Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2014.1.17.19 - Nicolas Coolman (17/01/2014)
~ Lancé par gold (23/01/2014 23:10:33)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 64-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : WQD8Q
Windows License : OK
Windows Automatic Updates : OK
---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Security Client v4.4.0304.0
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader X
Java 7 Update 45
---\\ Informations sur le système
~ Processor: AMD64 Family 16 Model 2 Stepping 3, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4093 MB (57% free)
System Restore: Activé (Enable)
System drive C: has 178 GB (39%) free of 451 GB
---\\ Mode de connexion au système
~ Computer Name: PC-DE-GOLD
~ User Name: gold
~ All Users Names: UpdatusUser, gold, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\gold\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\gold\AppData\Roaming\
~ %Desktop% : C:\Users\gold\Desktop\
~ %Favorites% : C:\Users\gold\Favorites\
~ %LocalAppData% : C:\Users\gold\AppData\Local\
~ %StartMenu% : C:\Users\gold\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 178 Go of 451 Go)
D: Hard drive, Flash drive, Thumb drive (Free 1 Go of 15 Go)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 49 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.6B08E54A451B3F95E4109DBA7E594270] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 08:10:17.) -- C:\Windows\Explorer.exe [3079168]
[MD5.117EA87DF785CA1B9D821F6F213DCE07] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:50:23.) -- C:\Windows\System32\Wininit.exe [123904]
[MD5.60CA010B705660542FB33B43C3653BA0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.15/11/2013 - 02:29:03.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.6D0773A3A65D28B663F334C90441D01A] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 08:11:08.) -- C:\Windows\System32\Winlogon.exe [405504]
[MD5.2BA159E1F9FD75F6A496742B20F1D9CF] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.04/09/2013 - 03:31:51.) -- C:\Windows\system32\Drivers\AFD.sys [404992]
[MD5.1898FAE8E07D97F2F6C2D5326C633FAC] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.21/01/2008 - 03:46:50.) -- C:\Windows\system32\Drivers\atapi.sys [22584]
[MD5.B4D787DB8D30793A4D4DF9FEED18F136] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:50:39.) -- C:\Windows\system32\Drivers\Cdfs.sys [90624]
[MD5.C025AA69BE3D0D25C7A2E746EF6F94FC] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 06:34:39.) -- C:\Windows\system32\Drivers\Cdrom.sys [79872]
[MD5.8B722BA35205C71E7951CDC4CDBADE19] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 16:14:19.) -- C:\Windows\system32\Drivers\DfsC.sys [97792]
[MD5.F942C5820205F2FB453243EDFEC82A3D] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 06:39:41.) -- C:\Windows\system32\Drivers\HDAudBus.sys [948736]
[MD5.CBB597659A2713CE0C9CC20C88C7591F] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:46:59.) -- C:\Windows\system32\Drivers\i8042prt.sys [64000]
[MD5.B7E6212F581EA5F6AB0C3A6CEEEB89BE] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:48:45.) -- C:\Windows\system32\Drivers\IpNat.sys [115712]
[MD5.1485811B320FF8C7EDAD1CAEBB1C6C2B] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:39:34.) -- C:\Windows\system32\Drivers\MRxSmb.sys [135680]
[MD5.FC2C792EBDDC8E28DF939D6A92C83D61] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 06:42:33.) -- C:\Windows\system32\Drivers\netBT.sys [248320]
[MD5.2ACCAA3C3C55370A32F17B3595E1A217] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:13:14.) -- C:\Windows\system32\Drivers\ntfs.sys [1513320]
[MD5.AECD57F94C887F58919F307C35498EA0] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 10:37:57.) -- C:\Windows\system32\Drivers\Parport.sys [96768]
[MD5.AC7BC4D42A7E558718DFDEC599BBFC2C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.11/04/2009 - 06:43:38.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.C045D1FB111C28DF0D1BE8D4BDA22C06] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:46:51.) -- C:\Windows\system32\Drivers\rdpdr.sys [314368]
[MD5.290B6F6A0EC4FCDFC90F5CB6D7020473] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 06:42:19.) -- C:\Windows\system32\Drivers\smb.sys [88064]
[MD5.458919C8C42E398DC4802178D5FFEE27] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 06:43:00.) -- C:\Windows\system32\Drivers\tdx.sys [94720]
[MD5.582F710097B46140F5A89A19A6573D4B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:50:57.) -- C:\Windows\system32\Drivers\volsnap.sys [267648]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/3410
~ Mes musiques (My Musics) : 0/0
~ Mes Videos (My Videos) : 1/109
~ Mes Favoris (My Favorites) : 1/9
~ Mes Documents (My Documents) : 1/55688
~ Mon Bureau (My Desktop) : 1/7
~ Menu demarrer (Programs) : 1/27
~ Hidden Files: Scanned in 00mn 04s
---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2888]
[MD5.F1AA26C6F261C28D42994CF46F3F83B7] - (.Pas de propriétaire - cspep.) -- C:\Program Files (x86)\cspep\cspep.exe [684032] [PID.920]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\SysWOW64\conime.exe [69120] [PID.2100]
[MD5.8E5651B04BE775696B32F7F1F5DA8871] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8336896] [PID.3772]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [PID.1168]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.2232]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.2284]
[MD5.974A1F783ED34588B45FAD6375077BA6] - (.Hewlett-Packard Company - SolutionsFrameworkService.) -- C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [46904] [PID.2480]
[MD5.5B1F7C0EE4C968D0DAE6736AF328B502] - (.Logitech Inc. - Logitech LVPrS64H Module..) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe [125464] [PID.2636]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2704]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.2772]
[MD5.3C7BE29B76F837DB7CC44844EACAE78B] - (.Nalpeiron Ltd. - This service enables products that use the.) -- C:\Windows\SysWOW64\NLSSRV32.exe [69640] [PID.2852]
[MD5.25B58FC4564A6B175BCFC9FC34CFE0C6] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [247152] [PID.2912]
[MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000] [PID.2992]
[MD5.A21E58F345F337316A98C5121CBE17E8] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [93072] [PID.2080]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://kogoa.com
G0 - GCSP: Preference [User Data\Default] http://www.google.fr
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [kbjlipmgfoamgjaogmbihaffnpkpjajp] Bubble Dock v.1.0.0.130 (Désactivé) =>PUP.BubbleDock
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call v.5.9.0.9216 (Désactivé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)
~ Google Browser: 16 Scanned in 00mn 12s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\gold\AppData\Roaming\Mozilla\Firefox\Profiles\oboqkui3.default\prefs.js
M3 - MFPP: Plugins - [gold] -- C:\Users\gold\AppData\Roaming\Mozilla\Firefox\Profiles\oboqkui3.default\searchplugins\Wibeez.xml
M2 - MFEP: prefs.js [gold - oboqkui3.default\50819c80b1756@50819c80b178e.com] [] SaveAs v2 (..)
M2 - MFEP: prefs.js [gold - oboqkui3.default\crossriderapp2258@crossrider.com] [] I Want This v2 (..) =>PUP.CrossRider
M2 - MFEP: prefs.js [gold - oboqkui3.default\{40a1f5d7-afc2-498f-b264-02668d616ff6}] [] Mega Manager Integration v1.1 (..)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.7.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
~ Firefox Browser: 20 Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.bing.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com
~ IE Browser: 21 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.dll
~ BHO: 2 Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2CDCBCF7-7969-43F5-AC59-91DED800EDDF} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{09A07B02-F491-4B6B-BFC9-684A624F4F3B} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Adobe Reader X.lnk . (.Adobe Systems Incorporated - Adobe Reader.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
O4 - GS\Desktop [Public]: Centre de solutions HP.lnk . (.Hewlett-Packard Company - hpqdirec.exe.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqdirec.exe
O4 - GS\Desktop [Public]: Choix de navigateur .lnk . (.Microsoft Corporation - Choix de navigateur .) -- C:\Windows\System32\browserchoice.exe
O4 - GS\Desktop [Public]: Convertisseur PDF Pro.lnk . (.SmartSoft - Convertisseur PDF Pro.) -- C:\Program Files\Convertisseur PDF Pro\Convertisseur PDF Pro.exe
O4 - GS\Desktop [Public]: Développement de photos online.lnk - Clé orpheline
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Google Earth.lnk . (.Google - Google Earth.) -- C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe =>.Google Inc
O4 - GS\Desktop [Public]: Help and Support.lnk - Clé orpheline
O4 - GS\Desktop [Public]: HP Photosmart Essential 3.5.lnk . (.Hewlett-Packard Development Co. L.P. - HP Photosmart Essential Software.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe =>.Hewlett-Packard Co
O4 - GS\Desktop [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Public]: iTunes.lnk . (.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe
O4 - GS\Desktop [Public]: Jouer à HP Games.lnk . (...) -- C:\Program Files (x86)\HP Games\onplay\onplay.exe
O4 - GS\Desktop [Public]: Logiciel Logitech Webcam.lnk . (...) -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe =>.Logitech Inc
O4 - GS\Desktop [Public]: Ma-Config.com - Démarrer la détection.lnk . (...) -- C:\Program Files (x86)\ma-config.com\MCDetection.exe (.not file.)
