cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.1.17.19 - Nicolas Coolman (17/01/2014)
~ Lancé par Nanie (19/01/2014 13:37:33)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16750
GCIE: Google Chrome v32.0.1700.76 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8, 64-bit (Build 9200)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : DRPMG
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2011
Windows Defender W8

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 5960 MB (84% free)
System Restore: Activé (Enable)
System drive C: has 631 GB (92%) free of 681 GB

---\\ Mode de connexion au système
~ Computer Name: MELANIE
~ User Name: Nanie
~ All Users Names: Nanie, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Nanie\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Nanie\AppData\Roaming\
~ %Desktop% : C:\Users\Nanie\Desktop\
~ %Favorites% : C:\Users\Nanie\Favorites\
~ %LocalAppData% : C:\Users\Nanie\AppData\Local\
~ %StartMenu% : C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 631 Go of 681 Go)
D: CD-ROM drive (Free 0 Go of 0 Go)
E: Floppy drive, Flash card reader, USB Key (Free 4 Go of 4 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 41 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.E7099336BF7531B6FCC920DCB5101259] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.25/10/2013 - 07:19:22.) -- C:\Windows\System32\wininet.dll [2241536]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.04/09/2013 - 04:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/58
~ Mes musiques (My Musics) : 1/518
~ Mes Videos (My Videos) : 1/5
~ Mes Favoris (My Favorites) : 1/7
~ Mes Documents (My Documents) : 1/374
~ Mon Bureau (My Desktop) : 1/4
~ Menu demarrer (Programs) : 1/24
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.1B38F4C2BCDB133B757E22BEB61FB3FC] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1176176] [PID.1032]
[MD5.AFEBF9E0B223FF04709F747C172D3540] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024] [PID.4024]
[MD5.8E5651B04BE775696B32F7F1F5DA8871] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8336896] [PID.3996]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Documents Google v.0.5 (Activé)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.5.2 (Activé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] avast! Online Security v.9.0.2005.45, (Activé)
G2 - GCE: Preference [User Data\Default] [hhlmghjmomaoodfgjeikphfdljhpcpkl] Plus-HD-1.3 v.1.26.131, (Activé) =>Adware.PlusHD
G2 - GCE: Preference [User Data\Default] [ifohbjbgfchkkfhphahclmkpgejiplfo] Lightning Newtab v.1.1.8.4, (Activé) =>PUP.Elex
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial v.9.4.12 (Activé) =>Adware.MyWebSearch
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)
~ Google Browser: 20 Scanned in 00mn 03s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 22 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
~ BHO: 3 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Acheter en ligne.lnk . (...) -- C:\Program Files (x86)\Accessory Store\StartUrl.exe (.not file.)
O4 - GS\Desktop [Public]: avast! Free Antivirus.lnk . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Help and Support.lnk - Clé orpheline
O4 - GS\Desktop [Public]: Help.lnk . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - GS\Desktop [Public]: Picasa 3.lnk . (.Google Inc. - Picasa.) -- C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline
O4 - GS\Program [Public]: Microsoft Office.lnk . (...) -- C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe
O4 - GS\Program [Public]: Windows Store.lnk . (...) -- C:\Windows\WinStore\WinStore.htm
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (...) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe (.not file.)
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d’écran.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Enregistreur d’actions.) -- C:\Windows\system32\psr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [Nanie]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Nanie]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Nanie]: Picasa 3.lnk . (.Google Inc. - Picasa.) -- C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
O4 - GS\TaskBar [Nanie]: File Explorer.lnk . (...) -- C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Libraries
O4 - GS\TaskBar [Nanie]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Nanie]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Nanie]: Packard Bell Device Fast-lane.lnk . (...) -- C:\Program Files (x86)\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneUI.exe (.not file.)
O4 - GS\TaskBar [Nanie]: Packard Bell Power Button.lnk . (...) -- C:\Program Files (x86)\Packard Bell\Packard Bell Power Management\ePowerButton.exe (.not file.)
O4 - GS\Program [Nanie]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Accessories [Nanie]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Desktop [Nanie]: PhotoFiltre.lnk . (.Antonio Da Cruz - PhotoFiltre.) -- C:\Program Files (x86)\PhotoFiltre\PhotoFiltre.exe
O4 - GS\Desktop [Nanie]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [Nanie]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 35 Scanned in 00mn 00s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Wow6432Node\Run: [LManager] Clé orpheline
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
~ Application: Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0150E0A3-F2ED-4409-AB12-BA93EAF19135}: DhcpNameServer = 192.168.64.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{99A99380-3AF9-4D93-BAC7-1299EC5A2E84}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{0150E0A3-F2ED-4409-AB12-BA93EAF19135}: DhcpDomain = ANCG.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{0150E0A3-F2ED-4409-AB12-BA93EAF19135}: DhcpNameServer = 192.168.64.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{99A99380-3AF9-4D93-BAC7-1299EC5A2E84}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{0150E0A3-F2ED-4409-AB12-BA93EAF19135}: DhcpDomain = ANCG.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll (.not file.) =>PUP.BitGuard
~ AppInit DLL: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) . (.Dritek System Inc. - Dritek WMI Service.) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: Elan Service (ETDService) . (.ELAN Microelectronics Corp. - ELAN Windows Service.) - C:\Program Files\Elantech\ETDService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Patch Tool..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: C:\Program Files (x86)\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) . (.Dritek System INC. - RfBtnSvc Application.) - C:\Windows\RfBtnSvc64.exe
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: ZAtheros Wlan Agent (ZAtheros Wlan Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
~ Services: 12 Scanned in 00mn 17s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1078]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1082]
[MD5.B1298BDD59EC1F6FA718FE475FA17798] [APT] [ALU] (...) -- C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [3331216]
[MD5.BD0BA490E0300E859DB99DA3AB024371] [APT] [ALUAgent] (...) -- C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [39568]
[MD5.24DC2A6F110B79787D6C5D5FF52A0235] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [765176]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.5659ADFFA101D3AC0C62CED889991357] [APT] [Power Management] (.Acer Incorporated.) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [5294736]
~ Scheduled Task: 11 Scanned in 00mn 03s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Drivers: 40 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: CyberLink PowerDVD 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: CyberLink PowerDVD 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: DMUninstaller - (...) [HKLM][64Bits] -- DMUninstaller
O42 - Logiciel: ETDWare PS/2-X64 11.6.8.001_WHQL - (.ELAN Microelectronic Corp..) [HKLM][64Bits] -- Elantech
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {56D4499E-AC3E-4B8D-91C9-C700C148C44B}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Identity Card - (.Packard Bell.) [HKLM][64Bits] -- {3D9CB654-99AD-4301-89C6-0D12A790767C}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
O42 - Logiciel: Launch Manager - (.Packard Bell.) [HKLM][64Bits] -- LManager
O42 - Logiciel: Live Updater - (.Packard Bell.) [HKLM][64Bits] -- {EE26E302-876A-48D9-9058-3129E5B99999}
O42 - Logiciel: Nero 12 Essentials OEM.a01 - (.Nero AG.) [HKLM][64Bits] -- {9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}
O42 - Logiciel: Nero BackItUp - (.Nero AG.) [HKLM][64Bits] -- {E70B2F2C-94D1-4287-B5B0-CBBE618E2652}
O42 - Logiciel: Nero BackItUp 12 Essentials OEM.a01 - (.Nero AG.) [HKLM][64Bits] -- {B2B0EC73-AD4A-4716-A3DE-CEA8440B309B}
O42 - Logiciel: Nero BackItUp Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {EF0D1292-8FC1-41BE-9740-DBC134F66415}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {ABC88553-8770-4B97-B43E-5A90647A5B63}
O42 - Logiciel: Nero ControlCenter Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {C994C746-C6D0-4EBA-B09E-DF7B18381B69}
O42 - Logiciel: Nero Core Components - (.Nero AG.) [HKLM][64Bits] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263}
O42 - Logiciel: Nero Express - (.Nero AG.) [HKLM][64Bits] -- {848A7C68-0ADC-4193-8A89-2CEA78E56A0C}
O42 - Logiciel: Nero Express Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {0708FF30-78C0-47B0-81F0-C84604DC769C}
O42 - Logiciel: Nero Launcher - (.Nero AG.) [HKLM][64Bits] -- {0E4630AF-0AB7-440E-A978-1A78FC4F43B9}
O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM][64Bits] -- {A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}
O42 - Logiciel: Nero RescueAgent Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {0B311221-05A5-4766-8D03-7A6446794156}
O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM][64Bits] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
O42 - Logiciel: Packard Bell Device Fast-lane - (.Packard Bell.) [HKLM][64Bits] -- {3F62D2FD-13C1-49A2-8B5D-47623D9460D7}
O42 - Logiciel: Packard Bell Power Management - (.Packard Bell.) [HKLM][64Bits] -- {91F52DE4-B789-42B0-9311-A349F10E5479}
O42 - Logiciel: Packard Bell Recovery Management - (.Packard Bell.) [HKLM][64Bits] -- {07F2005A-8CAC-4A4B-83A2-DA98A722CA61}
O42 - Logiciel: PhotoFiltre - (...) [HKCU][64Bits] -- PhotoFiltre
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM][64Bits] -- Picasa 3
O42 - Logiciel: Qualcomm Atheros WiFi Driver Installation - (.Qualcomm Atheros.) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek PCIE Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {C1594429-8296-4652-BF54-9DBE4932A44C}
O42 - Logiciel: WinRAR 5.00 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: avast! Free Antivirus v9.0.2011 - (.Avast Software.) [HKLM][64Bits] -- avast
O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM][64Bits] -- {A694AF57-9891-4D62-824C-7E55A1361A14} =>Toolbar.eBay
~ Logic: 38 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AVAST Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\Dritek]
[HKCU\Software\Elantech]
[HKCU\Software\Google]
[HKCU\Software\Intel]
[HKCU\Software\Lake]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mine]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\OEM]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SYNCJM]
[HKCU\Software\Symantec]
[HKCU\Software\TeleCharger]
[HKCU\Software\TeleCharger_v2]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\mozilla]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cyberlink]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Macromedia]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\Policies]
[HKLM\Software\Qualcomm Atheros Fast Reconnect]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SonicFocus]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\ATHEROS]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\Canon]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DivXNetworks]
[HKLM\Software\Wow6432Node\Dritek]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Qualcomm Atheros WiFi Driver Installation]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\WinRAR]
[HKLM\Software\Wow6432Node]
