanned in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Nanie at 19/01/2014 11:47:41

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13024 - (17/01/2014)
Clés trouvées (Keys found) : 106
Valeurs trouvées (Values found) : 9
Dossiers trouvés (Folders found) : 13
Fichiers trouvés (Files found) : 24

[HKLM\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde] =>Toolbar.DeltaSearch^
[HKLM\Software\Google\Chrome\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl] =>Adware.PlusHD^
[HKLM\Software\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo] =>PUP.Elex^
[HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311121157}] =>Adware.PlusHD^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}] =>Adware.MyWebSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar] =>Toolbar.DeltaSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\delta] =>Toolbar.DeltaSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial] =>Adware.MyWebSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-1.3] =>Adware.PlusHD^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A694AF57-9891-4D62-824C-7E55A1361A14}] =>Toolbar.eBay^
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escort.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>PUP.Babylon
[HKLM\Software\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\delta.deltaappCore] =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltaappCore.1] =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltadskBnd] =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltadskBnd.1] =>PUP.Funmoods
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo] =>PUP.Elex
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}] =>Adware.MyWebSearch
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Classes\SpeedUpMyPC] =>Rogue.SpeedUpMyPC
[HKLM\Software\Classes\CrossriderApp0031257.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0031257.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0031257.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0031257.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\delta.deltaHlpr] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\delta.deltaHlpr.1] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\esrv.mysearchdialESrvc] =>Adware.MyWebSearch
[HKLM\Software\Classes\esrv.mysearchdialESrvc.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialappCore] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialappCore.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialdskBnd] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialdskBnd.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialHlpr] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialHlpr.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110311121157}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322122257}] =>PUP.CrossRider
[HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0031257.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0031257.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0031257.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0031257.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\delta.deltaappCore] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\delta.deltaappCore.1] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\delta.deltadskBnd] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\delta.deltadskBnd.1] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\delta.deltaHlpr] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\delta.deltaHlpr.1] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\esrv.mysearchdialESrvc] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\esrv.mysearchdialESrvc.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialappCore] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialappCore.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialdskBnd] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialdskBnd.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialHlpr] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialHlpr.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110311121157}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220322122257}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\AppID\escort.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortApp.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311121157}] =>PUP.CrossRider
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:cacaoweb =>PUP.CacaoWeb^
C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch^
C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl =>Adware.PlusHD^
C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo =>PUP.Elex^
C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff =>Adware.MyWebSearch^
C:\Program Files (x86)\Mysearchdial =>Adware.MyWebSearch^
C:\Program Files (x86)\Plus-HD-1.3 =>Adware.PlusHD^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\Users\Nanie\AppData\Roaming\BabSolution =>Hijacker.BabSolution^
C:\Users\Nanie\AppData\Roaming\Babylon =>PUP.Babylon^
C:\Users\Nanie\AppData\Roaming\cacaoweb =>PUP.CacaoWeb^
C:\Users\Nanie\AppData\Roaming\File Scout =>PUP.FileScout^
C:\Users\Nanie\AppData\Roaming\mysearchdial =>Adware.MyWebSearch^
C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard =>PUP.BitGuard^
C:\Users\Nanie\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb^
C:\Windows\Tasks\MySearchDial.job =>Adware.MyWebSearch^
C:\Windows\Tasks\Plus-HD-1.3-chromeinstaller.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-1.3-codedownloader.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-1.3-enabler.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-1.3-updater.job =>Adware.PlusHD^
C:\Users\Nanie\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.exe =>Adware.MyWebSearch^
C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-chromeinstaller.exe =>Adware.PlusHD^
C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-codedownloader.exe =>Adware.PlusHD^
C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-enabler.exe =>Adware.PlusHD^
C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-updater.exe =>Adware.PlusHD^
[HKCU\Software\AppDataLow\Software\Plus-HD-1.3] =>Adware.PlusHD^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr^
[HKCU\Software\FileScout] =>PUP.FileScout^
[HKCU\Software\mysearchdial] =>Adware.MyWebSearch^
[HKLM\Software\Wow6432Node\aartemisSoftware] =>PUP.AArtemis^
C:\Users\Nanie\Desktop\cacaoweb.exe =>PUP.CacaoWeb^
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:dllName="BrowserDefender.dll" =>Hijacker.Eazel^
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:dllName="BrowserDefender.dll" =>Hijacker.Eazel^
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:dllName="BitGuard.dll" =>PUP.BitGuard^
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:dllName="BitGuard.dll" =>PUP.BitGuard^
[HKCU\Software\868d8bb23aec43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:SERVICE_NAME="BitGuard" =>PUP.BitGuard^
C:\Users\Nanie\Downloads\cacaoweb.exe =>PUP.CacaoWeb
~ Additionnel Scan: 191762 Items scanned in 00mn 16s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27566847-pup-cacaoweb =>PUP.CacaoWeb
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/28138048-adware-plushd =>Adware.PlusHD
~ http://nicolascoolman.webs.com/apps/blog/show/33479906-pup-elex =>PUP.Elex
~ http://nicolascoolman.webs.com/apps/blog/show/35393224-pup-aartemis =>PUP.AArtemis
~ http://nicolascoolman.webs.com/apps/blog/show/32979753-pup-bitguard =>PUP.BitGuard
~ http://nicolascoolman.webs.com/apps/blog/show/27161672-hijacker-eazel =>Hijacker.Eazel
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/34311830-pup-filescout =>PUP.FileScout
~ http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adware.InstallCore
~ http://nicolascoolman.webs.com/apps/blog/show/27557062-adware-vidsaver =>Adware.VidSaver
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply =>PUP.DealPly
~ http://nicolascoolman.webs.com/apps/blog/show/29294184-adware-pricora =>Adware.Pricora
~ http://nicolascoolman.webs.com/apps/blog/show/27672211-pup-v9software =>PUP.V9Software
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector =>PUP.BProtector
~ http://nicolascoolman.webs.com/apps/blog/show/33047509-rogue-speedupmypc =>Rogue.SpeedUpMyPC
~ MSI: 22 link(s) detected in 00mn 21s



End of the scan (1952 lines in 03mn 34s)(0)

Publicité


Signaler le contenu de ce document

Publicité