O4 - GS\Desktop [Public]: QuickTime Player.lnk . (.Apple Inc. - QuickTime Player.) -- C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe =>.Apple Inc
O4 - GS\Desktop [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Desktop [Public]: VLC media player.lnk . (...) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN
O4 - GS\Desktop [Public]: VPlayer.lnk . (...) -- C:\Windows\Installer\{BA8B8ADA-084F-4F79-A0CA-6E58A0808794}\_7C62873CCFADC86FED3CB7.exe
O4 - GS\Program [Public]: Adobe Reader X.lnk . (...) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O4 - GS\Program [Public]: Microsoft Access.lnk . (...) -- C:\Windows\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\accicons.exe
O4 - GS\Program [Public]: Microsoft Excel.lnk . (...) -- C:\Windows\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\xlicons.exe
O4 - GS\Program [Public]: Microsoft Outlook.lnk . (...) -- C:\Windows\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\outicon.exe
O4 - GS\Program [Public]: Microsoft PowerPoint.lnk . (...) -- C:\Windows\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\pptico.exe
O4 - GS\Program [Public]: Microsoft Security Essentials.lnk . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - GS\Program [Public]: Microsoft Word.lnk . (...) -- C:\Windows\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\wordicon.exe
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\System32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) -- C:\Windows\System32\mblctr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: NetworkProjection.lnk . (.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\System32\NetProj.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\System32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\System32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sidebar.lnk . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) -- C:\Windows\System32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\System32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Backup.lnk . (.Microsoft Corporation - Sauvegarde Microsoft® Windows.) -- C:\Windows\System32\sdclt.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\System32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) -- C:\Windows\System32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\SysWOW64\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: migwiz.lnk . (.Microsoft Corporation - Transfert de fichiers et paramètres Windows.) -- C:\Windows\System32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) -- C:\Windows\System32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\System32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\System32\taskschd.msc
O4 - GS\QuickLaunch [gold]: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch [gold]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [gold]: HP MediaSmart.lnk . (...) -- c:\Windows\Installer\{D2E8F543-D23A-4A38-AFFC-4BDEBFBA6FDA}\_BD15A4BF3888028F418EC7.exe
O4 - GS\QuickLaunch [gold]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [gold]: Microsoft Outlook.lnk . (.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.exe
O4 - GS\QuickLaunch [gold]: Pages Annuaire.lnk - Clé orpheline
O4 - GS\QuickLaunch [gold]: QuickTime Player.lnk - Clé orpheline =>.Apple Inc
O4 - GS\QuickLaunch [gold]: qvo6.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>Hijacker.Qvo6
O4 - GS\QuickLaunch [gold]: Skype (2).lnk - Clé orpheline
O4 - GS\QuickLaunch [gold]: Skype (3).lnk - Clé orpheline
O4 - GS\QuickLaunch [gold]: Skype (4).lnk - Clé orpheline
O4 - GS\QuickLaunch [gold]: Skype (5).lnk - Clé orpheline
O4 - GS\QuickLaunch [gold]: Skype.lnk - Clé orpheline
O4 - GS\QuickLaunch [gold]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Program [gold]: Create Amazing Presentations.lnk - Clé orpheline
O4 - GS\Program [gold]: CyberLink DVD Suite Deluxe.lnk . (.CyberLink - PowerStarter.) -- C:\Program Files (x86)\Cyberlink\CyberLink DVD Suite Deluxe\PowerStarter.exe
O4 - GS\Program [gold]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [gold]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [gold]: Magic Desktop.lnk . (.EasyBits Software AS - EasyBits Security Shield.) -- C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe =>.EasyBits Software AS
O4 - GS\Program [gold]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O4 - GS\Accessories [gold]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [gold]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\System32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [gold]: Run.lnk - Clé orpheline
O4 - GS\Accessories [gold]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [gold]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo [gold]: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - GS\Desktop [gold]: DivX Movies.lnk . (...) -- C:\Users\gold\Videos\DivX Movies
O4 - GS\Desktop [gold]: Edilingua Progetto italiano 1.lnk . (.Adobe Systems, Inc. - Adobe Projector.) -- C:\Program Files (x86)\Edilingua\Progetto Italiano 1\Edilingua.exe
O4 - GS\Desktop [gold]: Edilingua Progetto Italiano 2.lnk . (.Adobe Systems, Inc. - Adobe Projector.) -- C:\Program Files (x86)\Edilingua\Progetto Italiano 2\Progetto italiano 2.exe
O4 - GS\Desktop [gold]: hpqdirec - Raccourci.lnk . (.Hewlett-Packard Company - hpqdirec.exe.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqdirec.exe
O4 - GS\Desktop [gold]: Microsoft Office - Raccourci.lnk . (...) -- C:\Microsoft Office
O4 - GS\Desktop [gold]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 76 Scanned in 00mn 00s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [Windows Defender] C:\Program Files (x86)\Windows Defender\MSASCui.exe (.not file.)
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKLM\..\Wow6432Node\Run: [fst_fr_9] Clé orpheline =>PUA.FSTfr9
O4 - HKLM\..\Wow6432Node\Run: [eorezo_fr_3] Clé orpheline =>PUP.Eorezo
O4 - HKLM\..\Wow6432Node\RunOnce: [cspep.exe] . (.Pas de propriétaire - cspep.) -- C:\Program Files (x86)\cspep\cspep.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-21-2110523243-1586633563-1267511211-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2110523243-1586633563-1267511211-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Winsock: 7 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5A58E81-FFBE-4C5C-882F-242193A8E487}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD35B60D-4EEC-4166-B12A-2A209B7DF13F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{C5A58E81-FFBE-4C5C-882F-242193A8E487}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{CD35B60D-4EEC-4166-B12A-2A209B7DF13F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{C5A58E81-FFBE-4C5C-882F-242193A8E487}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{CD35B60D-4EEC-4166-B12A-2A209B7DF13F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon [64Bits] - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Google Software Updater (gusvc) . (.Google - gusvc.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company - SolutionsFrameworkService.) - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Process Monitor (LVPrcS64) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Ma-Config Agent (MaConfigAgent) . (.CybelSoft - Service de détection matériel.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) . (.Nalpeiron Ltd. - This service enables products that use the.) - C:\Windows\SysWOW64\NLSSRV32.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 185.8.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Skype C2C Service (Skype C2C Service) . (.Skype Technologies S.A. - Skype C2C Service.) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
~ Services: 18 Scanned in 00mn 04s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Windows\Web\Wallpaper\awisp_2650x1600.jpg