~ Key Software: 167 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 02/03/2013 - 21:39:26 - [308,962] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 07/12/2012 - 19:37:25 - [189,845] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 14/05/2013 - 16:06:06 - [629,380] ----D C:\Program Files (x86)\Google
O43 - CFD: 07/12/2012 - 19:38:42 - [65,085] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 07/12/2012 - 19:18:31 - [169,249] ----D C:\Program Files (x86)\Intel
O43 - CFD: 09/01/2014 - 13:52:39 - [4,633] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 07/12/2012 - 19:15:40 - [27,936] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 19/05/2013 - 10:27:23 - [567,187] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 02/03/2013 - 21:29:05 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 02/03/2013 - 21:26:49 - [1,323] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 03/03/2013 - 13:44:49 - [3,554] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 02/03/2013 - 21:28:53 - [7,797] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 15/07/2013 - 19:28:06 - [0] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 02/03/2013 - 21:29:09 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 01/11/2012 - 02:56:11 - [318,437] ----D C:\Program Files (x86)\Nero
O43 - CFD: 19/02/2013 - 01:44:33 - [0,105] ----D C:\Program Files (x86)\OEM
O43 - CFD: 01/11/2012 - 02:55:27 - [5,216] ----D C:\Program Files (x86)\Packard Bell
O43 - CFD: 26/11/2013 - 18:16:58 - [3,529] ----D C:\Program Files (x86)\PhotoFiltre
O43 - CFD: 07/12/2012 - 19:26:52 - [7,935] ----D C:\Program Files (x86)\Qualcomm Atheros
O43 - CFD: 07/12/2012 - 19:23:24 - [31,180] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 01/11/2012 - 02:46:39 - [36,536] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 01/11/2012 - 02:57:46 - [2,444] ----D C:\Program Files (x86)\SymSilent
O43 - CFD: 07/12/2012 - 19:23:47 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 02/10/2013 - 13:30:03 - [1,038] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 08/12/2012 - 03:56:26 - [5,466] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 12/03/2013 - 12:54:27 - [3,494] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 26/07/2012 - 09:12:59 - [7,243] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 25/06/2013 - 19:08:43 - [5,226] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/07/2012 - 09:12:59 - [0] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 16/11/2013 - 15:27:39 - [4,593] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 19/01/2014 - 13:37:28 - [17,257] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 02/03/2013 - 21:29:05 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 07/12/2012 - 19:23:22 - [2,009] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 05/03/2013 - 23:47:34 - [244,741] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 01/11/2012 - 02:55:59 - [20,044] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 07/12/2012 - 19:17:14 - [0,185] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 26/07/2012 - 09:13:01 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 07/12/2013 - 10:23:37 - [0] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 05/03/2013 - 19:34:52 - [41,893] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 08/12/2013 - 16:07:38 - [-370,372] ----D C:\ProgramData\AVAST Software
O43 - CFD: 19/02/2013 - 01:32:39 - [0] -SH-D C:\ProgramData\Bureau
O43 - CFD: 24/03/2013 - 17:05:16 - [33,953] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 07/12/2012 - 19:38:48 - [0] ----D C:\ProgramData\CLSK
O43 - CFD: 03/01/2014 - 21:12:49 - [0,054] ----D C:\ProgramData\CyberLink
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 07/12/2012 - 19:18:31 - [0,250] ----D C:\ProgramData\Intel
O43 - CFD: 12/03/2013 - 18:10:02 - [0] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 19/02/2013 - 01:32:39 - [0] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 19/01/2014 - 00:12:56 - [1638,529] -S--D C:\ProgramData\Microsoft
O43 - CFD: 06/01/2014 - 15:11:17 - [0,062] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 19/02/2013 - 01:32:39 - [0] -SH-D C:\ProgramData\Modèles
O43 - CFD: 01/11/2012 - 02:56:32 - [2,353] ----D C:\ProgramData\Nero
O43 - CFD: 07/12/2013 - 10:25:00 - [2,099] ----D C:\ProgramData\Norton
O43 - CFD: 01/11/2012 - 02:57:12 - [13,985] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 19/02/2013 - 01:44:16 - [0,001] ----D C:\ProgramData\OEM
O43 - CFD: 01/11/2012 - 02:55:27 - [0,230] ----D C:\ProgramData\Packard Bell
O43 - CFD: 05/03/2013 - 23:52:26 - [1,518] ----D C:\ProgramData\PRICache
O43 - CFD: 07/12/2012 - 19:26:45 - [0,021] ----D C:\ProgramData\Qualcomm Atheros
O43 - CFD: 26/07/2012 - 08:52:44 - [0,001] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 07/12/2012 - 19:37:49 - [0,356] ----D C:\ProgramData\Temp
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Templates
O43 - CFD: 14/01/2014 - 19:39:27 - [0,521] ----D C:\ProgramData\WildTangent
O43 - CFD: 19/02/2013 - 01:44:01 - [0] ----D C:\Users\Nanie\AppData\Roaming\Adobe
O43 - CFD: 10/12/2013 - 17:51:34 - [0] ----D C:\Users\Nanie\AppData\Roaming\AVAST Software
O43 - CFD: 22/06/2013 - 13:45:48 - [0,002] ----D C:\Users\Nanie\AppData\Roaming\CyberLink
O43 - CFD: 29/03/2013 - 20:53:56 - [0] ----D C:\Users\Nanie\AppData\Roaming\Identities
O43 - CFD: 19/02/2013 - 01:43:27 - [0,488] ----D C:\Users\Nanie\AppData\Roaming\lm
O43 - CFD: 02/03/2013 - 21:51:09 - [0,002] ----D C:\Users\Nanie\AppData\Roaming\Macromedia
O43 - CFD: 12/03/2013 - 18:10:14 - [0,001] ----D C:\Users\Nanie\AppData\Roaming\Malwarebytes
O43 - CFD: 18/01/2014 - 23:58:56 - [3,010] -S--D C:\Users\Nanie\AppData\Roaming\Microsoft
O43 - CFD: 26/11/2013 - 18:46:22 - [0,001] ----D C:\Users\Nanie\AppData\Roaming\PhotoFiltre
O43 - CFD: 14/01/2014 - 19:39:26 - [0] ----D C:\Users\Nanie\AppData\Roaming\WildTangent
O43 - CFD: 16/11/2013 - 15:29:29 - [0] ----D C:\Users\Nanie\AppData\Roaming\WinRAR
O43 - CFD: 19/01/2014 - 13:38:04 - [0,284] ----D C:\Users\Nanie\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 19/02/2013 - 01:42:09 - [0] -SH-D C:\Users\Nanie\AppData\Local\Application Data
O43 - CFD: 02/03/2013 - 22:11:27 - [1,557] ----D C:\Users\Nanie\AppData\Local\Apps
O43 - CFD: 15/09/2013 - 19:00:23 - [0,103] ----D C:\Users\Nanie\AppData\Local\avgchrome
O43 - CFD: 19/01/2014 - 13:20:10 - [24,015] ----D C:\Users\Nanie\AppData\Local\CrashDumps
O43 - CFD: 25/07/2013 - 17:59:41 - [0,002] ----D C:\Users\Nanie\AppData\Local\Cyberlink
O43 - CFD: 02/03/2013 - 22:11:51 - [0] ----D C:\Users\Nanie\AppData\Local\Deployment
O43 - CFD: 18/01/2014 - 23:53:37 - [1,269] ----D C:\Users\Nanie\AppData\Local\Diagnostics
O43 - CFD: 14/05/2013 - 16:06:08 - [220,310] ----D C:\Users\Nanie\AppData\Local\Google
O43 - CFD: 19/02/2013 - 01:42:09 - [0] -SH-D C:\Users\Nanie\AppData\Local\Historique
O43 - CFD: 19/01/2014 - 00:12:56 - [238,909] ----D C:\Users\Nanie\AppData\Local\Microsoft
O43 - CFD: 02/03/2013 - 21:26:27 - [0] ----D C:\Users\Nanie\AppData\Local\Microsoft Help
O43 - CFD: 05/03/2013 - 23:52:29 - [124,235] ----D C:\Users\Nanie\AppData\Local\Packages
O43 - CFD: 19/01/2014 - 13:33:42 - [122,445] ----D C:\Users\Nanie\AppData\Local\Temp
O43 - CFD: 19/02/2013 - 01:42:09 - [0] -SH-D C:\Users\Nanie\AppData\Local\Temporary Internet Files
O43 - CFD: 19/02/2013 - 01:42:41 - [0] ----D C:\Users\Nanie\AppData\Local\VirtualStore
O43 - CFD: 26/07/2012 - 09:13:00 - [0,004] R---D C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/07/2012 - 09:13:00 - [0,001] R---D C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 27/10/2013 - 20:27:52 - [0] R---D C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 26/07/2012 - 09:13:00 - [0] ----D C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 26/11/2013 - 18:16:58 - [0] ----D C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre
O43 - CFD: 27/10/2013 - 20:27:52 - [0] R---D C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/07/2012 - 09:13:00 - [0,005] R---D C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 16/11/2013 - 15:27:41 - [0,004] ----D C:\Users\Nanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 102 Scanned in 00mn 07s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.709AF101E72F2FB30B1A47B7EBD8034C] - 05/01/2014 - 14:50:19 ---A- . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Inter.) -- C:\Windows\System32\msieftp.dll [312320]
O44 - LFC:[MD5.6669946CF2CF5B5299A90B22C9189350] - 05/01/2014 - 14:50:27 ---A- . (.Microsoft Corporation - Codec pour photographie Windows Media Photo.) -- C:\Windows\System32\WMPhoto.dll [420864]
O44 - LFC:[MD5.CC9AEDAA3C140ECC8EA9A1EFA4F9D3F6] - 06/01/2014 - 15:11:41 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [90708896]
O44 - LFC:[MD5.4D5FD79A075B9BD9ACEFD6FAA753318A] - 09/01/2014 - 13:58:53 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [43152]
O44 - LFC:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 09/01/2014 - 13:58:54 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O44 - LFC:[MD5.9C2BEA3957EFFD45F352F0938DFB3721] - 09/01/2014 - 13:58:54 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [78648]
O44 - LFC:[MD5.52B5F8FAF7E78C02D26B0B6E3A05F596] - 09/01/2014 - 13:58:54 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [1034464]
O44 - LFC:[MD5.251360C2FCA22BAFE0583314B3262F98] - 09/01/2014 - 13:58:54 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswSP.sys [422216]
O44 - LFC:[MD5.FC6C916BDACC594802064A78225A3E6B] - 09/01/2014 - 13:58:54 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [334136]
O44 - LFC:[MD5.AAB5F5336EDBB5D99CC7E1A9F4D8F63F] - 09/01/2014 - 13:59:14 ---A- . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\Drivers\aswstm.sys [79672]
O44 - LFC:[MD5.D5E5745755FDE41853E9476C4710D43B] - 09/01/2014 - 14:01:00 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [424472]
O44 - LFC:[MD5.FA8671F3CDC65FC11148C34AEEB9F753] - 18/01/2014 - 23:29:51 ---A- . (...) -- C:\Windows\PFRO.log [631726]
O44 - LFC:[MD5.3D7E690B66DE418A236A351E03841E6C] - 19/01/2014 - 00:26:26 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1076628]
O44 - LFC:[MD5.E65203AC07D933A61BF5CDFDDEC7F1C1] - 19/01/2014 - 11:40:45 ---A- . (...) -- C:\Windows\setupact.log [31925]
O44 - LFC:[MD5.67507D5C523D782F191E47EFA32ED958] - 19/01/2014 - 12:38:54 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.A56D57272C3729D83EF3E0C55F902345] - 19/01/2014 - 13:25:32 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.75FCBFA584A33DB66C59DC5438332C88] - 19/01/2014 - 13:28:04 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1793362]
O44 - LFC:[MD5.60848F26202F113F568988F91286CB32] - 19/01/2014 - 13:28:04 ---A- . (...) -- C:\Windows\System32\perfc009.dat [132614]
O44 - LFC:[MD5.9EE422AA9513AE1F93BFBDC37DEF742C] - 19/01/2014 - 13:28:04 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [155650]
O44 - LFC:[MD5.588A60C2D869ECF17BEBA0F05427E1BB] - 19/01/2014 - 13:28:04 ---A- . (...) -- C:\Windows\System32\perfh009.dat [710244]
O44 - LFC:[MD5.5CB45BBAB10914D0F3803C07043B1D06] - 19/01/2014 - 13:28:04 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [800978]
~ Files: 21 Scanned in 00mn 07s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.609CE0BEBE66D1F3AB9DF1848E39EAA0] - 01/01/2014 - 01:38:46 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-276AC160.pf
O45 - LFCP:[MD5.D62693298EFF4062F451E835B2F4EF25] - 02/01/2014 - 13:55:40 ---A- - C:\Windows\Prefetch\GLCND.EXE-DD45F588.pf
O45 - LFCP:[MD5.A37221ACA115D6920BE8AB73BB3F531C] - 02/01/2014 - 14:00:32 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-26AA101A.pf
O45 - LFCP:[MD5.262E02C2CCF4BB1B01FA2A1A30A1581D] - 03/01/2014 - 21:12:14 ---A- - C:\Windows\Prefetch\POWERDVD10.EXE-6CD2ECA6.pf
O45 - LFCP:[MD5.35DE209390260F697E3714D8757BEC21] - 03/01/2014 - 21:12:20 ---A- - C:\Windows\Prefetch\CLUPDATER.EXE-64D36E25.pf
O45 - LFCP:[MD5.79D47C8FBC5702C5A652ED826F4A1590] - 06/01/2014 - 15:11:23 ---A- - C:\Windows\Prefetch\dynreservedpri.db
O45 - LFCP:[MD5.511A9D821D9AC373BC2E2E0DC1DC3C3F] - 08/01/2014 - 09:26:10 ---A- - C:\Windows\Prefetch\PLUS-HD-1.3-CHROMEINSTALLER.E-43A7E5E8.pf =>Adware.PlusHD
O45 - LFCP:[MD5.0B94E2B91DFDFF1154055B7E53E1F888] - 08/01/2014 - 09:27:00 ---A- - C:\Windows\Prefetch\PLUS-HD-1.3-ENABLER.EXE-63DB11A9.pf =>Adware.PlusHD
O45 - LFCP:[MD5.DE43CD36DD75217886A1EDC2CB539672] - 08/01/2014 - 10:37:33 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-9F989E84.pf
O45 - LFCP:[MD5.7404F5314BA348F31AD7ECD56E563F27] - 09/01/2014 - 13:52:18 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-4A7CF88B.pf
O45 - LFCP:[MD5.F7F7783027F98FB5A6E8A6BFF88DA20D] - 09/01/2014 - 13:52:40 ---A- - C:\Windows\Prefetch\POQEXEC.EXE-43A49B23.pf
O45 - LFCP:[MD5.10E35194270A34478BA35CBD819D82C4] - 09/01/2014 - 13:56:06 ---A- - C:\Windows\Prefetch\IGFXTRAY.EXE-21BDFE68.pf
O45 - LFCP:[MD5.615FCA50AB830E869736B486832A0B1F] - 09/01/2014 - 13:56:13 ---A- - C:\Windows\Prefetch\MRT.EXE-07B7D631.pf
O45 - LFCP:[MD5.E339A5CFD7F61469E3BA4BBB023B3908] - 09/01/2014 - 13:56:40 ---A- - C:\Windows\Prefetch\INSTUP.EXE-E16D015F.pf
O45 - LFCP:[MD5.BB01591ADD7A33A1BCB2419098177C3D] - 09/01/2014 - 13:57:35 ---A- - C:\Windows\Prefetch\SRTASKS.EXE-29C2E869.pf
O45 - LFCP:[MD5.33660BB01DC9263E1B3FB6A04040FA88] - 09/01/2014 - 13:59:01 ---A- - C:\Windows\Prefetch\2C0B2C93-9F66-4D4C-AA3E-9FC9E-050ABA10.pf
O45 - LFCP:[MD5.5BF7865B16B4680E5EF573BA50B4365E] - 09/01/2014 - 13:59:12 ---A- - C:\Windows\Prefetch\1508D7FB-0324-4046-B5AF-EC84C-C6682719.pf
O45 - LFCP:[MD5.D103D6B34A3A44A4B422BC030B11F0A7] - 09/01/2014 - 13:59:15 ---A- - C:\Windows\Prefetch\REGSVR64.EXE-4FD717B0.pf
O45 - LFCP:[MD5.1B713333BCFF42F3E753C23ED9FF8DF1] - 09/01/2014 - 13:59:21 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-8D368B00.pf
O45 - LFCP:[MD5.977373D21909C3EF95635DFEB68729A7] - 09/01/2014 - 14:02:11 ---A- - C:\Windows\Prefetch\OLD-VISTHAUX.EXE-49364BE9.pf
O45 - LFCP:[MD5.CB16F62DB4141812BA742CC911754F66] - 09/01/2014 - 14:21:22 ---A- - C:\Windows\Prefetch\OFFDIAG.EXE-8AE4D533.pf
O45 - LFCP:[MD5.17227828073297DBE2A9DB90C302C5FB] - 09/01/2014 - 14:25:29 ---A- - C:\Windows\Prefetch\ODSERV.EXE-4B8FA052.pf
O45 - LFCP:[MD5.304191CAF6DC44D249B946B85292499F] - 09/01/2014 - 14:27:45 ---A- - C:\Windows\Prefetch\FILEHISTORY.EXE-982E7044.pf
O45 - LFCP:[MD5.F7FFE9E99979E2B9073FFE278C1F2A2F] - 09/01/2014 - 14:30:54 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-BAE57A74.pf
O45 - LFCP:[MD5.9BBB060B32E6485BBCF3A76EB990C999] - 09/01/2014 - 22:11:54 ---A- - C:\Windows\Prefetch\EPOWEREVENT.EXE-57DB0DA4.pf
O45 - LFCP:[MD5.FDBC139F85923AA44209721578C2D75F] - 12/01/2014 - 12:55:21 ---A- - C:\Windows\Prefetch\HKCMD.EXE-15DC91D5.pf
O45 - LFCP:[MD5.0047C2567B9D0A932C120523BCD9559B] - 12/01/2014 - 12:55:22 ---A- - C:\Windows\Prefetch\IGFXPERS.EXE-82C794F2.pf
O45 - LFCP:[MD5.5F385B105EA1353CDE1D923B6721A0A1] - 12/01/2014 - 12:55:24 ---A- - C:\Windows\Prefetch\RAVCPL64.EXE-C0BB540D.pf
O45 - LFCP:[MD5.F4517F8890FE95162BAA99FC2B07880A] - 12/01/2014 - 14:14:27 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-E874B0D0.pf
O45 - LFCP:[MD5.01D7FB854C226C6B342D53CC8EC34604] - 12/01/2014 - 14:14:31 ---A- - C:\Windows\Prefetch\AVASTEMUPDATE.EXE-0DD1597D.pf
O45 - LFCP:[MD5.C59F4C542186C8AEEF11BCADD79A8CB5] - 12/01/2014 - 14:14:38 ---A- - C:\Windows\Prefetch\AVASTUI.EXE-DC11C262.pf
O45 - LFCP:[MD5.FA57357D59F7FAB390561B2F6EDF6AED] - 14/01/2014 - 18:44:59 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-3C40F7FB.pf
O45 - LFCP:[MD5.6631D4415ABC588343D3D7386C4D0EBE] - 14/01/2014 - 18:44:59 ---A- - C:\Windows\Prefetch\PLUS-HD-1.3-UPDATER.EXE-6695AE1D.pf =>Adware.PlusHD
O45 - LFCP:[MD5.7F28404561A63D84ACA032B38E5274FD] - 14/01/2014 - 18:44:59 ---A- - C:\Windows\Prefetch\SPOOLSV.EXE-AC422BB0.pf
O45 - LFCP:[MD5.88A2A481C0CFFEC3AE38737161B069CE] - 14/01/2014 - 18:44:59 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-D926A5CA.pf
O45 - LFCP:[MD5.44A05686B10131FCC0C1B8CAE6306518] - 14/01/2014 - 18:49:05 ---A- - C:\Windows\Prefetch\EPOWERSVC.EXE-76E124E6.pf
O45 - LFCP:[MD5.A332CB7DCEF5F4ADF8DCA95B06C38D8A] - 14/01/2014 - 18:49:05 ---A- - C:\Windows\Prefetch\UNSECAPP.EXE-454AB5C0.pf
O45 - LFCP:[MD5.06FC097718CF585BE6EEF1EA47D45D4C] - 14/01/2014 - 19:04:45 ---A- - C:\Windows\Prefetch\ETDCTRLHELPER.EXE-6A174316.pf
O45 - LFCP:[MD5.8F717117F8EBCD44D1D2BB219C9F065D] - 14/01/2014 - 19:04:45 ---A- - C:\Windows\Prefetch\RELPOST.EXE-AC41CDAF.pf
O45 - LFCP:[MD5.A2A5834739F3FF4717300C5710C925F9] - 14/01/2014 - 19:04:45 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-DACB5D4F.pf
O45 - LFCP:[MD5.C602B7DDF918627D229C536B11451A43] - 14/01/2014 - 19:06:45 ---A- - C:\Windows\Prefetch\CACAONEWD9F773.EXE-40C6D2B0.pf =>PUP.CacaoWeb
O45 - LFCP:[MD5.22D6CD546F45528558B560CDD175B4CB] - 14/01/2014 - 19:07:21 ---A- - C:\Windows\Prefetch\CACAOWEB.EXE-CEB953E8.pf =>PUP.CacaoWeb
O45 - LFCP:[MD5.D9C7505A41C7C86571A444F20DF1D364] - 14/01/2014 - 19:28:10 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.0D457A232A64E909009FBDC3494EA2C1] - 14/01/2014 - 19:33:49 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.ADAF74EAC7F398BECEA69948FA0E266D] - 14/01/2014 - 19:34:43 ---A- - C:\Windows\Prefetch\AVASTBCL-SFX.EXE-7A14434F.pf
O45 - LFCP:[MD5.DA257A803B9888F3445BBE94B60E00F9] - 14/01/2014 - 19:34:43 ---A- - C:\Windows\Prefetch\BROWSERCLEANUP.EXE-8CD2CD58.pf
O45 - LFCP:[MD5.FE7A5C9C6431382F7E423B6F5B142402] - 14/01/2014 - 19:38:00 ---A- - C:\Windows\Prefetch\CONTROL.EXE-5BCB0217.pf
O45 - LFCP:[MD5.3EE1D67F4F227DE8FAD3BF36E27E2823] - 14/01/2014 - 19:38:38 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-7242160E.pf
O45 - LFCP:[MD5.37C7C507279E8D13A97C6ABC36CF5D57] - 14/01/2014 - 19:38:38 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-E4BCDBFE.pf
O45 - LFCP:[MD5.1550A930016C4FABE4B9A28297B32F63] - 14/01/2014 - 19:38:45 ---A- - C:\Windows\Prefetch\AU_.EXE-1B01C356.pf
O45 - LFCP:[MD5.CEC7A52528366109C8DF67CEC887F182] - 14/01/2014 - 19:39:12 ---A- - C:\Windows\Prefetch\MUILINK.EXE-7887ADEF.pf
O45 - LFCP:[MD5.2589A9B57B934E4FCF709023511CA492] - 14/01/2014 - 19:39:20 ---A- - C:\Windows\Prefetch\GAMESAPPINTEGRATIONSERVICE.EX-D44D8C89.pf
O45 - LFCP:[MD5.32F76E876DF71B54F8FC40736D1D0BF9] - 14/01/2014 - 19:39:20 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-D50DC528.pf
O45 - LFCP:[MD5.90395D3A5ED88A14BE7D70AD8C3FBF52] - 14/01/2014 - 19:39:22 ---A- - C:\Windows\Prefetch\WTAPP_PROTOCOLHANDLER.EXE-021E5BCD.pf
O45 - LFCP:[MD5.4EB0DF00D0F5FCB467F210FC3A6F5B22] - 14/01/2014 - 19:39:25 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-E212EBE5.pf
O45 - LFCP:[MD5.BE06E0830D3306A0CDDC6B95514C91E0] - 14/01/2014 - 19:40:17 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-7AD13FAD.pf
O45 - LFCP:[MD5.54F5C43D8244FFC4390F338C20D070E4] - 14/01/2014 - 19:40:18 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-FA97D9B9.pf
O45 - LFCP:[MD5.27D61CFE7BC528D1D1F438D472EE8710] - 14/01/2014 - 19:41:43 ---A- - C:\Windows\Prefetch\GAME.DAT-81362BDD.pf
O45 - LFCP:[MD5.1B907AD3E548A5FAA203BD0F85CAFCB3] - 14/01/2014 - 19:41:43 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-FB09BA72.pf
O45 - LFCP:[MD5.A92CBA84401A769D682C127353938CB5] - 14/01/2014 - 19:41:43 ---A- - C:\Windows\Prefetch\TOUCHPOINTS.DAT-2939A083.pf
O45 - LFCP:[MD5.5A15C0C9D1F4C2106C8026C23DA56265] - 14/01/2014 - 19:41:43 ---A- - C:\Windows\Prefetch\UNINSTALL.DAT-2C4BEB3D.pf
O45 - LFCP:[MD5.0595F4BC6B73D219F4BA9F3B72638D11] - 14/01/2014 - 19:41:43 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-A19372CB.pf
O45 - LFCP:[MD5.DE96323C701A7BE30276AA887A2F0B2C] - 14/01/2014 - 19:41:43 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-AD6DBE7F.pf
O45 - LFCP:[MD5.95C9CD55B0E72BDD77D96D29C6903830] - 14/01/2014 - 19:42:39 ---A- - C:\Windows\Prefetch\GAME.DAT-99D9B6CB.pf
O45 - LFCP:[MD5.25E0C3C5AE2379FC65724DA580996D5F] - 14/01/2014 - 19:42:39 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-7984D480.pf
O45 - LFCP:[MD5.AAB78229F11CBCB8E2D628A74C4BFD8A] - 14/01/2014 - 19:42:39 ---A- - C:\Windows\Prefetch\TOUCHPOINTS.DAT-4FFBD3A1.pf
O45 - LFCP:[MD5.F3AD156BD9090F10B545B8084987B6C3] - 14/01/2014 - 19:42:44 ---A- - C:\Windows\Prefetch\UNINSTALL.DAT-A0B5A03B.pf
O45 - LFCP:[MD5.B5A3D11102C5EEDB14EF6E280A986E86] - 14/01/2014 - 19:42:52 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-53053035.pf
O45 - LFCP:[MD5.6BC3F0000445A2B2738653B3675E3ECE] - 14/01/2014 - 19:42:55 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-BC5DEA73.pf
O45 - LFCP:[MD5.A2C5EAEF7924DF3176F46C511A0D628C] - 14/01/2014 - 19:43:26 ---A- - C:\Windows\Prefetch\GAME.DAT-5B81F525.pf
O45 - LFCP:[MD5.7B7C26A3DED3D48E90EAA1FA8133501A] - 14/01/2014 - 19:43:45 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-7FC4F73A.pf
O45 - LFCP:[MD5.662B9E0B1F05228776135F4785D251AF] - 14/01/2014 - 19:43:51 ---A- - C:\Windows\Prefetch\TOUCHPOINTS.DAT-016D910B.pf
O45 - LFCP:[MD5.CE78AD03F07C7E636235A629F9E92166] - 14/01/2014 - 19:43:51 ---A- - C:\Windows\Prefetch\UNINSTALL.DAT-3DA5A445.pf
O45 - LFCP:[MD5.74EC27E36574177040E640C8E5F4F699] - 14/01/2014 - 19:44:07 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-18FF1A0C.pf
O45 - LFCP:[MD5.913989AFB8CFBB994EA75E01BDB03913] - 14/01/2014 - 19:44:08 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-D4E8D7B2.pf
O45 - LFCP:[MD5.5B70DB22331BFD30084B47BB922A81A6] - 14/01/2014 - 19:44:42 ---A- - C:\Windows\Prefetch\GAME.DAT-BD04FDA4.pf
O45 - LFCP:[MD5.3D2E4DD587F8D2DB7FEBFB723A370EE6] - 14/01/2014 - 19:45:56 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-070F5EC9.pf
O45 - LFCP:[MD5.4CD02F7CB403FFAE250536B4000FACF7] - 14/01/2014 - 19:45:56 ---A- - C:\Windows\Prefetch\TOUCHPOINTS.DAT-C7677AE2.pf
O45 - LFCP:[MD5.F639C46F2885E530C2713853EB003449] - 14/01/2014 - 19:45:56 ---A- - C:\Windows\Prefetch\UNINSTALL.DAT-5911138C.pf
O45 - LFCP:[MD5.782F0A9DF17C7D2B79CF8A2C03D09E91] - 14/01/2014 - 19:45:56 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-22DABB4C.pf
O45 - LFCP:[MD5.24D94A70B20FD0B126A8800784ED9DAB] - 14/01/2014 - 19:45:56 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-E5610533.pf
O45 - LFCP:[MD5.C7E3BD4FBFD78E3E63BD516ACE9CC0B2] - 14/01/2014 - 19:46:05 ---A- - C:\Windows\Prefetch\GAME.DAT-6E3D9CE4.pf
O45 - LFCP:[MD5.3FAB8D193725432F65CDC28E4EA518A6] - 14/01/2014 - 19:46:36 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-E6EB4A09.pf
O45 - LFCP:[MD5.904F641B1BE1C9BEF597FB37A9EF0BFF] - 14/01/2014 - 19:46:39 ---A- - C:\Windows\Prefetch\TOUCHPOINTS.DAT-D1431C22.pf
O45 - LFCP:[MD5.71BF52870DB60A804C1CF33EAB8214C6] - 14/01/2014 - 19:46:54 ---A- - C:\Windows\Prefetch\UNINSTALL.DAT-54D4C8CC.pf
O45 - LFCP:[MD5.239AE78078B15DF8B340911FF98CDA5E] - 14/01/2014 - 19:46:55 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-A91F6F00.pf
O45 - LFCP:[MD5.0ED1D03EC6D022984AC96BBDCE176A7E] - 14/01/2014 - 19:46:58 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-E62C33A0.pf
O45 - LFCP:[MD5.A6A34DC14611D0A04EC0453AE4047070] - 14/01/2014 - 19:47:28 ---A- - C:\Windows\Prefetch\GAME.DAT-6D4FF778.pf
O45 - LFCP:[MD5.03A1EF9E71B9F6B880F1B8DBC9A63E6A] - 14/01/2014 - 19:47:57 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-D52A6F5D.pf
O45 - LFCP:[MD5.9F121F8EB7B30F8236AFDBC2FC60FAA8] - 14/01/2014 - 19:47:57 ---A- - C:\Windows\Prefetch\TOUCHPOINTS.DAT-5787CFD6.pf
O45 - LFCP:[MD5.B4396D50EF01A315BAB5EDF9B99D0267] - 14/01/2014 - 19:47:57 ---A- - C:\Windows\Prefetch\UNINSTALL.DAT-13D697C0.pf
O45 - LFCP:[MD5.7C318FEE7E0CAA5836B3E55FAB34B82B] - 14/01/2014 - 19:48:06 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-ADCFCC76.pf
O45 - LFCP:[MD5.E171702AD1A4D39D8A2E35C3AC144DBB] - 14/01/2014 - 19:48:08 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-06CF02C6.pf
O45 - LFCP:[MD5.6A4AB6E3981CC9D7AA941340303EE56F] - 14/01/2014 - 19:48:39 ---A- - C:\Windows\Prefetch\GAME.DAT-7DB2A8FE.pf
O45 - LFCP:[MD5.B87C9FFF60C48FDD570F9282C5165664] - 14/01/2014 - 19:48:57 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-46231E83.pf
O45 - LFCP:[MD5.677528318B4DD224D07C517164A51F3F] - 14/01/2014 - 19:49:00 ---A- - C:\Windows\Prefetch\TOUCHPOINTS.DAT-5C382D4C.pf
O45 - LFCP:[MD5.79D2E519EC344A56BBE884F58975A919] - 14/01/2014 - 19:49:02 ---A- - C:\Windows\Prefetch\UNINSTALL.DAT-16875C96.pf
O45 - LFCP:[MD5.077EC4332B52AF390527188572B168C1] - 14/01/2014 - 19:49:15 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-8D27288E.pf
O45 - LFCP:[MD5.7B2C22F84B30F9CCA32E9C4D1598EB67] - 14/01/2014 - 19:49:16 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-654D58DF.pf
O45 - LFCP:[MD5.232A71AC39E188DBFD32323CDD8E3062] - 14/01/2014 - 19:49:45 ---A- - C:\Windows\Prefetch\GAME.DAT-CD5E4B56.pf
O45 - LFCP:[MD5.521613FEEB33F25856914E7BD45A8057] - 14/01/2014 - 19:49:47 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-F0BB335B.pf