O24 - Desktop General: WallPaper - .(...) - C:\Windows\Web\Wallpaper\awisp_2650x1600.jpg
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Google Software Updater.job [1012]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1060]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PCDRScheduledMaintenance.job [552]
[MD5.00000000000000000000000000000000] [APT] [4603] (...) -- C:\Users\gold\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0]
[MD5.5D4BC124FAAE6730AC002CDB67BF1A1C] [APT] [Google Software Updater] (.Google.) -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [194032]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-2110523243-1586633563-1267511211-1000Core] (...) -- C:\Users\gold\AppData\Local\Google\Update\GoogleUpdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-2110523243-1586633563-1267511211-1000UA] (...) -- C:\Users\gold\AppData\Local\Google\Update\GoogleUpdate.exe (.not file.) [0]
[MD5.0C8A70BC3BAAF7BF69DCA495C1E1AB79] [APT] [HP Health Check] (.Hewlett-Packard.) -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75016]
[MD5.8B84B3ECFB9D6B50B989D6DB8143F365] [APT] [PCDRScheduledMaintenance] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2951664]
[MD5.00000000000000000000000000000000] [APT] [{0B1723BE-F79D-42B9-9F92-8A78475D9FE4}] (...) -- E:\Installer.exe (.not file.) [0]
[MD5.299CDAF86E27484EAAA243D3288AF0D8] [APT] [{1B995D34-B695-4D26-BD70-D730180E772C}] (...) -- C:\Users\gold\Downloads\install_easyshare-8.3.exe [1857488]
[MD5.00000000000000000000000000000000] [APT] [{399EBF39-C22E-4998-AB48-7A042E872016}] (...) -- c:\users\gold\appdata\local\lollipop\lollipop.bat (.not file.) [0] =>Adware.Lollipop
[MD5.00000000000000000000000000000000] [APT] [{53A88AC9-2BEC-432B-A314-B58163F46226}] (...) -- E:\install.exe (.not file.) [0]
[MD5.58920E6A409046BA06548D9D139CE0F0] [APT] [{84F19DD7-D68E-4F0A-9D5D-51B93C992B71}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608]
[MD5.00000000000000000000000000000000] [APT] [{A14C805F-DC04-4B4A-9306-6EA3C286D840}] (...) -- E:\install.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A5276905-DB72-49DB-8363-4D7AB70C19B8}] (...) -- C:\Users\gold\Desktop\fichier\Program Files\BeWAN ADSL V1.9.0.5\Disk1\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AB3AF08B-A7D1-48B0-8E4A-54C0E026C363}] (...) -- C:\Users\gold\Downloads\sp43080.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F890B5F2-6738-47C7-B750-709BC373A47F}] (...) -- E:\Disk1\setup.exe (.not file.) [0]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
~ Scheduled Task: 25 Scanned in 00mn 02s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
~ Drivers: 60 Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: 64 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM][64Bits] -- {78F697ED-EC97-4D8D-881D-838984EA9855}
O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM][64Bits] -- AVS Update Manager_is1
O42 - Logiciel: AVS4YOU Software Navigator 1.4 - (.Online Media Technologies Ltd..) [HKLM][64Bits] -- AVS4YOU Software Navigator_is1
O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {254C37AA-6B72-4300-84F6-98A82419187E}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 12 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.9) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {46F044A5-CE8B-4196-984E-5BD6525E361D}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {C6579A65-9CAE-4B31-8B6B-3306E0630A66} =>.Apple Inc
O42 - Logiciel: BeWAN ADSL modem - (...) [HKLM][64Bits] -- StmAdsl
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: CCScore - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
O42 - Logiciel: Coffret de pilotes Logitech Webcam Software - (.Logitech Inc..) [HKLM][64Bits] -- lvdrivers_12.0 =>.Logitech Inc
O42 - Logiciel: Convertisseur PDF Pro 6.3.0.467 - (.Smart Soft.) [HKLM][64Bits] -- Convertisseur PDF Pro_is1
O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM][64Bits] -- {B7050CBDB2504B34BC2A9CA0A692CC29}
O42 - Logiciel: ESSBrwr - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {643EAE81-920C-4931-9F0B-4B343B225CA6}
O42 - Logiciel: ESSCDBK - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
O42 - Logiciel: ESSPCD - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
O42 - Logiciel: ESSPDock - (.Nom de votre société.) [HKLM][64Bits] -- {FCDB1C92-03C6-4C76-8625-371224256091}
O42 - Logiciel: ESSSONIC - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {073F22CE-9A5B-4A40-A604-C7270AC6BF34}
O42 - Logiciel: ESSTOOLS - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {8A502E38-29C9-49FA-BCFA-D727CA062589}
O42 - Logiciel: ESScore - (.Nom de votre société.) [HKLM][64Bits] -- {42938595-0D83-404D-9F73-F8177FDD531A}
O42 - Logiciel: ESSgui - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {91517631-A9F3-4B7C-B482-43E0068FD55A}
O42 - Logiciel: ESSini - (.Nom de votre société.) [HKLM][64Bits] -- {8E92D746-CD9F-4B90-9668-42B74C14F765}
O42 - Logiciel: Falsh Player 10 - (...) [HKLM][64Bits] -- {4C5F4B75-32D1-472B-90DF-26A3181D7597}_is1
O42 - Logiciel: Favorit (ilvazdg) - (...) [HKLM][64Bits] -- ilvazdg =>Adware.Favorit
O42 - Logiciel: FlashPlayer - (.Tuguu SL.) [HKLM][64Bits] -- {BA8B8ADA-084F-4F79-A0CA-6E58A0808794} =>PUP.VAFPlayer
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {C768790F-04FB-11E0-9B2C-001AA037B01E}
O42 - Logiciel: HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {0295F89F-F698-4101-9A7D-49F407EC2D82}
O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM][64Bits] -- {73A43E42-3658-4DD9-8551-FACDA3632538}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {B84739A3-F943-47E4-95D8-96381EF5AC48}
O42 - Logiciel: HP Customer Participation Program 9.0 - (.HP.) [HKLM][64Bits] -- HPExtendedCapabilities
O42 - Logiciel: HP Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent hp Master Uninstall
O42 - Logiciel: HP Imaging Device Functions 9.0 - (.HP.) [HKLM][64Bits] -- HP Imaging Device Functions
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM][64Bits] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM][64Bits] -- {B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart SmartMenu - (.Hewlett-Packard.) [HKLM][64Bits] -- {D2E8F543-D23A-4A38-AFFC-4BDEBFBA6FDA}
O42 - Logiciel: HP OCR Software 9.0 - (.HP.) [HKLM][64Bits] -- HPOCR
O42 - Logiciel: HP Photosmart All-In-One Software 9.0 - (.HP.) [HKLM][64Bits] -- {B09BCBF6-87EE-4403-A336-3A9510856535} =>.Hewlett-Packard Co
O42 - Logiciel: HP Photosmart Essential 3.5 - (.HP.) [HKLM][64Bits] -- HP Photosmart Essential =>.Hewlett-Packard Co
O42 - Logiciel: HP Picasso Media Center Add-In - (.HP.) [HKLM][64Bits] -- {55979C41-7D6A-49CC-B591-64AC1BBE2C8B}
O42 - Logiciel: HP Product Assistant - (.Hewlett-Packard.) [HKLM][64Bits] -- {36FDBE6E-6684-462B-AE98-9A39A1B200CC}
O42 - Logiciel: HP Recovery Manager RSS - (.Hewlet Packard Company.) [HKLM][64Bits] -- {A0640EC2-B97E-4FC1-AD14-227C9E386BB4}
O42 - Logiciel: HP Remote Software - (.Hewlett-Packard.) [HKLM][64Bits] -- {5F240DB8-0D74-4F13-86C3-929760392A8D}
O42 - Logiciel: HP Smart Web Printing 4.60 - (.HP.) [HKLM][64Bits] -- HP Smart Web Printing
O42 - Logiciel: HP Solution Center 9.0 - (.HP.) [HKLM][64Bits] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: HP Support Solutions Framework - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {23CCE784-A812-4647-AEFF-1DCCD4E57478}
O42 - Logiciel: HP Total Care Setup - (.Hewlett-Packard.) [HKLM][64Bits] -- {784BEA84-FA66-4B19-BB80-7B545F248AC6}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {DDD5104F-1C44-49EB-9E6B-29EC5D27658B}
O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}
O42 - Logiciel: HPSSupply - (.Nom de votre société.) [HKLM][64Bits] -- {487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
O42 - Logiciel: Java 7 Update 45 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217025FF}