O45 - LFCP:[MD5.D214FF98B4B2A7A6C45DF0D0AB2F5EB3] - 14/01/2014 - 19:50:12 ---A- - C:\Windows\Prefetch\TOUCHPOINTS.DAT-3B8F8964.pf
O45 - LFCP:[MD5.81D33CF05E170201234C4A8A501AD1E8] - 14/01/2014 - 19:50:12 ---A- - C:\Windows\Prefetch\UNINSTALL.DAT-A624BA2E.pf
O45 - LFCP:[MD5.A98A5CF86CCE67B8DD2A4154BBBFD0B1] - 14/01/2014 - 19:50:23 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-5845444C.pf
O45 - LFCP:[MD5.EEA410A0D2123AB2718FB9D4BA079261] - 14/01/2014 - 19:50:25 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-ED3204F2.pf
O45 - LFCP:[MD5.7728417B222E2B610D01AE2729AE174B] - 14/01/2014 - 19:50:57 ---A- - C:\Windows\Prefetch\GAME.DAT-2F027DE4.pf
O45 - LFCP:[MD5.B13A08D6B4F41DF3E6018D192628B627] - 14/01/2014 - 19:51:14 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-E1DB1B09.pf
O45 - LFCP:[MD5.B82A8524DE5F8F1DB3AD7F7992AF0971] - 14/01/2014 - 19:51:18 ---A- - C:\Windows\Prefetch\TOUCHPOINTS.DAT-06ADA522.pf
O45 - LFCP:[MD5.07A512E032607D5FE627F2BDEA636645] - 14/01/2014 - 19:51:21 ---A- - C:\Windows\Prefetch\UNINSTALL.DAT-AEFFE1CC.pf
O45 - LFCP:[MD5.25522CC42DF1FCDD59CBD9D11AE3161D] - 14/01/2014 - 19:51:26 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-807945D6.pf
O45 - LFCP:[MD5.778C5B505C882A7E95229E3944027A5E] - 14/01/2014 - 19:51:38 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-8B9FDAD5.pf
O45 - LFCP:[MD5.9EA51524B153D5ED4200E64F9503F8B1] - 14/01/2014 - 19:51:41 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-AD5C1ABB.pf
O45 - LFCP:[MD5.DD611A5E752113E0B55237C0098E2DD2] - 14/01/2014 - 19:52:26 ---A- - C:\Windows\Prefetch\GAME.DAT-1AE68EC5.pf
O45 - LFCP:[MD5.42B3086DB8B8FB39CCA46DC9A5FC66C4] - 14/01/2014 - 19:52:44 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-363096DA.pf
O45 - LFCP:[MD5.5C6F1768054568237BA33AE38D917E89] - 14/01/2014 - 19:52:55 ---A- - C:\Windows\Prefetch\TOUCHPOINTS.DAT-3A083BAB.pf
O45 - LFCP:[MD5.327455CD04819234D3F22AB6E00795B1] - 14/01/2014 - 19:52:55 ---A- - C:\Windows\Prefetch\UNINSTALL.DAT-6AF1F8E5.pf
O45 - LFCP:[MD5.C715D0BAAB395E02AED9974DDFA7A002] - 14/01/2014 - 19:53:11 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-6CB22DD5.pf
O45 - LFCP:[MD5.0B5E1BE25EAC306CF0F9E25D146B29FE] - 14/01/2014 - 19:53:14 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-87085537.pf
O45 - LFCP:[MD5.F14A12056026E848DB0028F928F2D3E1] - 14/01/2014 - 19:53:53 ---A- - C:\Windows\Prefetch\GAME.DAT-115D29C5.pf
O45 - LFCP:[MD5.8DEB865342F6E19576BFBEA1E3A535AD] - 15/01/2014 - 11:23:35 ---A- - C:\Windows\Prefetch\LAUNCH.DAT-9BE081DA.pf
O45 - LFCP:[MD5.8AE4F3513DC3FA865DD9434C8F4B5469] - 15/01/2014 - 11:28:09 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4013745662-1720046193-3924850484-1001.db
O45 - LFCP:[MD5.7FED34B1C40B780BCEE137FB88BB300D] - 15/01/2014 - 11:28:09 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-4013745662-1720046193-3924850484-1001.db
O45 - LFCP:[MD5.5960C797F3CB1DD3614CC5AD9B49F235] - 15/01/2014 - 11:33:40 ---A- - C:\Windows\Prefetch\AgCx_SC2.db
O45 - LFCP:[MD5.66F336506DDA5BB1A648BD0547FF5270] - 18/01/2014 - 23:31:14 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-EF8503D3.pf
O45 - LFCP:[MD5.DF521EC91A0FF49F0F46FE4040D300E3] - 18/01/2014 - 23:32:24 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-05B3EDF6.pf
O45 - LFCP:[MD5.B681E7FCF1E10A90BBD7728BFAD1328B] - 18/01/2014 - 23:32:35 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-7779B832.pf
O45 - LFCP:[MD5.90AA4D8AF7D563135DADA0AA5A00E7B5] - 18/01/2014 - 23:32:41 ---A- - C:\Windows\Prefetch\DASHOST.EXE-38AAABF0.pf
O45 - LFCP:[MD5.E6504794DEE809C4089D38E6251DC22D] - 18/01/2014 - 23:32:46 ---A- - C:\Windows\Prefetch\INSTUP.EXE-3AF05CB9.pf
O45 - LFCP:[MD5.ABAAE6D9DDC638B425F5490585B0B40F] - 18/01/2014 - 23:35:18 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-8DD14920.pf
O45 - LFCP:[MD5.955BBB3E51AE226314D97685DC17E02F] - 18/01/2014 - 23:38:09 ---A- - C:\Windows\Prefetch\DEVICEFASTLANEEVENT.EXE-0D33B9ED.pf
O45 - LFCP:[MD5.0B77FA0475D833698BF1590948A0AE8D] - 18/01/2014 - 23:38:09 ---A- - C:\Windows\Prefetch\DEVICEFASTLANESVC.EXE-E86CADBF.pf
O45 - LFCP:[MD5.2E0585E49085970D6194A9A386305C8E] - 18/01/2014 - 23:38:09 ---A- - C:\Windows\Prefetch\DEVICEFASTLANEUI.EXE-CF5A78A9.pf
O45 - LFCP:[MD5.F99DEA7DB05C2836E76097C047C542A3] - 18/01/2014 - 23:38:35 ---A- - C:\Windows\Prefetch\GFXUI.EXE-2E721AA9.pf
O45 - LFCP:[MD5.67265EE9E5DD6FA68A26331278F6732F] - 18/01/2014 - 23:47:06 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-86395D58.pf
O45 - LFCP:[MD5.5AA91E74CD28D5DBE1AB6EBEC9F0B737] - 18/01/2014 - 23:47:14 ---A- - C:\Windows\Prefetch\MSDT.EXE-A16F1692.pf
O45 - LFCP:[MD5.F4C1DE4C68300A82F18B86D0B5C17932] - 18/01/2014 - 23:47:17 ---A- - C:\Windows\Prefetch\SDIAGNHOST.EXE-D8BC1DC6.pf
O45 - LFCP:[MD5.F15ADE2310969D3D3B320DF3EE1B98D5] - 18/01/2014 - 23:49:48 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-6F45D74E.pf
O45 - LFCP:[MD5.0712BE55BE40BD52D4656CAFB78A8344] - 18/01/2014 - 23:49:53 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-8329E055.pf
O45 - LFCP:[MD5.15254211D793B2DFB43313CC74605623] - 18/01/2014 - 23:50:49 ---A- - C:\Windows\Prefetch\IPCONFIG.EXE-EEA91845.pf
O45 - LFCP:[MD5.1BEE172FF57278475D33F49CE619EF95] - 18/01/2014 - 23:51:02 ---A- - C:\Windows\Prefetch\ROUTE.EXE-C5FB9965.pf
O45 - LFCP:[MD5.DE29CC5808B9A14205267663EC6393F6] - 18/01/2014 - 23:51:08 ---A- - C:\Windows\Prefetch\RECOVERYDRIVE.EXE-0EE8638F.pf
O45 - LFCP:[MD5.7CB41F2ED1E1C30898F8F8A9B628502E] - 18/01/2014 - 23:51:37 ---A- - C:\Windows\Prefetch\ASWOFFERTOOL.EXE-4EF92049.pf
O45 - LFCP:[MD5.05A289AADE010B6620B002F8B8F966E5] - 18/01/2014 - 23:51:43 ---A- - C:\Windows\Prefetch\DELEGATE_EXECUTE.EXE-09EF6B82.pf
O45 - LFCP:[MD5.862D0ECC33D1F918EFC945DD204724D7] - 18/01/2014 - 23:52:44 ---A- - C:\Windows\Prefetch\WBENGINE.EXE-86775975.pf
O45 - LFCP:[MD5.6B5BE72589F7A157126BF2F20DD07C21] - 18/01/2014 - 23:53:03 ---A- - C:\Windows\Prefetch\RSTRUI.EXE-F76EBF17.pf
O45 - LFCP:[MD5.61D30AC25D7871245A567FB153331409] - 18/01/2014 - 23:55:33 ---A- - C:\Windows\Prefetch\WERMGR.EXE-D948C216.pf
O45 - LFCP:[MD5.82FEB9CC1B32C68DCC48047A25A00809] - 18/01/2014 - 23:56:54 ---A- - C:\Windows\Prefetch\SYSTEMSETTINGS.EXE-D8CC3B5E.pf
O45 - LFCP:[MD5.4499CD0CA7325656C84C01F70983A1D9] - 18/01/2014 - 23:57:18 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-214598FD.pf
O45 - LFCP:[MD5.591625A868F9154B3DB70CA2F53285A9] - 18/01/2014 - 23:59:07 ---A- - C:\Windows\Prefetch\MMC.EXE-787EFBBC.pf
O45 - LFCP:[MD5.FD7EF3EB2BBF077C34FCCEDB5FD45E85] - 18/01/2014 - 23:59:55 ---A- - C:\Windows\Prefetch\HELPPANE.EXE-5A92E3D5.pf
O45 - LFCP:[MD5.5F71BEC548F4771EBD7A5D7A54D1A526] - 19/01/2014 - 00:03:03 ---A- - C:\Windows\Prefetch\SYSTEMPROPERTIESPROTECTION.EX-9E926287.pf
O45 - LFCP:[MD5.ABB873515570720ACD68EC330C7BBAFA] - 19/01/2014 - 00:07:48 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-BD0DD634.pf
O45 - LFCP:[MD5.07CDE813AD7EEEC2077343DD367ED6C5] - 19/01/2014 - 00:08:49 ---A- - C:\Windows\Prefetch\RECDISC.EXE-BB25A273.pf
O45 - LFCP:[MD5.8DEA899C29B294262EDD7D00F628E8EB] - 19/01/2014 - 00:09:54 ---A- - C:\Windows\Prefetch\SETAPM.EXE-9D9BA1F2.pf
O45 - LFCP:[MD5.607AD3CDC7FED4C961D831242A4446FF] - 19/01/2014 - 00:13:28 ---A- - C:\Windows\Prefetch\COMPMGMTLAUNCHER.EXE-726206F8.pf
O45 - LFCP:[MD5.B5726EB5398A87742F9767C07C424561] - 19/01/2014 - 00:13:28 ---A- - C:\Windows\Prefetch\MMC.EXE-D8BF067A.pf
O45 - LFCP:[MD5.E1DC2E4C0014DFF1041164BEDAEF293B] - 19/01/2014 - 00:13:28 ---A- - C:\Windows\Prefetch\VDS.EXE-F11BF333.pf
O45 - LFCP:[MD5.C2E435E3216C2042C433D9E7FADFF53C] - 19/01/2014 - 00:13:28 ---A- - C:\Windows\Prefetch\VDSLDR.EXE-35269815.pf
O45 - LFCP:[MD5.E297D452EEE38B5AD693CAEEADDB3865] - 19/01/2014 - 00:26:11 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-B018CCBF.pf
O45 - LFCP:[MD5.9951ABE46FA1655DA99E3C228D074570] - 19/01/2014 - 11:39:59 ---A- - C:\Windows\Prefetch\AVBUGREPORT.EXE-E4EA699E.pf
O45 - LFCP:[MD5.3D4A76D4BFE8D5002EAA67A482B09585] - 19/01/2014 - 11:40:07 ---A- - C:\Windows\Prefetch\PLUS-HD-1.3-CODEDOWNLOADER.EX-442F55A6.pf =>Adware.PlusHD
O45 - LFCP:[MD5.75010CDC53EB41C9D91707BB1B23B8CA] - 19/01/2014 - 11:40:24 ---A- - C:\Windows\Prefetch\Op-EXPLORER.EXE-03C49D11-000000F5.pf
O45 - LFCP:[MD5.34E93ED2451CC92DFE2F05085974A785] - 19/01/2014 - 11:40:29 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C7028A70.pf
O45 - LFCP:[MD5.0BED0B5B239FD029D16ADBF1D1752A20] - 19/01/2014 - 11:40:45 ---A- - C:\Windows\Prefetch\DRVINST.EXE-26FFA444.pf
O45 - LFCP:[MD5.2108556531EAAB704735F844326F1BCB] - 19/01/2014 - 11:40:50 ---A- - C:\Windows\Prefetch\DSMUSERTASK.EXE-D4A83970.pf
O45 - LFCP:[MD5.85D61DF279494BBA9E7CA8C0CC550840] - 19/01/2014 - 11:42:27 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-7BBFAD0B.pf
O45 - LFCP:[MD5.88BBB9E066BA53E236A43D254D3AB3F9] - 19/01/2014 - 11:42:43 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-69C46368.pf
O45 - LFCP:[MD5.712EA29256165426E6DBEAE6083247C6] - 19/01/2014 - 11:42:55 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-A9D66020.pf
O45 - LFCP:[MD5.FBAAEAE3BF5D1126DFFB6A4574FEB4CD] - 19/01/2014 - 11:42:57 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-F3C56F15.pf
O45 - LFCP:[MD5.1201D498900EADA1A251F9351D907D4D] - 19/01/2014 - 11:48:46 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50DEE1CF.pf
O45 - LFCP:[MD5.8AE4CA1914570197E2C2F0949C4494A8] - 19/01/2014 - 11:50:43 ---A- - C:\Windows\Prefetch\SETUP.EXE-712573E0.pf
O45 - LFCP:[MD5.87AA907CE98AA238FCE182481B523573] - 19/01/2014 - 11:50:53 ---A- - C:\Windows\Prefetch\32.0.1700.76_31.0.1650.63_CHR-0626CFD9.pf
O45 - LFCP:[MD5.2D45ADE42C96B0D6B2ABCC3AE10BCA70] - 19/01/2014 - 11:50:54 ---A- - C:\Windows\Prefetch\SETUP.EXE-286796EA.pf
O45 - LFCP:[MD5.FE6C8D063F4D2C9EDD1AB11E2EF6962C] - 19/01/2014 - 11:53:39 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-4DB88ADA.pf
O45 - LFCP:[MD5.1DCCD0ECFF809AF2EA80FAF8F7E62503] - 19/01/2014 - 11:53:39 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-CD4E002C.pf
O45 - LFCP:[MD5.A4D49ED787C57E3D6E360BD256B9992F] - 19/01/2014 - 11:53:40 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EA0A52C8.pf
O45 - LFCP:[MD5.6D7CC2F445739C63EDE96E306D503EB5] - 19/01/2014 - 11:53:40 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-F2C7AEBC.pf
O45 - LFCP:[MD5.D32337ED6FD08C88F555B96F65861C6B] - 19/01/2014 - 11:53:41 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5511E724.pf
O45 - LFCP:[MD5.B7D391582E34A28A193D0D2589DF5E29] - 19/01/2014 - 11:53:46 ---A- - C:\Windows\Prefetch\NGEN.EXE-A8DBB043.pf
O45 - LFCP:[MD5.E5210FE4873F78E702679D0AA044CB91] - 19/01/2014 - 11:53:49 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-29D61DAB.pf
O45 - LFCP:[MD5.883E6EF727F25CC51DDF331AD093BB39] - 19/01/2014 - 11:53:50 ---A- - C:\Windows\Prefetch\SETTINGSYNCHOST.EXE-DD400067.pf
O45 - LFCP:[MD5.F7439646234CBD8C1945AAD0D9D78BDE] - 19/01/2014 - 11:53:50 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-3C5D03F7.pf
O45 - LFCP:[MD5.1CD38C21C9F1C97ADD2B135331C22A88] - 19/01/2014 - 11:53:52 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-7D20CFB0.pf
O45 - LFCP:[MD5.671300E5E46E6EEFBD9905E0CF27F4BE] - 19/01/2014 - 11:53:52 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-9E940D77.pf
O45 - LFCP:[MD5.F83C195AF6397F2F565B2EDD0154875F] - 19/01/2014 - 11:53:52 ---A- - C:\Windows\Prefetch\TIWORKER.EXE-375F3D59.pf
O45 - LFCP:[MD5.3C93B10ECD93C03B5915AA2B456B7EE9] - 19/01/2014 - 11:53:56 ---A- - C:\Windows\Prefetch\NGEN.EXE-383F81D5.pf
O45 - LFCP:[MD5.AA7D50EE931C15943309D064D68129F3] - 19/01/2014 - 11:54:00 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-22AD8A37.pf
O45 - LFCP:[MD5.CFDB4A1CAF3BCF0F09446EED2E3D399B] - 19/01/2014 - 11:54:00 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.B8E0DB60D321249223DBE167D810D337] - 19/01/2014 - 11:54:00 ---A- - C:\Windows\Prefetch\W32TM.EXE-78C041DB.pf
O45 - LFCP:[MD5.09A07071E7D4D15AE4554146B53BA1BE] - 19/01/2014 - 11:54:09 ---A- - C:\Windows\Prefetch\PING.EXE-167FE968.pf
O45 - LFCP:[MD5.7D20DCEBB3E934D34984F56343945B5F] - 19/01/2014 - 11:54:12 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-D593A5D9.pf
O45 - LFCP:[MD5.C7E472064687FA06161EDAD42B36A7EB] - 19/01/2014 - 11:54:15 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-55FE3087.pf
O45 - LFCP:[MD5.DFC1B75DBE9F8832B8A0B2CDCF50B658] - 19/01/2014 - 11:54:46 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-574A519D.pf
O45 - LFCP:[MD5.DD6EF2F14FC71EE010D4DB025D5A86AA] - 19/01/2014 - 11:54:46 ---A- - C:\Windows\Prefetch\VSSVC.EXE-206E55B3.pf
O45 - LFCP:[MD5.12171D9096FED7C2E2849BFABDA7D4B5] - 19/01/2014 - 11:56:02 ---A- - C:\Windows\Prefetch\MAKECAB.EXE-E962779E.pf
O45 - LFCP:[MD5.F2B75C4B027F6E8AE837BA6CAF673CB6] - 19/01/2014 - 11:58:53 ---A- - C:\Windows\Prefetch\RUNTIMEBROKER.EXE-17E2786F.pf
O45 - LFCP:[MD5.8C65341A24E2A586E3688FE4D0D74DB7] - 19/01/2014 - 12:03:33 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B865F023.pf
O45 - LFCP:[MD5.E3627AA933CFE2E68A9D792881B15B9E] - 19/01/2014 - 12:03:40 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-98677702.pf
O45 - LFCP:[MD5.42C802D60BF4A94ED6795B3FDCE33ED9] - 19/01/2014 - 12:03:43 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-915425CA.pf
O45 - LFCP:[MD5.28D72CDDBA25D4C6C1FA702A2098ED2C] - 19/01/2014 - 12:23:42 ---A- - C:\Windows\Prefetch\THUMBNAILEXTRACTIONHOST.EXE-C3FB8861.pf
O45 - LFCP:[MD5.D6FE94224B1091A0AE16FF27B611949A] - 19/01/2014 - 12:27:13 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-B28CC291.pf
O45 - LFCP:[MD5.05903A5EF4928E34DEA0AB51B0604CF8] - 19/01/2014 - 12:31:41 ---A- - C:\Windows\Prefetch\ZHPFIX.EXE-AFDB3DAC.pf
O45 - LFCP:[MD5.1ECB32210BCA16C4D376251D7AB08EF5] - 19/01/2014 - 12:31:41 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-8162C2FA.pf
O45 - LFCP:[MD5.DA1C20A4099B0DAFA391D5CBF4C58478] - 19/01/2014 - 12:32:48 ---A- - C:\Windows\Prefetch\EPOWERBUTTON.EXE-80D380BE.pf
O45 - LFCP:[MD5.8958E34EE6805A3A8407E475EBB7DD04] - 19/01/2014 - 12:33:02 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-B0E2D755.pf
O45 - LFCP:[MD5.676C4E10396E8B26C199E09E67C1AF27] - 19/01/2014 - 12:35:17 ---A- - C:\Windows\Prefetch\DSIWMIS.EXE-238692B9.pf
O45 - LFCP:[MD5.E010BB3994141F4384EE75C4FD05D974] - 19/01/2014 - 12:35:17 ---A- - C:\Windows\Prefetch\ETDCTRL.EXE-91BAE8DE.pf
O45 - LFCP:[MD5.BB350A443B1A85FB1BBBA06D35CC6E4E] - 19/01/2014 - 12:35:17 ---A- - C:\Windows\Prefetch\ETDSERVICE.EXE-1791FC1A.pf
O45 - LFCP:[MD5.20D7512D2BE097B5296D94C6E0B6BDD6] - 19/01/2014 - 12:35:17 ---A- - C:\Windows\Prefetch\HECISERVER.EXE-AD396A6A.pf
O45 - LFCP:[MD5.4158A02AA7D471C7479D469AE4A59A2C] - 19/01/2014 - 12:35:17 ---A- - C:\Windows\Prefetch\JHI_SERVICE.EXE-9CD021CB.pf
O45 - LFCP:[MD5.75C1A40BB80B4DA24F975263839585E3] - 19/01/2014 - 12:35:17 ---A- - C:\Windows\Prefetch\LMUTILPS32.EXE-9827F12C.pf
O45 - LFCP:[MD5.2EFEC4C3BE62F11A3BA979A684268D11] - 19/01/2014 - 12:35:17 ---A- - C:\Windows\Prefetch\TASKHOSTEX.EXE-7356AAC0.pf
O45 - LFCP:[MD5.2DDEF547879AFEA7A809577B55E0665D] - 19/01/2014 - 12:35:24 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6AA5D6C5.pf
O45 - LFCP:[MD5.326E1493DDC0150F759E577EF7218CBC] - 19/01/2014 - 12:38:03 ---A- - C:\Windows\Prefetch\LADS.EXE-BC89FD22.pf
O45 - LFCP:[MD5.1CD248458B3BDEC1145F8931BC5135FD] - 19/01/2014 - 12:38:44 ---A- - C:\Windows\Prefetch\NSLOOKUP.EXE-EB35EDAD.pf
O45 - LFCP:[MD5.C5607DFDA3103EF6D0B8F1A5FAB8D5CC] - 19/01/2014 - 12:38:54 ---A- - C:\Windows\Prefetch\MBRCHECK.EXE-52282269.pf
O45 - LFCP:[MD5.1654D9389F904FA6E53BA081C954E93C] - 19/01/2014 - 12:39:32 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-F0516D55.pf
O45 - LFCP:[MD5.457CC39628CAD37D7F5DB95994452A00] - 19/01/2014 - 12:47:10 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-44194444.pf
O45 - LFCP:[MD5.C1485823F5F930314A2FCA95023D8AC2] - 19/01/2014 - 12:49:44 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-37BED555.pf
O45 - LFCP:[MD5.F63A334CE6DC84CC58CC8EB71FD82073] - 19/01/2014 - 12:49:44 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-915425C1.pf
O45 - LFCP:[MD5.26AFFB4CC96E553DB40BD1CA540A1E91] - 19/01/2014 - 12:51:24 ---A- - C:\Windows\Prefetch\ADWCLEANER (2).EXE-8496D49D.pf
O45 - LFCP:[MD5.1BC94AC76BA84EE2696F0EC1567C6538] - 19/01/2014 - 12:53:33 ---A- - C:\Windows\Prefetch\ASWRUNDLL.EXE-812C3585.pf
O45 - LFCP:[MD5.43C01CB2D9265C89002739CDD4EF7B6D] - 19/01/2014 - 12:58:14 ---A- - C:\Windows\Prefetch\ADWCLEANER.EXE-D1C4EA6B.pf
O45 - LFCP:[MD5.695B7F0893257E0E6C11356668C248CC] - 19/01/2014 - 12:58:14 ---A- - C:\Windows\Prefetch\LAUNCHTM.EXE-B444BC8E.pf
O45 - LFCP:[MD5.EFBAF28E415926EF43E85A26C8A7E590] - 19/01/2014 - 12:58:14 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-39AABA37.pf
O45 - LFCP:[MD5.01EC840610101B0150766615012235B6] - 19/01/2014 - 13:12:41 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-29741569.pf
O45 - LFCP:[MD5.EE7E719FFE277AA26A232CE2DFB3E045] - 19/01/2014 - 13:13:51 ---A- - C:\Windows\Prefetch\PLUS-HD-1.3-BUTTONUTIL64.EXE-8C540340.pf =>Adware.PlusHD
O45 - LFCP:[MD5.F3C3602484AA3B497B34F10D9EA5D111] - 19/01/2014 - 13:14:59 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-985C34E6.pf
O45 - LFCP:[MD5.154974574EA1D91CF9FFE6C05D7D333C] - 19/01/2014 - 13:16:06 ---A- - C:\Windows\Prefetch\UPDATE~1.EXE-71A3AC66.pf
O45 - LFCP:[MD5.ACF3E96390BCC2D88A6C659BB117CBE1] - 19/01/2014 - 13:18:09 ---A- - C:\Windows\Prefetch\DELEGATE_EXECUTE.EXE-C223B19F.pf
O45 - LFCP:[MD5.8743A6A56291881300C236CA91F7B95F] - 19/01/2014 - 13:18:14 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3F4.pf
O45 - LFCP:[MD5.AC3FA63388EF3A317D569988D9A1827E] - 19/01/2014 - 13:19:05 ---A- - C:\Windows\Prefetch\PLUS-HD-1.3-BG.EXE-D6C3F4E1.pf =>Adware.PlusHD
O45 - LFCP:[MD5.F9E4CEF2D5A7CDAC478B9C692D5F469F] - 19/01/2014 - 13:20:37 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.A8F642C80B48B98C44F74E013228F36B] - 19/01/2014 - 13:20:37 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.933251F62ACF55C3656DEBFB131256EA] - 19/01/2014 - 13:20:37 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5B401A7E.pf
O45 - LFCP:[MD5.B78215CD155075BA599F855A85A714E7] - 19/01/2014 - 13:20:37 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-94CE7668.pf
O45 - LFCP:[MD5.5F567145967711F62959D1C2CB07FEEB] - 19/01/2014 - 13:20:37 ---A- - C:\Windows\Prefetch\WERMGR.EXE-A349767A.pf
O45 - LFCP:[MD5.7D66E127FD74239B5CF339DD346B15D9] - 19/01/2014 - 13:21:09 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.A1372F39DBE875CE9FD5A77761632FDD] - 19/01/2014 - 13:21:09 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.735628D1B09F3DAE9B8977C986353E79] - 19/01/2014 - 13:21:32 ---A- - C:\Windows\Prefetch\DKRUN32.EXE-8583E6AC.pf
O45 - LFCP:[MD5.96E47C533895DA22525AC62E50A83EF8] - 19/01/2014 - 13:21:43 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-BB49B536.pf
O45 - LFCP:[MD5.76E03F8334E57EF0D1056082AD628829] - 19/01/2014 - 13:21:50 ---A- - C:\Windows\Prefetch\IGFXSRVC.EXE-F41E6E8E.pf
O45 - LFCP:[MD5.4BA433B4BD3404CDCC0AD87C91A02D44] - 19/01/2014 - 13:22:15 ---A- - C:\Windows\Prefetch\REG.EXE-6A8B6960.pf
O45 - LFCP:[MD5.2F8577C03BDB6E14C7548811684CA3E0] - 19/01/2014 - 13:22:17 ---A- - C:\Windows\Prefetch\CMD.EXE-CD245F9E.pf
O45 - LFCP:[MD5.0C33ED5DED76BE6D0ECC3C37D3EB1D8A] - 19/01/2014 - 13:22:25 ---A- - C:\Windows\Prefetch\MMDX64FX.EXE-4C9473D7.pf
O45 - LFCP:[MD5.12C64987B40F9050DEC3DE5706F5E6C6] - 19/01/2014 - 13:22:26 ---A- - C:\Windows\Prefetch\IGFXEXT.EXE-B04096D5.pf
O45 - LFCP:[MD5.C02AD97256F632767340891B0F3AF26E] - 19/01/2014 - 13:22:35 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-210D3DBE.pf
O45 - LFCP:[MD5.8BCC31A0E0938CCE63101F919C6D0899] - 19/01/2014 - 13:22:45 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-E35F76FB.pf
O45 - LFCP:[MD5.BEE5CB5517F553B39393862711309362] - 19/01/2014 - 13:22:49 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.F747827E709E1956AFF3D58DC81A3AAD] - 19/01/2014 - 13:24:36 ---A- - C:\Windows\Prefetch\ATH_WLANAGENT.EXE-920A5F75.pf
O45 - LFCP:[MD5.0AAA3FBE042E3E31676447883296FA61] - 19/01/2014 - 13:24:36 ---A- - C:\Windows\Prefetch\LMANAGER.EXE-49876884.pf
O45 - LFCP:[MD5.660D11059D66C827C92333DDD885A277] - 19/01/2014 - 13:24:36 ---A- - C:\Windows\Prefetch\RFBTNSVC64.EXE-4CA3F3BE.pf
O45 - LFCP:[MD5.7A63E58A00B2DC360F2B7559E38C8868] - 19/01/2014 - 13:24:36 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-3BF9CDB0.pf
O45 - LFCP:[MD5.FF791F6AFB75DF9CCC8B517ED8AFF22B] - 19/01/2014 - 13:24:36 ---A- - C:\Windows\Prefetch\TASKENG.EXE-23205583.pf
O45 - LFCP:[MD5.6DD7DFAB7435D2E433A75B35BCE99D66] - 19/01/2014 - 13:25:57 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-62E5E10F.pf
O45 - LFCP:[MD5.60E741544D2FE2288641113D7CA9C78E] - 19/01/2014 - 13:26:00 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-6520183E.pf
O45 - LFCP:[MD5.72522A801E58C379E2FE091C6BCF1699] - 19/01/2014 - 13:26:06 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EE2FB4D9.pf
O45 - LFCP:[MD5.7F9CF6617DDF84FCFC9FAD6A3D80484E] - 19/01/2014 - 13:26:07 ---A- - C:\Windows\Prefetch\LMS.EXE-409EDB07.pf
O45 - LFCP:[MD5.6C7D6C9F1A8C1E6C8387933CF37EAACF] - 19/01/2014 - 13:26:07 ---A- - C:\Windows\Prefetch\RICONMAN.EXE-D63AD6B8.pf
O45 - LFCP:[MD5.32C9B6ADA37114B8434488C420877227] - 19/01/2014 - 13:26:08 ---A- - C:\Windows\Prefetch\NASVC.EXE-314DC6C9.pf
O45 - LFCP:[MD5.8C892BFCFDA5C03EF94481C75956E061] - 19/01/2014 - 13:26:10 ---A- - C:\Windows\Prefetch\UNS.EXE-9B1279FB.pf
O45 - LFCP:[MD5.5B427AB7BBC39669E68E4155AE8F884C] - 19/01/2014 - 13:28:00 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-7D63BB4C.pf
O45 - LFCP:[MD5.0D27130FEAF8F475CEC23F2763FFC03C] - 19/01/2014 - 13:32:51 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf
O45 - LFCP:[MD5.A41BA4AD90D574543EB570F6ED020E8E] - 19/01/2014 - 13:32:52 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf
O45 - LFCP:[MD5.AC3BFFC3222BA02CC46D6DC03B5EDE26] - 19/01/2014 - 13:33:42 ---A- - C:\Windows\Prefetch\FLASHUTIL_ACTIVEX.EXE-4E6AE223.pf
O45 - LFCP:[MD5.C05A5941DCCCCF8DE51D105F87C02C0C] - 19/01/2014 - 13:33:45 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-10E4267C.pf
O45 - LFCP:[MD5.C85F0FD4088969C9C8ECF5C43817CCF8] - 19/01/2014 - 13:33:45 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-C6CFE2A8.pf
O45 - LFCP:[MD5.9EA6419674405D6AEB3F0FAB50D32141] - 19/01/2014 - 13:37:22 ---A- - C:\Windows\Prefetch\RICONBOY.EXE-AC30E47E.pf
O45 - LFCP:[MD5.9E0F51B17ED048A92E212B040AE1002D] - 19/01/2014 - 13:37:25 ---A- - C:\Windows\Prefetch\CONSENT.EXE-2D674CE4.pf
O45 - LFCP:[MD5.8E306AB4B7970B95A51F05BF7E28A5E4] - 19/01/2014 - 13:37:26 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-38926D07.pf
O45 - LFCP:[MD5.232B2B4BCFE08B92A141AD3AD21E4843] - 19/01/2014 - 13:37:27 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-5F2753B1.pf
O45 - LFCP:[MD5.EE760320DDA3E566FDBC3F3B7B548BD0] - 19/01/2014 - 13:37:28 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-9848A323.pf
O45 - LFCP:[MD5.1EF33114E76DF3A7C5630FA728B688C1] - 19/01/2014 - 13:37:29 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf
O45 - LFCP:[MD5.4843D456E81051B3B27380F1BCE6D35F] - 19/01/2014 - 13:37:29 ---A- - C:\Windows\Prefetch\WUDFHOST.EXE-0D78D366.pf
O45 - LFCP:[MD5.179F9875198D63A7103A1936A232B48B] - 19/01/2014 - 13:37:30 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50AF0BCC.pf
O45 - LFCP:[MD5.29C66412917A228309AA5FA44F34F865] - 19/01/2014 - 13:37:36 ---A- - C:\Windows\Prefetch\CMD.EXE-2EB3E6E2.pf
O45 - LFCP:[MD5.DFD83D83B1B939FAD680906AD2A61FFE] - 19/01/2014 - 13:37:36 ---A- - C:\Windows\Prefetch\CONHOST.EXE-F98A1078.pf
O45 - LFCP:[MD5.AF0494A59BE488E954444E1BED408902] - 19/01/2014 - 13:37:36 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-E9FF6526.pf
O45 - LFCP:[MD5.5F9C32C4B9FF6FB6FCE1FBAF34031473] - 19/01/2014 - 13:37:37 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-C7289479.pf
O45 - LFCP:[MD5.D8419060FD76CEA2DF593B8C09320914] - 19/01/2014 - 13:37:38 ---A- - C:\Windows\Prefetch\PV.EXE-D9D90B9C.pf
O45 - LFCP:[MD5.DB53A89FA2EB082095D33ED357A09775] - 19/01/2014 - 13:37:44 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-7B160CA5.pf
O45 - LFCP:[MD5.4D9DCE190F49C5CB73F1CC0D138F7C21] - 19/01/2014 - 13:37:44 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-D08B2113.pf
O45 - LFCP:[MD5.330E6F08BD7DA743E6EA3D5FEF223FC7] - 19/01/2014 - 13:37:44 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-0C8A533A.pf
O45 - LFCP:[MD5.AD39710DC0C858F931D28752B50B128C] - 19/01/2014 - 13:38:04 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-0AD36442.pf
O45 - LFCP:[MD5.18CDE787FAE42DA41060F33690F9E311] - 22/12/2013 - 20:17:37 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-F7FB8768.pf