O42 - Logiciel: JavaFX 2.1.1 - (.Oracle Corporation.) [HKLM][64Bits] -- {1111706F-666A-4037-7777-211328764D10}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: Logitech QuickCapture Gadget - (.Nom de votre société.) [HKLM][64Bits] -- {91AF9255-01D7-4F8C-960B-CA2F4C8E7C99}
O42 - Logiciel: Logitech Vid HD - (.Logitech Inc...) [HKLM][64Bits] -- Logitech Vid
O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM][64Bits] -- {D4DF3FD3-4467-47EF-8D4A-AF1E691E34F5} =>.Logitech Inc
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Ma-Config.com (64 bits) - (.Cybelsoft.) [HKLM][64Bits] -- {5DA27AE6-4460-4380-BABC-BB79E1D109D8}
O42 - Logiciel: Magic Desktop - (.EasyBits Software AS.) [HKLM][64Bits] -- EasyBits Magic Desktop =>.EasyBits Software AS
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {E102B843-786A-4F58-AF75-6504570E207B}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {DC911ADF-7B60-40F2-A112-FB1EB6402D07}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Mises à jour NVIDIA 1.11.3 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA Pilote audio HD : 1.3.18.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: NVIDIA Pilote graphique 311.06 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: OfotoXMI - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
O42 - Logiciel: Outils de diagnostic du matériel - (.PC-Doctor, Inc..) [HKLM][64Bits] -- PC-Doctor for Windows
O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM][64Bits] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}
O42 - Logiciel: Photorécit 3 pour Windows - (.Microsoft Corporation.) [HKLM][64Bits] -- {4F41AD68-89F2-4262-A32C-2F70B01FCE9E}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: Progetto Italiano 1 - (.Edilingua.) [HKLM][64Bits] -- {27B2CE9E-C428-4922-89AD-F4C19D4294C0}
O42 - Logiciel: Progetto Italiano 2 - (.Edilingua.) [HKLM][64Bits] -- {77FBBDA9-B9A7-4BF7-A861-6B1FCEC3FDC1}
O42 - Logiciel: Python 2.6 pywin32-212 - (.Python Software Foundation.) [HKLM][64Bits] -- pywin32-py2.6
O42 - Logiciel: Python 2.6.1 - (.Python Software Foundation.) [HKLM][64Bits] -- {9CC89170-000B-457D-91F1-53691F85B223}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {B67BAFBA-4C9F-48FA-9496-933E3B255044}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SFR - (.Eastman Kodak Company.) [HKLM][64Bits] -- {DB02F716-6275-42E9-B8D2-83BA2BF5100B}
O42 - Logiciel: SFR - Kit de connexion - (.SFR.) [HKLM][64Bits] -- SFR_Kit
O42 - Logiciel: SHASTA - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {605A4E39-613C-4A12-B56F-DEFBE6757237}
O42 - Logiciel: SKINXSDK - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM][64Bits] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM][64Bits] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM][64Bits] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM][64Bits] -- {B6CF2967-C81E-40C0-9815-C05774FEF120}
O42 - Logiciel: Skype™ 6.11 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: Soldier of Fortune Payback - (.Activision Value.) [HKLM][64Bits] -- {11BFB898-71E5-488A-A8FF-0E462667FB72}
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-5464-3428-900000000004}
O42 - Logiciel: Todae - Live Media - (.Todae.fr.) [HKLM][64Bits] -- Live Media
O42 - Logiciel: TomTom HOME - (.Nom de votre société.) [HKLM][64Bits] -- {EC5F4C1B-F838-4CB7-8561-8F809296428B}
O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM][64Bits] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
O42 - Logiciel: VC80CRTRedist - 8.0.50727.762 - (.DivX, Inc.) [HKLM][64Bits] -- {767CC44C-9BBC-438D-BAD3-FD4595DD148B}
O42 - Logiciel: VLC media player 2.0.2 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: VPRINTOL - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {999D43F4-9709-4887-9B1A-83EBB15A8370}
O42 - Logiciel: VuuPC Packages - (...) [HKCU][64Bits] -- VuuPC Packages =>PUP.VuuPC
O42 - Logiciel: WIRELESS - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {F9593CFB-D836-49BC-BFF1-0E669A411D9F}
O42 - Logiciel: Webplayer setup version 1.0 - (...) [HKLM][64Bits] -- {A3B277D2-6D43-4E78-8D73-6DA4370D689D}_is1 =>Adware.SocialSkinz
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM][64Bits] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} =>.Microsoft Corporation
O42 - Logiciel: cspep.0 - (.cspep.) [HKLM][64Bits] -- cspep_is1
O42 - Logiciel: essvatgt - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
O42 - Logiciel: fflink - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {608D2A3C-6889-4C11-9B54-A42F45ACBFDB}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}
O42 - Logiciel: kgcbaby - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {E18B549C-5D15-45DA-8D8F-8FD2BD946344}
O42 - Logiciel: kgcbase - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
O42 - Logiciel: kgchday - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {11F3F858-4131-4FFA-A560-3FE282933B6E}
O42 - Logiciel: kgchlwn - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {03EDED24-8375-407D-A721-4643D9768BE1}
O42 - Logiciel: kgcinvt - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {9BD54685-1496-46A5-AB62-357CD140ED8B}
O42 - Logiciel: kgckids - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {693C08A7-9E76-43FF-B11E-9A58175474C4}
O42 - Logiciel: kgcmove - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {A1588373-1D86-4D44-86C9-78ABD190F9CC}
O42 - Logiciel: kgcvday - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {8A8664E1-84C8-4936-891C-BC1F07797549}
O42 - Logiciel: netbrdg - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {4537EA4B-F603-4181-89FB-2953FC695AB1}
O42 - Logiciel: skin0001 - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {5316DFC9-CE99-4458-9AB3-E8726EDE0210}
O42 - Logiciel: sp44626 - (.Hewlett-Packard.) [HKLM][64Bits] -- sp44626
O42 - Logiciel: staticcr - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {8943CE61-53BD-475E-90E1-A580869E98A2}
O42 - Logiciel: tooltips - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {E79987F0-0E34-42CC-B8FF-6C860AEEB26A}
~ Logic: 90 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AOL]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\Softonic.fr] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\electroLyrics] =>Adware.AddLyrics
[HKCU\Software\AppDataLow\Software\iGraal]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software\temp]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Binary Noise]
[HKCU\Software\BitDefender]
[HKCU\Software\BugSplat]
[HKCU\Software\Chromium]
[HKCU\Software\Classes.crx]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\DM]
[HKCU\Software\DefaultPackStatus]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DriverTurbo]
[HKCU\Software\EasyBits]
[HKCU\Software\EffectMgr]
[HKCU\Software\FileOpen]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\IncrediMail]
[HKCU\Software\Iris]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Kodak]
[HKCU\Software\Lake]
[HKCU\Software\Leadertech]
[HKCU\Software\Licenses]
[HKCU\Software\LightScribe]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\LogiShrd]
[HKCU\Software\Logitech]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MightyUninstaller]
[HKCU\Software\MimarSinan]
[HKCU\Software\Modern UI Test]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Neuf]
[HKCU\Software\Nitro PDF]
[HKCU\Software\Nitro]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\PC Cleaner] =>USP.PCCleaner
[HKCU\Software\Policies]
[HKCU\Software\SkypeApps]
[HKCU\Software\Skype]
[HKCU\Software\Smart Soft]
[HKCU\Software\Softthinks]
[HKCU\Software\Software]
[HKCU\Software\SolidDocuments]
[HKCU\Software\Todae]
[HKCU\Software\TomTom]
[HKCU\Software\Trolltech]
[HKCU\Software\VirginMega]
[HKCU\Software\WZC1218477 Save]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\Winamp]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\cspep]
[HKCU\Software\keyhole.com]
[HKCU\Software\nuevos-programas.com]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IM Providers]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\LogiShrd]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Smart Soft]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\WildTangent]
[HKLM\Software\Wow6432Node\AVS4YOU]
[HKLM\Software\Wow6432Node\AdobeFlashPlayerUpdate]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\America Online]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Avg]
[HKLM\Software\Wow6432Node\BitDefender]
[HKLM\Software\Wow6432Node\CLSID]
[HKLM\Software\Wow6432Node\Cauldron]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DivXNetworks]
[HKLM\Software\Wow6432Node\EasyBits]
[HKLM\Software\Wow6432Node\FlvPlayer]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\HP]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\ICE]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Interface]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Kodak]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Loader]
[HKLM\Software\Wow6432Node\LogiShrd]
[HKLM\Software\Wow6432Node\Logitech]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\MajEoRezo] =>PUP.Eorezo
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\NVIDIA Corporation]
[HKLM\Software\Wow6432Node\Nalpeiron]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\Neuf]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OldTimer Tools]
[HKLM\Software\Wow6432Node\Oracle]
[HKLM\Software\Wow6432Node\PC-Doctor]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\SolidDocuments]
[HKLM\Software\Wow6432Node\SymNRT]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Todae]
[HKLM\Software\Wow6432Node\TomTom]
[HKLM\Software\Wow6432Node\VBMZ] =>PUP.Duuqu
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\VirginMega]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\Wilson WindowWare]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\dotNetInstaller]
[HKLM\Software\Wow6432Node\mcafeeupdater]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
[HKLM\Software\ZSMC]
[HKLM\Software\cybelsoft]
~ Key Software: 406 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 19/09/2009 - 20:53:48 - [12,099] ----D C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD: 04/12/2013 - 01:11:25 - [13,898] ----D C:\Program Files (x86)\Activision Value
O43 - CFD: 04/12/2013 - 01:11:25 - [210,062] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 29/06/2011 - 17:49:52 - [2,201] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc
O43 - CFD: 04/08/2010 - 20:58:42 - [19,127] ----D C:\Program Files (x86)\AVS4YOU
O43 - CFD: 16/08/2009 - 21:14:57 - [2,725] ----D C:\Program Files (x86)\BeWAN ADSL V1.9.0.10
O43 - CFD: 14/08/2009 - 14:30:14 - [2,663] ----D C:\Program Files (x86)\BeWAN ADSL V1.9.0.5
O43 - CFD: 01/06/2012 - 19:53:55 - [0,586] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 08/02/2013 - 23:36:43 - [0,545] ----D C:\Program Files (x86)\CDex
O43 - CFD: 10/01/2014 - 14:48:32 - [755,447] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 23/01/2014 - 22:54:24 - [1,807] ----D C:\Program Files (x86)\cspep
O43 - CFD: 04/12/2013 - 01:11:26 - [861,362] ----D C:\Program Files (x86)\Cyberlink
O43 - CFD: 13/09/2009 - 22:45:35 - [4,586] ----D C:\Program Files (x86)\DivX
O43 - CFD: 02/12/2013 - 21:08:42 - [86,610] ----D C:\Program Files (x86)\EasyBits For Kids
O43 - CFD: 03/02/2012 - 12:00:14 - [785,350] ----D C:\Program Files (x86)\Edilingua
O43 - CFD: 23/09/2009 - 20:03:13 - [2,115] ----D C:\Program Files (x86)\FP
O43 - CFD: 04/12/2013 - 13:35:30 - [628,238] ----D C:\Program Files (x86)\Google
O43 - CFD: 30/05/2009 - 17:30:27 - [582,000] ----D C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 25/01/2010 - 18:26:56 - [279,599] ----D C:\Program Files (x86)\HP
O43 - CFD: 30/05/2009 - 17:38:27 - [286,482] ----D C:\Program Files (x86)\HP Games
O43 - CFD: 04/12/2013 - 01:11:29 - [78,039] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 11/12/2013 - 21:36:09 - [5,974] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 11/12/2013 - 22:59:49 - [184,756] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 24/10/2013 - 09:53:01 - [30,318] ----D C:\Program Files (x86)\Java
O43 - CFD: 09/01/2010 - 13:40:11 - [0] ----D C:\Program Files (x86)\Lead Pursuit
O43 - CFD: 10/09/2010 - 14:36:08 - [133,425] ----D C:\Program Files (x86)\Logitech
O43 - CFD: 22/01/2014 - 20:30:22 - [13,264] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 15/09/2013 - 12:20:23 - [6,533] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 20/09/2010 - 14:52:46 - [38,002] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 10/08/2011 - 09:49:34 - [0] ----D C:\Program Files (x86)\Microsoft Antimalware
O43 - CFD: 22/08/2009 - 02:28:10 - [0,764] ----D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 09/11/2011 - 22:47:47 - [1015,860] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 14/11/2013 - 11:45:10 - [1,502] ----D C:\Program Files (x86)\Microsoft Security Client
O43 - CFD: 11/10/2013 - 11:26:15 - [40,851] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 10/10/2012 - 15:09:25 - [137,975] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 20/09/2010 - 14:56:58 - [7,797] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 30/07/2013 - 23:36:02 - [6,219] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 02/11/2006 - 16:07:27 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 22/08/2009 - 02:28:14 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 09/11/2011 - 22:47:48 - [0] ----D C:\Program Files (x86)\Nemo PDF Converter 4.0
O43 - CFD: 20/10/2011 - 15:41:08 - [0] ----D C:\Program Files (x86)\Nero
O43 - CFD: 04/12/2013 - 01:11:31 - [2,974] ----D C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 13/08/2009 - 18:05:13 - [0,305] R---D C:\Program Files (x86)\Online Services
O43 - CFD: 15/06/2012 - 21:47:50 - [33,205] ----D C:\Program Files (x86)\Oracle
O43 - CFD: 12/01/2012 - 14:32:42 - [15,658] ----D C:\Program Files (x86)\Photo Story 3 for Windows
O43 - CFD: 30/05/2009 - 16:32:23 - [61,949] ----D C:\Program Files (x86)\Python
O43 - CFD: 05/07/2013 - 22:06:57 - [73,545] ----D C:\Program Files (x86)\QuickTime
O43 - CFD: 30/05/2009 - 16:55:36 - [73,919] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 02/11/2006 - 16:07:27 - [36,906] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 01/06/2012 - 20:05:43 - [102,605] ----D C:\Program Files (x86)\Safari
O43 - CFD: 21/08/2009 - 12:46:02 - [13,955] ----D C:\Program Files (x86)\SFR
O43 - CFD: 11/12/2013 - 19:21:56 - [49,238] R---D C:\Program Files (x86)\Skype
O43 - CFD: 09/01/2014 - 13:17:46 - [35,881] ----D C:\Program Files (x86)\SMINST
O43 - CFD: 12/11/2013 - 22:44:39 - [0,132] ----D C:\Program Files (x86)\Snapshot Viewer
O43 - CFD: 30/05/2009 - 16:55:48 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 12/05/2011 - 20:05:21 - [0] ----D C:\Program Files (x86)\TomTom HOME
O43 - CFD: 01/03/2013 - 15:37:27 - [49,283] ----D C:\Program Files (x86)\TomTom HOME 2
O43 - CFD: 12/05/2011 - 20:05:54 - [0,021] ----D C:\Program Files (x86)\TomTom International B.V
O43 - CFD: 02/11/2006 - 16:36:07 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 12/12/2013 - 12:48:59 - [0] ----D C:\Program Files (x86)\Video Codec
O43 - CFD: 04/08/2010 - 21:03:47 - [91,800] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 21/10/2009 - 21:24:29 - [0,970] ----D C:\Program Files (x86)\Windows Calendar
O43 - CFD: 21/01/2008 - 04:09:47 - [0,051] ----D C:\Program Files (x86)\Windows Collaboration