O45 - LFCP:[MD5.CA0560B406540B4EA02F7EBEAEAD4E94] - 24/12/2013 - 15:57:39 ---A- - C:\Windows\Prefetch\POWERPNT.EXE-6410969F.pf
O45 - LFCP:[MD5.B30D41C76AD51882ECCA9688CE19FAFA] - 30/12/2013 - 13:33:23 ---A- - C:\Windows\Prefetch\PHOTOFILTRE.EXE-714CEA23.pf
O45 - LFCP:[MD5.FF3741BA03007E8FEB29C652A49143F2] - 31/12/2013 - 18:29:50 ---A- - C:\Windows\Prefetch\BROWSERCLEANUP.EXE-78A9DC5D.pf
~ Prefetcher: 288 Scanned in 00mn 05s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{c6604dcf-7a2b-11e2-be6f-7054d24d1efa}\AutoRun\command. (...) -- E:\WD SmartWare.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 18 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ MWPE Keys: 3 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.4F18D4C7EA14F11A7211F60D553C03DB] - 26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [106736]
O58 - SDL:[MD5.93C6388592B99925C1D1576E465BC80F] - 26/07/2012 - 06:00:49 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [492272]
O58 - SDL:[MD5.D27763E0247292654E7F7D16444C7C72] - 26/07/2012 - 06:00:48 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [340720]
O58 - SDL:[MD5.67B90070FF48F794AF19F9FCF0080D75] - 26/07/2012 - 06:00:49 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [184048]
O58 - SDL:[MD5.35A0EB5AECB0FA3C41A2FB514A562304] - 26/07/2012 - 06:00:49 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [76016]
O58 - SDL:[MD5.00452671904F5EE94B50BF0219C97164] - 26/07/2012 - 06:00:49 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [258288]
O58 - SDL:[MD5.EA3FFE53E92E59C87E3ECA9BEB20D9B7] - 26/07/2012 - 06:00:48 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [26352]
O58 - SDL:[MD5.AF038FA3D3748B7595FE7096AD803696] - 07/12/2012 - 19:20:39 ---A- . (.Dritek System Inc. - PS/2 KB to HID Device Driver.) -- C:\Windows\System32\Drivers\aPs2Kb2Hid.sys [26736]
O58 - SDL:[MD5.E933401B392387F4BE34DE8BAF1722A7] - 26/07/2012 - 06:00:49 ---A- . (.PMC-Sierra, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [104688]
O58 - SDL:[MD5.07CA323EF2E8247A568AB0F3662AD644] - 26/07/2012 - 06:00:48 ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [108272]
O58 - SDL:[MD5.9C2BEA3957EFFD45F352F0938DFB3721] - 09/01/2014 - 13:58:54 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [78648]
O58 - SDL:[MD5.679712B7A353EE665B9301592164A172] - 08/12/2013 - 16:09:19 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [92544]
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 08/12/2013 - 16:09:20 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.52B5F8FAF7E78C02D26B0B6E3A05F596] - 09/01/2014 - 13:58:54 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [1034464]
O58 - SDL:[MD5.251360C2FCA22BAFE0583314B3262F98] - 09/01/2014 - 13:58:54 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswSP.sys [422216]
O58 - SDL:[MD5.AAB5F5336EDBB5D99CC7E1A9F4D8F63F] - 09/01/2014 - 13:59:14 ---A- . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\Drivers\aswstm.sys [79672]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 09/01/2014 - 13:58:54 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O58 - SDL:[MD5.F17ABC4AA1FE4989E812858261414FE5] - 01/08/2012 - 11:41:34 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athw8x.sys [3618304]
O58 - SDL:[MD5.87AB5BB072A3F128541D5B815F82FFDD] - 20/09/2012 - 08:55:24 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [533224]
O58 - SDL:[MD5.733A4767D59459282B55B6C780239F47] - 30/08/2012 - 10:05:12 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [318864]
O58 - SDL:[MD5.5AB97B3282D7D6114949D1EB5C8598E4] - 20/09/2012 - 08:55:27 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3265256]
O58 - SDL:[MD5.772A1DEEDFDBC244183B5C805D1B7D85] - 02/07/2012 - 08:16:02 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\HECIx64.sys [62784]
O58 - SDL:[MD5.64DB7A8D97CA53DCCF93D0A1E08342CF] - 26/07/2012 - 06:00:52 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [64752]
O58 - SDL:[MD5.0FE66A51D81A25AACEAAE4C26308121D] - 09/07/2012 - 13:43:12 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\Drivers\iaStorA.sys [645952]
O58 - SDL:[MD5.5E394EBD26FD68AA9300332C46BEDD62] - 26/07/2012 - 06:00:52 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [411888]
O58 - SDL:[MD5.A1CF07D24EDCDC6870535471654D957C] - 23/10/2012 - 04:37:42 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [5343584]
O58 - SDL:[MD5.24847A06B84339FEEDE5CABF3D27D320] - 26/07/2012 - 06:00:52 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [45296]
O58 - SDL:[MD5.F5495B38BFB9149925F54F65AB40EFBF] - 19/06/2012 - 00:40:50 ---A- . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [342528]
O58 - SDL:[MD5.E8394F7CA5107A61A60729CEA7A21FF6] - 21/06/2012 - 22:02:52 ---A- . (.Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet Controlle.) -- C:\Windows\System32\Drivers\L1C63x64.sys [110744]
O58 - SDL:[MD5.022CDD12161B063D7852B1075BF3FFF2] - 26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [108784]
O58 - SDL:[MD5.07AD59D669B996F29F91817F0ECFA34F] - 26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [92400]
O58 - SDL:[MD5.216FB796AA4E252ACCE93B1BCB80B5EC] - 26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [116976]
O58 - SDL:[MD5.5E80530AF37102488EE980B4A92AF99F] - 26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sss.sys [81136]
O58 - SDL:[MD5.DE5D0DD632EE6977979799DE64CE0951] - 29/11/2010 - 17:42:06 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [24152]
O58 - SDL:[MD5.9B0D829C3BE4E7472DB9DD2B79908E3C] - 26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys [51952]
O58 - SDL:[MD5.ECC3F54C7AFC318271C4F0B4606D8DB0] - 26/07/2012 - 06:00:52 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [353008]
O58 - SDL:[MD5.3A1E095277BBD406CEA8EA6B76950664] - 26/07/2012 - 06:00:55 ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\Drivers\mvumis.sys [64240]
O58 - SDL:[MD5.12DD2800E4EEA37DC9AE256AD62423B4] - 26/07/2012 - 06:00:55 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [52464]
O58 - SDL:[MD5.D6D34118263412D3AAA8348A9572B7F2] - 26/07/2012 - 06:00:55 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [150256]
O58 - SDL:[MD5.27AFC428D1D32ABD04A86763A4EDDEA9] - 26/07/2012 - 06:00:55 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [168176]
O58 - SDL:[MD5.DDC860724AEF8F8E42AC61E6585769C6] - 31/07/2012 - 11:10:34 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [4102928]
O58 - SDL:[MD5.7BFDFD1D2244B444D7BBC55087426518] - 04/07/2012 - 03:41:58 ---A- . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7/Win8.) -- C:\Windows\System32\Drivers\RtsPStor.sys [339600]
O58 - SDL:[MD5.A02C8EA09D5601FA0148739A95F31AEF] - 30/06/2012 - 03:00:53 ---A- . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driverr.) -- C:\Windows\System32\Drivers\rtwlane.sys [1119232]
O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 26/07/2012 - 09:11:43 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:[MD5.2560721D6F16D5B611C36A3A9D28C1B2] - 26/07/2012 - 06:00:55 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [44784]
O58 - SDL:[MD5.3AA8FDE1DBF65BB8B88B053529554A0D] - 26/07/2012 - 06:00:56 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [81648]
O58 - SDL:[MD5.0B3F6C8F93C5C25977EA5A8B2E656357] - 04/06/2013 - 08:15:02 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [103448]
O58 - SDL:[MD5.EA8F41484CCC5BA6A1455C2AD3D1BE3C] - 04/06/2013 - 08:15:00 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [203672]
O58 - SDL:[MD5.4E85355B94CFCB67C135F6521A4895A7] - 26/07/2012 - 06:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
O58 - SDL:[MD5.F5B4A14B00E89250C50982AC762DDD1D] - 26/07/2012 - 06:00:58 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [19184]
O58 - SDL:[MD5.38A60CD9C009C55C6D3B5586F8E6A353] - 26/07/2012 - 06:00:58 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [164080]
O58 - SDL:[MD5.A0F6FE0FC2F647C22BBFD6BD4249DBCC] - 26/07/2012 - 06:00:58 ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\Drivers\VSTXRAID.SYS [322800]
~ Drivers: 18 Scanned in 00mn 05s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 18/01/2014 - 13:38:35 ---A- . (...) -- C:\Users\Nanie\AppData\Local\CrashDumps\iexplore.exe(1).3272.dmp [2595132]
O61 - LFC: 18/01/2014 - 13:38:35 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Diagnostics\1158610846\2014011822.000\BF466898-CB2F-4C6F-ABCA-24429A33CCBE.Diagnose.0.etl [196608]
O61 - LFC: 18/01/2014 - 13:38:35 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Diagnostics\1158610846\2014011822.000\NetworkConfiguration.cab [1786]
O61 - LFC: 18/01/2014 - 13:38:35 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Diagnostics\1158610846\2014011822.000\results.xsl [49097]
O61 - LFC: 18/01/2014 - 13:38:36 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Archived History [8019968]
O61 - LFC: 18/01/2014 - 13:38:36 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Archived History-journal [16384]
O61 - LFC: 18/01/2014 - 13:38:36 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Current Tabs [1025]
O61 - LFC: 18/01/2014 - 13:38:36 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies [8192]
O61 - LFC: 18/01/2014 - 13:38:36 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies-journal [6704]
O61 - LFC: 18/01/2014 - 13:38:36 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old [151]
O61 - LFC: 18/01/2014 - 13:38:36 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extension State\CURRENT [16]
O61 - LFC: 18/01/2014 - 13:38:36 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG [151]
O61 - LFC: 18/01/2014 - 13:38:36 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-002265 [1146] =>.Google Inc
O61 - LFC: 18/01/2014 - 13:38:36 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_hhlmghjmomaoodfgjeikphfdljhpcpkl_0\7 [28672] =>Adware.PlusHD
O61 - LFC: 18/01/2014 - 13:38:38 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Favicons [3592192]
O61 - LFC: 18/01/2014 - 13:38:38 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal [16384]
O61 - LFC: 18/01/2014 - 13:38:38 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT [16]
O61 - LFC: 18/01/2014 - 13:38:38 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG [148]
O61 - LFC: 18/01/2014 - 13:38:38 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000509 [160]
O61 - LFC: 18/01/2014 - 13:38:38 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\History [6246400]
O61 - LFC: 18/01/2014 - 13:38:38 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\History-journal [16384]
O61 - LFC: 18/01/2014 - 13:38:38 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Last Session [339]
O61 - LFC: 18/01/2014 - 13:38:38 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hhlmghjmomaoodfgjeikphfdljhpcpkl\CURRENT [16] =>Adware.PlusHD
O61 - LFC: 18/01/2014 - 13:38:38 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hhlmghjmomaoodfgjeikphfdljhpcpkl\LOG [267] =>Adware.PlusHD
O61 - LFC: 18/01/2014 - 13:38:38 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hhlmghjmomaoodfgjeikphfdljhpcpkl\MANIFEST-000679 [126] =>Adware.PlusHD
O61 - LFC: 18/01/2014 - 13:38:38 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gomekmidlodglbbmalcneegieacbdmki_0.localstorage [1502208]
O61 - LFC: 18/01/2014 - 13:38:38 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gomekmidlodglbbmalcneegieacbdmki_0.localstorage-journal [16384]
O61 - LFC: 18/01/2014 - 13:38:38 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage-journal [16384] =>PUP.Elex
O61 - LFC: 18/01/2014 - 13:38:38 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage-journal [16384] =>Adware.MyWebSearch
O61 - LFC: 18/01/2014 - 13:38:41 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor [237568]
O61 - LFC: 18/01/2014 - 13:38:41 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal [16384]
O61 - LFC: 18/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\QuotaManager [15360]
O61 - LFC: 18/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal [8768]
O61 - LFC: 18/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Session Storage\002623.ldb [147]
O61 - LFC: 18/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old [788]
O61 - LFC: 18/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Visited Links [524192]
O61 - LFC: 18/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom_new [0]