O43 - CFD: 31/05/2009 - 00:41:44 - [0,481] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 23/04/2012 - 10:41:58 - [8,522] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 15/10/2010 - 10:16:42 - [4,253] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 02/11/2006 - 16:07:27 - [7,589] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 21/10/2009 - 21:24:29 - [12,902] ----D C:\Program Files (x86)\Windows Photo Gallery
O43 - CFD: 17/11/2009 - 19:08:58 - [0,128] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 21/10/2009 - 21:24:29 - [6,225] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 23/01/2014 - 23:10:21 - [17,264] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 17/06/2011 - 10:08:39 - [3,801] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 11/12/2013 - 22:58:57 - [96,835] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 04/08/2010 - 20:58:43 - [48,844] ----D C:\Program Files (x86)\Common Files\AVSMedia
O43 - CFD: 20/09/2010 - 14:57:19 - [0,095] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 13/09/2009 - 22:45:30 - [1,512] ----D C:\Program Files (x86)\Common Files\DivX Shared
O43 - CFD: 18/08/2009 - 14:07:38 - [0,436] ----D C:\Program Files (x86)\Common Files\Hewlett-Packard
O43 - CFD: 18/08/2009 - 14:08:05 - [5,311] ----D C:\Program Files (x86)\Common Files\HP
O43 - CFD: 18/08/2009 - 20:44:26 - [9,767] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 04/12/2013 - 01:11:26 - [1,188] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 11/12/2013 - 19:21:52 - [3,308] ----D C:\Program Files (x86)\Common Files\Kodak
O43 - CFD: 20/10/2011 - 15:23:06 - [0,052] ---AD C:\Program Files (x86)\Common Files\LightScribe
O43 - CFD: 20/10/2009 - 14:38:40 - [10,542] ----D C:\Program Files (x86)\Common Files\LogiShrd
O43 - CFD: 30/05/2009 - 17:17:47 - [0,054] ---AD C:\Program Files (x86)\Common Files\LS Getting Started
O43 - CFD: 07/08/2013 - 00:36:52 - [459,427] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 11/12/2013 - 19:21:52 - [0,622] ----D C:\Program Files (x86)\Common Files\MSSoap
O43 - CFD: 11/12/2013 - 19:21:52 - [3,475] ----D C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 02/11/2006 - 14:33:53 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 11/12/2013 - 19:21:52 - [1,904] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 02/11/2006 - 14:33:53 - [39,198] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 12/11/2013 - 22:37:38 - [25,269] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 20/09/2010 - 17:20:37 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 23/11/2013 - 12:33:16 - [43,806] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 11/12/2013 - 22:59:52 - [2,775] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 28/11/2013 - 00:47:12 - [0,008] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69(149)
O43 - CFD: 22/06/2013 - 14:01:38 - [13,174] ----D C:\ProgramData\Adobe
O43 - CFD: 01/06/2012 - 19:56:16 - [398,325] ----D C:\ProgramData\Apple
O43 - CFD: 22/11/2013 - 20:35:37 - [147,904] ----D C:\ProgramData\Apple Computer
O43 - CFD: 02/11/2006 - 16:42:17 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 04/08/2010 - 20:50:23 - [0] ----D C:\ProgramData\AVS4YOU
O43 - CFD: 13/08/2009 - 18:03:31 - [0] -SH-D C:\ProgramData\Bureau
O43 - CFD: 09/08/2013 - 14:04:58 - [0] --H-D C:\ProgramData\Common Files
O43 - CFD: 05/08/2010 - 15:02:38 - [0,144] ----D C:\ProgramData\CyberLink
O43 - CFD: 02/11/2006 - 16:42:17 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 16:42:17 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 19/12/2009 - 22:55:06 - [2,255] ----D C:\ProgramData\Downloaded Installations
O43 - CFD: 01/08/2013 - 14:26:12 - [0] ----D C:\ProgramData\DriverGenius
O43 - CFD: 03/02/2010 - 22:27:44 - [0] ----D C:\ProgramData\eMule
O43 - CFD: 13/08/2009 - 18:03:31 - [0] -SH-D C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 16:42:17 - [0] -SH-D C:\ProgramData\Favorites
O43 - CFD: 05/10/2012 - 13:39:45 - [0] ----D C:\ProgramData\FileOpen
O43 - CFD: 14/09/2013 - 15:39:12 - [0,502] ----D C:\ProgramData\Google
O43 - CFD: 12/09/2011 - 20:40:37 - [0,013] ----D C:\ProgramData\Google Updater
O43 - CFD: 18/08/2009 - 14:29:58 - [96,428] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 06/10/2012 - 23:03:22 - [2,420] ----D C:\ProgramData\HP
O43 - CFD: 18/12/2013 - 17:08:56 - [0,009] ----D C:\ProgramData\HP Product Assistant
O43 - CFD: 24/09/2009 - 21:07:42 - [0] ----D C:\ProgramData\HPSSUPPLY
O43 - CFD: 22/11/2009 - 13:58:13 - [0] ----D C:\ProgramData\IM
O43 - CFD: 22/11/2009 - 13:57:10 - [0,009] ----D C:\ProgramData\IncrediMail
O43 - CFD: 01/08/2013 - 14:19:20 - [1,517] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 11/12/2013 - 19:21:57 - [0,001] ----D C:\ProgramData\Kodak
O43 - CFD: 20/10/2009 - 14:38:36 - [12,440] ----D C:\ProgramData\Logishrd
O43 - CFD: 18/08/2009 - 20:34:03 - [0] ----D C:\ProgramData\Logitech
O43 - CFD: 29/11/2013 - 22:47:46 - [0,003] ----D C:\ProgramData\Logs
O43 - CFD: 12/01/2014 - 18:51:58 - [1,395] ----D C:\ProgramData\ma-config.com
O43 - CFD: 31/07/2013 - 14:27:30 - [7,835] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 16/06/2011 - 14:48:11 - [0] ----D C:\ProgramData\McAfee
O43 - CFD: 13/08/2009 - 18:03:31 - [0] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 09/08/2013 - 14:06:41 - [18,418] ----D C:\ProgramData\MFAData
O43 - CFD: 05/12/2013 - 18:22:17 - [1342,345] -S--D C:\ProgramData\Microsoft
O43 - CFD: 11/12/2013 - 20:51:19 - [0,069] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 13/08/2009 - 18:03:31 - [0] -SH-D C:\ProgramData\Modèles
O43 - CFD: 20/10/2011 - 15:08:20 - [0,478] ----D C:\ProgramData\Nero
O43 - CFD: 08/08/2013 - 13:43:40 - [0,015] ----D C:\ProgramData\Norton
O43 - CFD: 30/05/2009 - 17:43:12 - [11,462] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 12/01/2014 - 11:36:07 - [2,669] ----D C:\ProgramData\NVIDIA
O43 - CFD: 03/12/2013 - 22:33:31 - [2,104] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 24/10/2013 - 10:04:27 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 30/05/2009 - 16:58:24 - [2,695] ----D C:\ProgramData\PC-Doctor for Windows
O43 - CFD: 05/12/2013 - 23:13:10 - [196,269] ----D C:\ProgramData\Skype
O43 - CFD: 30/06/2011 - 18:19:59 - [9,482] ----D C:\ProgramData\Skype Extras
O43 - CFD: 05/10/2012 - 22:06:23 - [17,448] ----D C:\ProgramData\SolidDocuments
O43 - CFD: 02/11/2006 - 16:42:17 - [0] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 30/03/2010 - 21:46:59 - [0] ----D C:\ProgramData\Sun
O43 - CFD: 27/01/2010 - 22:51:25 - [0] ----D C:\ProgramData\Symantec
O43 - CFD: 30/05/2009 - 17:14:53 - [0,242] ----D C:\ProgramData\Temp
O43 - CFD: 02/11/2006 - 16:42:17 - [0] -SH-D C:\ProgramData\Templates
O43 - CFD: 29/06/2010 - 15:03:40 - [0,210] ----D C:\ProgramData\TomTom
O43 - CFD: 11/08/2013 - 22:24:05 - [-1355,609] ----D C:\ProgramData\WildTangent
O43 - CFD: 13/05/2011 - 11:43:56 - [0] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 27/08/2010 - 22:00:52 - [0] ----D C:\ProgramData\WinZip
O43 - CFD: 02/12/2013 - 20:49:30 - [0,002] ----D C:\ProgramData\Xerox
O43 - CFD: 14/04/2010 - 12:54:53 - [0,002] ----D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 19/09/2009 - 20:53:49 - [6,585] ----D C:\ProgramData\{B3C2C1CD-6B77-4A96-B670-F734AC2A1CBC}
O43 - CFD: 23/06/2013 - 13:28:35 - [0] ----D C:\ProgramData\߈B萐QrogramData
O43 - CFD: 30/07/2013 - 15:34:20 - [0] ----D C:\ProgramData\߈B萐RrogramData
O43 - CFD: 07/07/2013 - 20:06:47 - [0] ----D C:\ProgramData\߈E萐ʲrogramData
O43 - CFD: 19/03/2013 - 11:08:52 - [0] ----D C:\ProgramData\߈I萐ʾrogramData
O43 - CFD: 12/03/2013 - 18:10:42 - [0] ----D C:\ProgramData\߈Q萐ʶrogramData
O43 - CFD: 16/06/2013 - 11:11:55 - [0] ----D C:\ProgramData\߈T萐-rogramData
O43 - CFD: 30/07/2013 - 14:36:11 - [0] ----D C:\ProgramData\߈U萐ʚrogramData
O43 - CFD: 07/04/2013 - 12:42:54 - [0] ----D C:\ProgramData\߈W萐jrogramData
O43 - CFD: 06/03/2013 - 10:23:53 - [0] ----D C:\ProgramData\߈W萐ˑrogramData
O43 - CFD: 09/05/2013 - 09:55:54 - [0] ----D C:\ProgramData\߈X萐#rogramData
O43 - CFD: 08/04/2013 - 11:45:16 - [0] ----D C:\ProgramData\߈x萐3rogramData
O43 - CFD: 27/03/2013 - 08:58:16 - [0] ----D C:\ProgramData\߈_萐orogramData
O43 - CFD: 11/07/2013 - 13:38:59 - [0] ----D C:\ProgramData\߈«萐ʄrogramData
O43 - CFD: 17/07/2013 - 20:00:36 - [0] ----D C:\ProgramData\߈¸萐ʶrogramData
O43 - CFD: 15/03/2013 - 15:19:46 - [0] ----D C:\ProgramData\߈»萐ʟrogramData
O43 - CFD: 14/03/2013 - 19:54:56 - [0] ----D C:\ProgramData\߈À萐ʞrogramData
O43 - CFD: 30/07/2013 - 14:19:45 - [0] ----D C:\ProgramData\߈Â萐ʞrogramData
O43 - CFD: 29/07/2013 - 15:08:09 - [0] ----D C:\ProgramData\߈â萐˂rogramData
O43 - CFD: 08/05/2013 - 09:53:18 - [0] ----D C:\ProgramData\߈É萐ʠrogramData
O43 - CFD: 17/05/2013 - 09:48:39 - [0] ----D C:\ProgramData\߈Ê萐ʁrogramData
O43 - CFD: 27/05/2013 - 18:16:04 - [0] ----D C:\ProgramData\߈ê萐˄rogramData
O43 - CFD: 24/03/2013 - 09:58:09 - [0] ----D C:\ProgramData\߈Ë萐ʲrogramData
O43 - CFD: 12/03/2013 - 10:51:56 - [0] ----D C:\ProgramData\߈ì萐QrogramData
O43 - CFD: 26/05/2013 - 11:52:15 - [0] ----D C:\ProgramData\߈í萐ërogramData
O43 - CFD: 23/03/2013 - 09:44:33 - [0] ----D C:\ProgramData\߈í萐ürogramData
O43 - CFD: 10/04/2013 - 10:08:07 - [0] ----D C:\ProgramData\߈Ï萐ìrogramData
O43 - CFD: 04/06/2013 - 08:23:32 - [0] ----D C:\ProgramData\߈ø萐ʐrogramData
O43 - CFD: 21/03/2013 - 14:24:28 - [0] ----D C:\ProgramData\߈û萐ʧrogramData
O43 - CFD: 30/06/2013 - 13:57:58 - [0] ----D C:\ProgramData\߈Ü萐ɹrogramData
O43 - CFD: 19/06/2013 - 16:58:55 - [0] ----D C:\ProgramData\߈Ā萐ʋrogramData
O43 - CFD: 25/04/2013 - 18:26:51 - [0] ----D C:\ProgramData\߈Ĉ萐ĠrogramData
O43 - CFD: 07/05/2013 - 18:55:51 - [0] ----D C:\ProgramData\߈č萐ĝrogramData
O43 - CFD: 08/03/2013 - 23:28:25 - [0] ----D C:\ProgramData\߈Ď萐ÃrogramData
O43 - CFD: 08/07/2013 - 12:49:46 - [0] ----D C:\ProgramData\߈Đ萐īrogramData
O43 - CFD: 22/06/2013 - 10:54:07 - [0] ----D C:\ProgramData\߈ě萐˅rogramData
O43 - CFD: 19/03/2013 - 22:55:27 - [0] ----D C:\ProgramData\߈ĝ萐(rogramData
O43 - CFD: 29/07/2013 - 14:19:01 - [0] ----D C:\ProgramData\߈ğ萐ÔrogramData
O43 - CFD: 19/04/2013 - 10:24:52 - [0] ----D C:\ProgramData\߈ɓ萐ʅrogramData
O43 - CFD: 30/03/2013 - 12:03:13 - [0] ----D C:\ProgramData\߈ə萐¯rogramData
O43 - CFD: 11/03/2013 - 12:50:04 - [0] ----D C:\ProgramData\߈ɛ萐ʈrogramData
O43 - CFD: 30/07/2013 - 09:57:16 - [0] ----D C:\ProgramData\߈ɛ萐ʙrogramData
O43 - CFD: 30/05/2013 - 12:19:01 - [0] ----D C:\ProgramData\߈ɩ萐 rogramData
O43 - CFD: 23/05/2013 - 12:11:43 - [0] ----D C:\ProgramData\߈ɩ萐ɓrogramData
O43 - CFD: 04/07/2013 - 21:39:14 - [0] ----D C:\ProgramData\߈ɩ萐ɹrogramData
O43 - CFD: 17/06/2013 - 12:39:21 - [0] ----D C:\ProgramData\߈ɩ萐ʝrogramData
O43 - CFD: 29/03/2013 - 22:58:57 - [0] ----D C:\ProgramData\߈ɩ萐ʟrogramData
O43 - CFD: 10/05/2013 - 10:14:06 - [0] ----D C:\ProgramData\߈ɨ萐ɺrogramData
O43 - CFD: 20/04/2013 - 10:53:00 - [0] ----D C:\ProgramData\߈ɯ萐ɭrogramData
O43 - CFD: 06/05/2013 - 09:31:00 - [0] ----D C:\ProgramData\߈ɯ萐ɿrogramData
O43 - CFD: 27/06/2013 - 12:35:22 - [0] ----D C:\ProgramData\߈ɯ萐ʶrogramData
O43 - CFD: 15/06/2013 - 17:57:08 - [0] ----D C:\ProgramData\߈ʀ萐=rogramData
O43 - CFD: 05/03/2013 - 11:08:00 - [0] ----D C:\ProgramData\߈ʀ萐ʑrogramData
O43 - CFD: 18/04/2013 - 10:58:41 - [0] ----D C:\ProgramData\߈ʀ萐ʙrogramData
O43 - CFD: 11/04/2013 - 13:07:23 - [0] ----D C:\ProgramData\߈ʀ萐ʛrogramData
O43 - CFD: 02/04/2013 - 12:53:58 - [0] ----D C:\ProgramData\߈ʊ萐ʈrogramData
O43 - CFD: 13/04/2013 - 13:19:09 - [0] ----D C:\ProgramData\߈ȋ萐ȉrogramData
O43 - CFD: 18/03/2013 - 10:38:25 - [0] ----D C:\ProgramData\߈ȗ萐°rogramData
O43 - CFD: 21/07/2013 - 19:51:20 - [0] ----D C:\ProgramData\߈ș萐ȪrogramData
O43 - CFD: 13/05/2013 - 14:13:50 - [0] ----D C:\ProgramData\߈Ȣ萐ȲrogramData
O43 - CFD: 17/04/2013 - 21:44:02 - [0] ----D C:\ProgramData\߈Ȳ萐programData
O43 - CFD: 19/07/2013 - 13:04:19 - [0] ----D C:\ProgramData\߈Ȳ萐ʑrogramData
O43 - CFD: 02/06/2013 - 12:46:40 - [0] ----D C:\ProgramData\߈ȿ萐ʃrogramData
O43 - CFD: 27/03/2013 - 12:10:48 - [0] ----D C:\ProgramData\߈ʉ萐&rogramData
O43 - CFD: 29/07/2013 - 23:12:46 - [0] ----D C:\ProgramData\߈ʉ萐ʚrogramData
O43 - CFD: 13/06/2013 - 11:50:35 - [0] ----D C:\ProgramData\߈ʌ萐(rogramData
O43 - CFD: 15/05/2013 - 10:27:56 - [0] ----D C:\ProgramData\߈ʌ萐ôrogramData
O43 - CFD: 17/03/2013 - 08:09:53 - [0] ----D C:\ProgramData\߈Ɏ萐3rogramData
O43 - CFD: 14/03/2013 - 12:55:39 - [0] ----D C:\ProgramData\߈ɕ萐ɤrogramData
O43 - CFD: 04/04/2013 - 19:00:01 - [0] ----D C:\ProgramData\߈ɕ萐ɧrogramData
O43 - CFD: 20/05/2013 - 13:02:38 - [0] ----D C:\ProgramData\߈ɘ萐ȍrogramData
O43 - CFD: 13/06/2013 - 13:16:48 - [0] ----D C:\ProgramData\߈ɜ萐ɴrogramData
O43 - CFD: 26/04/2013 - 10:08:22 - [0] ----D C:\ProgramData\߈ɝ萐ɶrogramData
O43 - CFD: 03/03/2013 - 11:51:01 - [0] ----D C:\ProgramData\߈ɞ萐ɲrogramData
O43 - CFD: 17/04/2013 - 11:19:17 - [0] ----D C:\ProgramData\߈ɞ萐ɮrogramData
O43 - CFD: 28/07/2013 - 13:14:00 - [0] ----D C:\ProgramData\߈ɟ萐ɯrogramData
O43 - CFD: 28/05/2013 - 13:00:20 - [0] ----D C:\ProgramData\߈ɟ萐ʖrogramData
O43 - CFD: 16/05/2013 - 18:56:10 - [0] ----D C:\ProgramData\߈ɡ萐ȦrogramData
O43 - CFD: 24/07/2013 - 14:32:19 - [0] ----D C:\ProgramData\߈ɡ萐ɶrogramData
O43 - CFD: 12/04/2013 - 08:53:45 - [0] ----D C:\ProgramData\߈ɢ萐ɼrogramData
O43 - CFD: 22/03/2013 - 17:57:38 - [0] ----D C:\ProgramData\߈ɤ萐¬rogramData
O43 - CFD: 21/06/2013 - 09:06:10 - [0] ----D C:\ProgramData\߈ɦ萐ʀrogramData
O43 - CFD: 26/03/2013 - 11:54:02 - [0] ----D C:\ProgramData\߈ɦ萐ʃrogramData
O43 - CFD: 10/07/2013 - 12:41:15 - [0] ----D C:\ProgramData\߈ɦ萐ˆrogramData
O43 - CFD: 25/05/2013 - 09:44:56 - [0] ----D C:\ProgramData\߈ɧ萐ɟrogramData
O43 - CFD: 29/07/2013 - 19:17:21 - [0] ----D C:\ProgramData\߈ɧ萐ʁrogramData
O43 - CFD: 29/05/2013 - 12:18:01 - [0] ----D C:\ProgramData\߈ɪ萐ɌrogramData
O43 - CFD: 07/05/2013 - 09:55:34 - [0] ----D C:\ProgramData\߈ɪ萐ɿrogramData
O43 - CFD: 19/05/2013 - 10:36:16 - [0] ----D C:\ProgramData\߈ɭ萐ȩrogramData
O43 - CFD: 03/04/2013 - 10:02:20 - [0] ----D C:\ProgramData\߈ɮ萐¶rogramData
O43 - CFD: 05/05/2013 - 10:34:32 - [0] ----D C:\ProgramData\߈ɮ萐ʌrogramData
O43 - CFD: 24/04/2013 - 10:28:49 - [0] ----D C:\ProgramData\߈ɮ萐ʂrogramData
O43 - CFD: 18/07/2013 - 12:53:03 - [0] ----D C:\ProgramData\߈ɮ萐˂rogramData
O43 - CFD: 28/06/2013 - 12:56:38 - [0] ----D C:\ProgramData\߈ɰ萐ʂrogramData
O43 - CFD: 08/07/2013 - 22:22:08 - [0] ----D C:\ProgramData\߈ɴ萐ʸrogramData
O43 - CFD: 12/07/2013 - 18:49:59 - [0] ----D C:\ProgramData\߈ɶ萐ɴrogramData
O43 - CFD: 08/05/2013 - 22:44:25 - [0] ----D C:\ProgramData\߈ɶ萐ʷrogramData
O43 - CFD: 10/03/2013 - 12:34:48 - [0] ----D C:\ProgramData\߈ɷ萐ʏrogramData
O43 - CFD: 13/03/2013 - 09:18:46 - [0] ----D C:\ProgramData\߈ɸ萐ɱrogramData
O43 - CFD: 15/04/2013 - 19:33:22 - [0] ----D C:\ProgramData\߈ɸ萐ʶrogramData
O43 - CFD: 23/04/2013 - 09:19:23 - [0] ----D C:\ProgramData\߈ɹ萐ʑrogramData
O43 - CFD: 04/03/2013 - 09:48:22 - [0] ----D C:\ProgramData\߈ɻ萐¦rogramData
O43 - CFD: 02/07/2013 - 16:40:47 - [0] ----D C:\ProgramData\߈ɻ萐ɹrogramData
O43 - CFD: 29/07/2013 - 14:39:29 - [0] ----D C:\ProgramData\߈ɼ萐ʏrogramData
O43 - CFD: 27/07/2013 - 22:22:55 - [0] ----D C:\ProgramData\߈ɼ萐ʿrogramData
O43 - CFD: 16/04/2013 - 10:11:07 - [0] ----D C:\ProgramData\߈ɾ萐ʪrogramData
O43 - CFD: 05/07/2013 - 13:51:13 - [0] ----D C:\ProgramData\߈ɿ萐ʗrogramData
O43 - CFD: 24/07/2013 - 21:56:32 - [0] ----D C:\ProgramData\߈ʁ萐ɿrogramData
O43 - CFD: 20/03/2013 - 12:10:36 - [0] ----D C:\ProgramData\߈ʁ萐ɫrogramData
O43 - CFD: 19/04/2013 - 11:42:26 - [0] ----D C:\ProgramData\߈ʂ萐ʚrogramData
O43 - CFD: 22/04/2013 - 12:17:27 - [0] ----D C:\ProgramData\߈ʄ萐ʝrogramData
O43 - CFD: 15/07/2013 - 20:48:26 - [0] ----D C:\ProgramData\߈ʅ萐ɶrogramData
O43 - CFD: 20/07/2013 - 19:45:26 - [0] ----D C:\ProgramData\߈ʅ萐ʘrogramData
O43 - CFD: 05/04/2013 - 15:27:54 - [0] ----D C:\ProgramData\߈ʆ萐ɭrogramData