O61 - LFC: 18/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies [6144]
O61 - LFC: 18/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal [4640]
O61 - LFC: 18/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist_new [0]
O61 - LFC: 18/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist_new [0]
O61 - LFC: 18/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Safe Browsing Download_new [0]
O61 - LFC: 18/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist_new [0]
O61 - LFC: 18/01/2014 - 13:38:47 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Temp\BF466898-CB2F-4C6F-ABCA-24429A33CCBE.Diagnose.0.etl [196608]
O61 - LFC: 19/01/2014 - 13:38:35 ---A- . (...) -- C:\Users\Nanie\AppData\Local\CrashDumps\iexplore.exe(1).2928.dmp [2369962]
O61 - LFC: 19/01/2014 - 13:38:35 ---A- . (...) -- C:\Users\Nanie\AppData\Local\CrashDumps\iexplore.exe(1).3288.dmp [2407498]
O61 - LFC: 19/01/2014 - 13:38:35 ---A- . (...) -- C:\Users\Nanie\AppData\Local\CrashDumps\iexplore.exe(1).4920.dmp [2358121]
O61 - LFC: 19/01/2014 - 13:38:35 ---A- . (...) -- C:\Users\Nanie\AppData\Local\CrashDumps\iexplore.exe(1).5116.dmp [2370041]
O61 - LFC: 19/01/2014 - 13:38:35 ---A- . (...) -- C:\Users\Nanie\AppData\Local\CrashDumps\iexplore.exe.2928.dmp [2513414]
O61 - LFC: 19/01/2014 - 13:38:35 ---A- . (...) -- C:\Users\Nanie\AppData\Local\CrashDumps\iexplore.exe.3288.dmp [2535131]
O61 - LFC: 19/01/2014 - 13:38:35 ---A- . (...) -- C:\Users\Nanie\AppData\Local\CrashDumps\iexplore.exe.4920.dmp [2513969]
O61 - LFC: 19/01/2014 - 13:38:35 ---A- . (...) -- C:\Users\Nanie\AppData\Local\CrashDumps\iexplore.exe.4928.dmp [3002888]
O61 - LFC: 19/01/2014 - 13:38:35 ---A- . (...) -- C:\Users\Nanie\AppData\Local\CrashDumps\iexplore.exe.5116.dmp [2515178]
O61 - LFC: 19/01/2014 - 13:38:35 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Diagnostics\1158610846\2014011822.000\NetworkDiagnostics.debugreport.xml [73723]
O61 - LFC: 19/01/2014 - 13:38:35 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Diagnostics\1158610846\2014011822.000\ResultReport.xml [41735]
O61 - LFC: 19/01/2014 - 13:38:35 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Diagnostics\1158610846\2014011822.000\results.xml [556]
O61 - LFC: 19/01/2014 - 13:38:35 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Diagnostics\1158610846\latest.cab [22518]
O61 - LFC: 19/01/2014 - 13:38:36 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Cookies [1077248]
O61 - LFC: 19/01/2014 - 13:38:36 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal [16384]
O61 - LFC: 19/01/2014 - 13:38:36 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Current Session [271]
O61 - LFC: 19/01/2014 - 13:38:36 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT [16]
O61 - LFC: 19/01/2014 - 13:38:36 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG [151]
O61 - LFC: 19/01/2014 - 13:38:36 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-001458 [1278]
O61 - LFC: 19/01/2014 - 13:38:36 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [5]
O61 - LFC: 19/01/2014 - 13:38:38 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0 [45056]
O61 - LFC: 19/01/2014 - 13:38:38 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1 [270336]
O61 - LFC: 19/01/2014 - 13:38:38 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache [219356]
O61 - LFC: 19/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Session Storage\002625.ldb [541]
O61 - LFC: 19/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT [16]
O61 - LFC: 19/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG [264]
O61 - LFC: 19/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-002624 [275] =>.Google Inc
O61 - LFC: 19/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Shortcuts [172032]
O61 - LFC: 19/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal [16384]
O61 - LFC: 19/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Top Sites [376832]
O61 - LFC: 19/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal [16384]
O61 - LFC: 19/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\preferences [140271]
O61 - LFC: 19/01/2014 - 13:38:42 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Local State [53292]
O61 - LFC: 19/01/2014 - 13:38:43 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\09B6C2D8.TheTreasuresofMontezuma3_hbbh9szp6erha\Settings\settings.dat [8192]
O61 - LFC: 19/01/2014 - 13:38:43 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\7digitalLtd.7digitalMusicStore_qv1vc61z2t2b4\Settings\settings.dat [8192]
O61 - LFC: 19/01/2014 - 13:38:43 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\AMZNMobileLLC.KindleforWindows8_stfe6vwa9jnbp\Settings\settings.dat [8192]
O61 - LFC: 19/01/2014 - 13:38:43 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\AcerIncorporated.PackardBellExplorer_48frkmn4z8aw4\Settings\settings.dat [8192] =>.Acer Inc
O61 - LFC: 19/01/2014 - 13:38:43 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\8L3T2YZ4\amoodiesqueezie[1].json [3031] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:43 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\8L3T2YZ4\gonzaguetv[1].json [2929] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:43 --HA- . (...) -- C:\Users\Nanie\AppData\Local\IconCache.db [161708]
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\8L3T2YZ4\itnnews[1].json [3534] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\8L3T2YZ4\konbini[1].json [2886] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\8L3T2YZ4\most_viewed[1].json [37932] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\8L3T2YZ4\officialclashofclans[1].json [3065] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\8L3T2YZ4\photo[2].png [1281] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\8L3T2YZ4\rest[2].json [22057] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\8L3T2YZ4\wagramlabel[1].json [2842] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\D60P8IK9\baptetgael[1].json [2886] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\D60P8IK9\body72[1].json [3479] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\D60P8IK9\cypriengaming[1].json [2931] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\D60P8IK9\infosdontonparlepeu[1].json [2853] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\D60P8IK9\jenniferlopezvevo[1].json [2873] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\D60P8IK9\justinbiebervevo[1].json [2861] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\D60P8IK9\lafouineofficiel[1].json [2883] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\D60P8IK9\lmfaovevo[1].json [2769] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\D60P8IK9\misteryouvevo[1].json [2704] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\D60P8IK9\nmaworldedition[1].json [3136] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\D60P8IK9\photo[1].png [1625] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\D60P8IK9\recently_featured[1].json [34002] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\D60P8IK9\rest[2].json [1009] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\D60P8IK9\scorpiodigital[1].json [3044] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\D60P8IK9\thelogobigt[1].json [2897] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\KD0IH35J\iamdieudobis[1].json [2711] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\KD0IH35J\languedepub2[1].json [3054] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\KD0IH35J\misster88[1].json [2767] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\KD0IH35J\palmashow[1].json [3356] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\KD0IH35J\photo[3].png [9601] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\KD0IH35J\photo[4].png [8840] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\KD0IH35J\rest[1].json [1009] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:44 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\KD0IH35J\sexiondassautonline[1].json [2937] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\KD0IH35J\shakiravevo[1].json [2795] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\KD0IH35J\yazprodrecord[1].json [2794] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\TOB7C33P\bebelillyfrance[1].json [2812] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\TOB7C33P\benzaietv[1].json [2799] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\TOB7C33P\colonelreyelofficiel[1].json [3543] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\TOB7C33P\dezappingdubefore[1].json [3137] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\TOB7C33P\faireset2[1].json [2991] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\TOB7C33P\icanrockyourworld[1].json [2957] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\TOB7C33P\johnnydemarseille[1].json [2945] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\TOB7C33P\krJHDhK5mYl_ks9__PSbrw[1].json [3366] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\TOB7C33P\ladygagavevo[1].json [2808] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\TOB7C33P\onpcofficielle[1].json [2991] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\TOB7C33P\photo[2].png [17848] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\INetCache\TOB7C33P\photo[3].png [6368] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\AC\Microsoft\Internet Explorer\DOMStore\WMOXANGF\cyberlinkcorp.ac[1].xml [188738] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\CyberLinkCorp.ac.VideoWebCamera_ypz87dpxkv292\Settings\settings.dat [8192] =>.CyberLink Corp
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\Evernote.Evernote_q4d96b2w5wcc2\Settings\settings.dat [8192] =>.Evernote Corporation
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\Evernote.Skitch_q4d96b2w5wcc2\Settings\settings.dat [8192] =>.Evernote Corporation
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\GAMELOFTSA.SharkDash_0pp20fcewvvtj\Settings\settings.dat [8192]
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\TuneIn.TuneInRadio_6bhtb546zcxnj\Settings\settings.dat [8192]
O61 - LFC: 19/01/2014 - 13:38:45 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\esobiIncorporated.newsXpressoMetro_sngswjb5h6fyg\Settings\settings.dat [8192]
O61 - LFC: 19/01/2014 - 13:38:46 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\WeatherBug.WeatherBugbeta_j565901s17z26\Settings\settings.dat [8192]
O61 - LFC: 19/01/2014 - 13:38:46 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\ZeptoLabUKLimited.CutTheRope_sq9zxnwrk84pj\Settings\settings.dat [8192]
O61 - LFC: 19/01/2014 - 13:38:46 ---A- . (...) -- C:\Users\Nanie\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\Settings\settings.dat [8192]
O61 - LFC: 19/01/2014 - 13:38:53 ---A- . (...) -- C:\Users\Nanie\AppData\Roaming\ZHP\Log.txt [59121] =>.Nicolas Coolman
O61 - LFC: 19/01/2014 - 13:38:53 ---A- . (...) -- C:\Users\Nanie\AppData\Roaming\ZHP\TestsZHPDiag.txt [2825] =>.Nicolas Coolman
O61 - LFC: 19/01/2014 - 13:38:53 ---A- . (...) -- C:\Users\Nanie\AppData\Roaming\ZHP\ZHPADSReport.txt [351] =>.Nicolas Coolman
O61 - LFC: 19/01/2014 - 13:38:53 ---A- . (...) -- C:\Users\Nanie\AppData\Roaming\ZHP\ZHPDiag.txt [238487] =>.Nicolas Coolman
O61 - LFC: 19/01/2014 - 13:38:53 ---A- . (...) -- C:\Users\Nanie\AppData\Roaming\ZHP\ZHPFix[R1].txt [456] =>.Nicolas Coolman
~ 1 Fichiers temporaires (Temporary files)
~ Files: 143 Scanned in 00mn 29s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {65BE43EB-1D96-451C-80E4-B2E15825094D} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - http://www.google.com
~ Keys: Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [190976]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [309248]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1366016]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1160192]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99840]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll [358400]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [107520]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [62976]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [438784]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [305664]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [3279872]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [826368]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [565760]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [894464]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [151552]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [105472]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1285632]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [219648]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [80896]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [291328]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [190976]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1964544]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [47104]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [207872]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll [161792]
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [180224]

~ Services: 34 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.E96A0D9ECB4F5A219B45B16F72A46D9F] [SPRF][19/02/2013] (...) -- C:\Users\Nanie\AppData\Local\Temp\1EC67EEF-84A2-45DE-9B5D-921DC598B197.dat [39174]
[MD5.83C2D7340628FABEAD9AF90D13ED1493] [SPRF][19/02/2013] (...) -- C:\Users\Nanie\AppData\Local\Temp\2172AC83-3B9D-42B6-B625-9FD40F9401E9.dat [39518]
[MD5.14D1FC889059117E41951BF4E33CE55C] [SPRF][19/02/2013] (...) -- C:\Users\Nanie\AppData\Local\Temp\25D8D9C9-E9C8-4EE3-8372-E75609BE0A75.dat [38758]
[MD5.090ECA792FDD8C3BFCD8709B3DE6139E] [SPRF][19/02/2013] (...) -- C:\Users\Nanie\AppData\Local\Temp\6FB7C79B-7482-4F8A-BA65-DF54F03F295B.dat [39485]
[MD5.245683BDEA19B8426100863404CAEE44] [SPRF][25/09/2013] (...) -- C:\Users\Nanie\AppData\Local\Temp\setup_fsu_cid.exe [182201]
[MD5.8241B3A2AEB7371B4C21C36862F6922A] [SPRF][07/12/2013] (.Symantec Corporation - Norton Internet Security.) -- C:\Users\Nanie\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_2586.exe [999152]
~ Files: 6 Scanned in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "vm-monitoring-rpc" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "vm-monitoring-dcom" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe
O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Netlogon-TCP-RPC-In" | In - None - P6 - FALSE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "ProximityUxHost-Sharing-In-TCP-NoScope" | In - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe
O87 - FAEL: "ProximityUxHost-Sharing-Out-TCP-NoScope" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-DAS-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-DAS-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PlayTo-In-UDP-NoScope" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-UDP-LocalSubnetScope" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-NoScope" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-LocalSubnetScope" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-NoScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-LocalSubnetScope" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-SSDP-Discovery-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PlayTo-QWave-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PlayTo-QWave-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PlayTo-QWave-In-TCP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PlayTo-QWave-Out-TCP-PlayToScope" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "TPMVSCMGR-Server-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-Server-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "TPMVSCMGR-Server-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-Server-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" |In - None - P6 - TRUE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-In-TCP" |In - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-TERMSRV-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-Prov-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcx2prov.exe (.not file.)
O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-McrMgr-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcrmgr.exe (.not file.)
O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "{91AFD029-5493-48EC-A7CC-C7622D6014D4}" | In - Public - P6 - TRUE | .(.Nero AG - Nero BackItUp.) -- C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe
O87 - FAEL: "{A399A7F1-BB8D-4BBC-A9CA-D6CFAAD3BA52}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDVD 10.0.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.exe
O87 - FAEL: "{A9CF7064-53F2-44D4-8AF2-F4EEF3F36761}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files (x86)\Microsoft Office\Office12\outlook.exe =>.Microsoft Corporation
O87 - FAEL: "TCP Query User{BC18D503-E1AB-4CC4-82C0-D3509DA29A25}C:\users\nanie\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\nanie\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{AAEA22A7-302A-4D9A-8795-45D0FC1225B7}C:\users\nanie\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\nanie\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "TCP Query User{09373DCD-6CE6-4D8D-89CA-A94663E693CC}C:\users\nanie\desktop\cacaoweb.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\nanie\desktop\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{1A1C7328-D3ED-464F-BDFF-50A93E5E53A2}C:\users\nanie\desktop\cacaoweb.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\nanie\desktop\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "TCP Query User{CBC22CB8-2A12-4C7A-9741-92F4BB3409FD}C:\users\nanie\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\nanie\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{576BA4B8-E69D-4485-8FA3-6893DEC59431}C:\users\nanie\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\nanie\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
~ Firewall: 213 Scanned in 00mn 01s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "00004159070000000000000000F01FEC" . (.Microsoft Office.) -- C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe
O90 - PUC: "03FF80700C870B74180F8C6440CD67C9" . (.Nero Express Help (CHM).) -- C:\windows\Installer\{0708FF30-78C0-47B0-81F0-C84604DC769C}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945
O90 - PUC: "122113B05A506674D830A74664971465" . (.Nero RescueAgent Help (CHM).) -- c:\windows\Installer\{0B311221-05A5-4766-8D03-7A6446794156}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945
O90 - PUC: "18034D2AB7FC73649A3F2E56A15A4C8A" . (.Nero RescueAgent.) -- c:\windows\Installer\{A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}\ARPPRODUCTICON.exe
O90 - PUC: "203E62EEA6789D84098513925E9B9999" . (.Live Updater.) -- C:\windows\Installer\{EE26E302-876A-48D9-9058-3129E5B99999}\icon.ico
O90 - PUC: "2921D0FE1CF8EB147904BD1C436F4651" . (.Nero BackItUp Help (CHM).) -- c:\windows\Installer\{EF0D1292-8FC1-41BE-9740-DBC134F66415}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945
O90 - PUC: "35588CBA077879B44BE3A50946A7B536" . (.Nero ControlCenter.) -- C:\windows\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ARPPRODUCTICON.exe
O90 - PUC: "37CE0B2BA4DA61743AEDEC8A44B003B9" . (.Nero BackItUp 12 Essentials OEM.a01.) -- c:\windows\Installer\{B2B0EC73-AD4A-4716-A3DE-CEA8440B309B}\ARPPRODUCTICON.exe
O90 - PUC: "3A80BAA3921F5DB44B90EA76F43957D9" . (.Prerequisite installer.) -- C:\windows\Installer\{3AAB08A3-F129-4BD5-B409-AE674F93759D}\ARPPRODUCTICON.exe
O90 - PUC: "456BC9D3DA991034986CD0217A0967C7" . (.Identity Card.) -- C:\windows\Installer\{3D9CB654-99AD-4301-89C6-0D12A790767C}\icon.ico
O90 - PUC: "647C499C0D6CABE40BE9FDB78183B196" . (.Nero ControlCenter Help (CHM).) -- C:\windows\Installer\{C994C746-C6D0-4EBA-B09E-DF7B18381B69}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D
O90 - PUC: "7040BB568CC47CD459E2E3FEFD5006A2" . (.Nero Update.) -- C:\windows\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe
O90 - PUC: "75FA496A198926D428C4E7551A63A141" . (.eBay Worldwide.) -- c:\Windows\Installer\{A694AF57-9891-4D62-824C-7E55A1361A14}\_853F67D554F05449430E7E.exe =>Toolbar.eBay
O90 - PUC: "86C7A848CDA03914A898C2AE875EA6C0" . (.Nero Express.) -- C:\windows\Installer\{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}\ARPPRODUCTICON.exe
O90 - PUC: "A5002F70CAC8B4A4382AAD897A22AC16" . (.Recovery Management.) -- C:\windows\Installer\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}\.\Bitmaps\eRecoveryicon.ico
O90 - PUC: "C2F2B07E1D4978245B0BBCEB16E86225" . (.Nero BackItUp.) -- c:\windows\Installer\{E70B2F2C-94D1-4287-B5B0-CBBE618E2652}\ARPPRODUCTICON.exe
O90 - PUC: "DE532CED4A8571542A874CE1D8EABAB3" . (.PowerDVD.) -- C:\Windows\Installer\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\ARPPRODUCTICON.exe
O90 - PUC: "E9944D65E3CAD8B4199C7C001C844CB4" . (.Google Drive.) -- C:\Windows\Installer\{56D4499E-AC3E-4B8D-91C9-C700C148C44B}\DriveIcon
O90 - PUC: "EF9D0FB939897464189B717BEB4A6EDF" . (.Nero 12 Essentials OEM.a01.) -- C:\windows\Installer\{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}\ARPPRODUCTICON.exe
O90 - PUC: "FA0364E07BA0E0449A87A187CFF4349B" . (.Nero Launcher.) -- C:\windows\Installer\{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}\ARPPRODUCTICON.exe
~ Update Products: 54 Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.47FE6777BC5F33EC9FB4A6741E96E665] [WIS][07/12/2013] (.Google, Inc. - Google Drive.) -- C:\Windows\Installer\3121cc.msi [31694848]
~ WIS: 54 Scanned in 00mn 05s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 23/10/2012 277024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 23/08/2012 468624 | (DeviceFastLaneService) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
SS - | Auto 02/03/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 02/03/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/05/2011 136120 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 09/01/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 21/08/2012 348784 | (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
SR - | Demand 22/08/2012 658576 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
SR - | Auto 30/08/2012 28560 | (ETDService) . (.ELAN Microelectronics Corp..) - C:\Program Files\Elantech\ETDService.exe
SR - | Auto 13/07/2012 2451456 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 17/07/2012 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 17/07/2012 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 26/11/2011 687400 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 07/12/2012 93296 | (RfButtonDriverService) . (.Dritek System INC..) - C:\Windows\RfBtnSvc64.exe
SR - | Auto 17/07/2012 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 01/08/2012 81536 | (ZAtheros Wlan Agent) . (.Atheros.) - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

~ Services: Scanned in 00mn 07s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Nanie at 19/01/2014 13:39:53
~ OS 64 not supported by MBR tool

~ MBR: 0 Scanned in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Nanie at 19/01/2014 13:39:55

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13024 - (17/01/2014)
Clés trouvées (Keys found) : 5
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 4
Fichiers trouvés (Files found) : 1

[HKLM\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde] =>Toolbar.DeltaSearch^
[HKLM\Software\Google\Chrome\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl] =>Adware.PlusHD^
[HKLM\Software\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo] =>PUP.Elex^
[HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A694AF57-9891-4D62-824C-7E55A1361A14}] =>Toolbar.eBay^
C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch^
C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl =>Adware.PlusHD^
C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo =>PUP.Elex^
C:\Users\Nanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff =>Adware.MyWebSearch^
C:\Users\Nanie\Downloads\cacaoweb.exe =>PUP.CacaoWeb
~ Additionnel Scan: 191337 Items scanned in 00mn 15s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/28138048-adware-plushd =>Adware.PlusHD
~ http://nicolascoolman.webs.com/apps/blog/show/33479906-pup-elex =>PUP.Elex
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/32979753-pup-bitguard =>PUP.BitGuard
~ http://nicolascoolman.webs.com/apps/blog/show/27566847-pup-cacaoweb =>PUP.CacaoWeb
~ MSI: 6 link(s) detected in 00mn 16s



End of the scan (1680 lines in 02mn 41s)(0)

Publicité


Signaler le contenu de ce document

Publicité