O43 - CFD: 14/04/2013 - 12:54:37 - [0] ----D C:\ProgramData\߈ʆ萐ʜrogramData
O43 - CFD: 24/06/2013 - 12:31:09 - [0] ----D C:\ProgramData\߈ʆ萐ʝrogramData
O43 - CFD: 29/07/2013 - 14:55:18 - [0] ----D C:\ProgramData\߈ʍ萐ɰrogramData
O43 - CFD: 06/04/2013 - 11:12:48 - [0] ----D C:\ProgramData\߈ʎ萐ɴrogramData
O43 - CFD: 21/05/2013 - 12:37:15 - [0] ----D C:\ProgramData\߈ʐ萐ʥrogramData
O43 - CFD: 22/03/2013 - 14:39:00 - [0] ----D C:\ProgramData\߈ʑ萐ɹrogramData
O43 - CFD: 20/06/2013 - 11:54:29 - [0] ----D C:\ProgramData\߈ʑ萐ʏrogramData
O43 - CFD: 08/03/2013 - 11:01:25 - [0] ----D C:\ProgramData\߈ʓ萐ʪrogramData
O43 - CFD: 29/07/2013 - 22:05:47 - [0] ----D C:\ProgramData\߈ʕ萐¤rogramData
O43 - CFD: 13/03/2013 - 19:12:07 - [0] ----D C:\ProgramData\߈ʚ萐ʘrogramData
O43 - CFD: 01/04/2013 - 12:58:00 - [0] ----D C:\ProgramData\߈ʠ萐ʞrogramData
O43 - CFD: 05/07/2013 - 22:48:37 - [0] ----D C:\ProgramData\߈ʥ萐ĉrogramData
O43 - CFD: 01/07/2013 - 17:24:09 - [0] ----D C:\ProgramData\߈ʲ萐árogramData
O43 - CFD: 22/07/2013 - 16:43:01 - [0] ----D C:\ProgramData\߈ʴ萐˃rogramData
O43 - CFD: 26/07/2013 - 13:31:21 - [0] ----D C:\ProgramData\߈ɫ萐ɩrogramData
O43 - CFD: 18/05/2013 - 12:40:46 - [0] ----D C:\ProgramData\߈ɽ萐(rogramData
O43 - CFD: 22/05/2013 - 09:48:41 - [0] ----D C:\ProgramData\߈ɽ萐ɦrogramData
O43 - CFD: 16/04/2013 - 21:19:21 - [0] ----D C:\ProgramData\߈ɽ萐ʕrogramData
O43 - CFD: 16/11/2013 - 14:19:07 - [1,063] ----D C:\Users\gold\AppData\Roaming\0C1I1L1R1J0M1P0I1G
O43 - CFD: 26/03/2011 - 21:36:45 - [10,726] ----D C:\Users\gold\AppData\Roaming\Adobe
O43 - CFD: 18/08/2009 - 20:54:16 - [0] ----D C:\Users\gold\AppData\Roaming\AdobeUM
O43 - CFD: 01/06/2012 - 22:30:48 - [8,389] ----D C:\Users\gold\AppData\Roaming\Apple Computer
O43 - CFD: 05/08/2010 - 15:41:45 - [0] ----D C:\Users\gold\AppData\Roaming\AVS4YOU
O43 - CFD: 05/10/2012 - 12:16:48 - [0,003] ----D C:\Users\gold\AppData\Roaming\Convertisseur PDF
O43 - CFD: 05/10/2012 - 12:25:48 - [0,004] ----D C:\Users\gold\AppData\Roaming\Convertisseur PDF Pro
O43 - CFD: 07/04/2010 - 11:13:50 - [0] ----D C:\Users\gold\AppData\Roaming\CoSoSys
O43 - CFD: 15/10/2009 - 21:06:33 - [0,005] ----D C:\Users\gold\AppData\Roaming\CyberLink
O43 - CFD: 05/10/2012 - 13:34:50 - [190,700] ----D C:\Users\gold\AppData\Roaming\Downloaded Installations
O43 - CFD: 21/11/2013 - 18:55:14 - [0,032] ----D C:\Users\gold\AppData\Roaming\DriverTurbo
O43 - CFD: 18/12/2013 - 17:09:29 - [0] ----D C:\Users\gold\AppData\Roaming\dvdcss
O43 - CFD: 06/01/2014 - 18:40:02 - [0,001] ----D C:\Users\gold\AppData\Roaming\Easeware
O43 - CFD: 05/10/2012 - 13:39:45 - [0] ----D C:\Users\gold\AppData\Roaming\FileOpen
O43 - CFD: 02/12/2013 - 22:49:45 - [0] ----D C:\Users\gold\AppData\Roaming\GlarySoft
O43 - CFD: 16/04/2011 - 10:18:55 - [0] ----D C:\Users\gold\AppData\Roaming\Google
O43 - CFD: 13/08/2009 - 18:09:13 - [0,024] ----D C:\Users\gold\AppData\Roaming\hewlett-packard
O43 - CFD: 19/09/2009 - 21:19:15 - [0,220] ----D C:\Users\gold\AppData\Roaming\HP
O43 - CFD: 13/08/2009 - 18:05:54 - [0,022] ----D C:\Users\gold\AppData\Roaming\HP TCS
O43 - CFD: 18/12/2013 - 20:29:40 - [0,003] ----D C:\Users\gold\AppData\Roaming\HpUpdate
O43 - CFD: 31/07/2013 - 14:50:47 - [0] ----D C:\Users\gold\AppData\Roaming\Icones
O43 - CFD: 13/08/2009 - 18:08:41 - [0] ----D C:\Users\gold\AppData\Roaming\Identities
O43 - CFD: 03/12/2009 - 23:36:35 - [0,889] ----D C:\Users\gold\AppData\Roaming\igraal
O43 - CFD: 23/08/2009 - 15:22:45 - [0,003] ----D C:\Users\gold\AppData\Roaming\Leadertech
O43 - CFD: 18/08/2009 - 16:09:51 - [3,509] ----D C:\Users\gold\AppData\Roaming\Macromedia
O43 - CFD: 31/07/2013 - 14:27:34 - [950,064] ----D C:\Users\gold\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 16:07:25 - [0] ----D C:\Users\gold\AppData\Roaming\Media Center Programs
O43 - CFD: 23/10/2013 - 14:46:59 - [33,284] -S--D C:\Users\gold\AppData\Roaming\Microsoft
O43 - CFD: 18/08/2009 - 13:33:19 - [0] ----D C:\Users\gold\AppData\Roaming\Microsoft Web Folders
O43 - CFD: 23/09/2009 - 21:01:53 - [4,070] ----D C:\Users\gold\AppData\Roaming\Mozilla
O43 - CFD: 20/10/2011 - 15:09:43 - [0,010] ----D C:\Users\gold\AppData\Roaming\Nero
O43 - CFD: 06/10/2012 - 11:28:52 - [1,477] ----D C:\Users\gold\AppData\Roaming\Nitro
O43 - CFD: 06/10/2012 - 12:01:51 - [0,001] ----D C:\Users\gold\AppData\Roaming\Nitro PDF
O43 - CFD: 17/05/2012 - 21:28:47 - [21,451] ----D C:\Users\gold\AppData\Roaming\OpenOffice.org
O43 - CFD: 10/08/2013 - 13:57:35 - [0] ----D C:\Users\gold\AppData\Roaming\PC Cleaner =>USP.PCCleaner
O43 - CFD: 23/01/2010 - 20:17:00 - [0] ----D C:\Users\gold\AppData\Roaming\PeerNetworking
O43 - CFD: 18/12/2013 - 17:09:34 - [0] ----D C:\Users\gold\AppData\Roaming\player
O43 - CFD: 13/12/2013 - 22:34:45 - [0,077] ----D C:\Users\gold\AppData\Roaming\QuickScan
O43 - CFD: 27/06/2013 - 12:39:58 - [0] ----D C:\Users\gold\AppData\Roaming\ShieldApps
O43 - CFD: 18/08/2009 - 13:53:55 - [0] ----D C:\Users\gold\AppData\Roaming\Skinux
O43 - CFD: 22/01/2014 - 22:27:48 - [39,087] ----D C:\Users\gold\AppData\Roaming\Skype
O43 - CFD: 01/07/2011 - 18:32:13 - [0,036] ----D C:\Users\gold\AppData\Roaming\skypePM
O43 - CFD: 05/10/2012 - 12:22:09 - [67,039] ----D C:\Users\gold\AppData\Roaming\SmartSoftOCRHelper
O43 - CFD: 06/10/2012 - 10:33:13 - [0,200] ----D C:\Users\gold\AppData\Roaming\SolidDocuments
O43 - CFD: 16/01/2010 - 23:39:24 - [0,046] ----D C:\Users\gold\AppData\Roaming\Template
O43 - CFD: 18/12/2010 - 00:05:35 - [2,177] ----D C:\Users\gold\AppData\Roaming\Todae
O43 - CFD: 29/06/2010 - 19:14:14 - [103,177] ----D C:\Users\gold\AppData\Roaming\TomTom
O43 - CFD: 08/01/2014 - 15:53:11 - [1,422] ----D C:\Users\gold\AppData\Roaming\vlc
O43 - CFD: 21/08/2009 - 19:24:06 - [0,001] ----D C:\Users\gold\AppData\Roaming\WildTangent
O43 - CFD: 18/05/2010 - 13:25:39 - [0] ----D C:\Users\gold\AppData\Roaming\WinBatch
O43 - CFD: 23/01/2014 - 23:11:10 - [0,042] ----D C:\Users\gold\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 02/12/2013 - 20:59:44 - [0,024] ----D C:\Users\gold\AppData\Roaming\_MDLogs
O43 - CFD: 15/01/2014 - 14:41:04 - [17,140] ----D C:\Users\gold\AppData\Local\Adobe
O43 - CFD: 10/02/2010 - 13:21:44 - [0] ----D C:\Users\gold\AppData\Local\Apple
O43 - CFD: 01/07/2011 - 18:32:10 - [34,306] ----D C:\Users\gold\AppData\Local\Apple Computer
O43 - CFD: 13/08/2009 - 18:03:39 - [0] -SH-D C:\Users\gold\AppData\Local\Application Data
O43 - CFD: 08/09/2013 - 16:35:49 - [0] ----D C:\Users\gold\AppData\Local\Apps
O43 - CFD: 09/08/2013 - 14:04:58 - [0] ----D C:\Users\gold\AppData\Local\Avg2013
O43 - CFD: 11/10/2013 - 14:23:07 - [0,146] ----D C:\Users\gold\AppData\Local\avgchrome
O43 - CFD: 05/10/2012 - 12:59:08 - [1,763] ----D C:\Users\gold\AppData\Local\CRE
O43 - CFD: 19/08/2009 - 13:57:26 - [0,133] ----D C:\Users\gold\AppData\Local\CyberLink
O43 - CFD: 08/09/2013 - 16:35:49 - [0] ----D C:\Users\gold\AppData\Local\Deployment
O43 - CFD: 17/09/2013 - 21:40:51 - [78,221] ----D C:\Users\gold\AppData\Local\Downloaded Installations
O43 - CFD: 26/11/2013 - 16:42:06 - [0] ----D C:\Users\gold\AppData\Local\DriverTuner
O43 - CFD: 17/12/2013 - 23:16:17 - [0] ----D C:\Users\gold\AppData\Local\ElevatedDiagnostics
O43 - CFD: 18/12/2013 - 17:08:57 - [0,029] ----D C:\Users\gold\AppData\Local\emaze
O43 - CFD: 03/02/2010 - 22:27:44 - [0] ----D C:\Users\gold\AppData\Local\eMule
O43 - CFD: 04/12/2013 - 13:46:37 - [116,443] ----D C:\Users\gold\AppData\Local\Google
O43 - CFD: 30/07/2011 - 19:56:38 - [118,709] ----D C:\Users\gold\AppData\Local\Hewlett-Packard
O43 - CFD: 13/08/2009 - 18:08:35 - [0] ----D C:\Users\gold\AppData\Local\Hewlett-Packard_Company
O43 - CFD: 13/08/2009 - 18:03:39 - [0] -SH-D C:\Users\gold\AppData\Local\Historique
O43 - CFD: 19/09/2009 - 21:12:00 - [36,539] ----D C:\Users\gold\AppData\Local\HP
O43 - CFD: 22/11/2009 - 14:42:32 - [105,749] ----D C:\Users\gold\AppData\Local\IM
O43 - CFD: 18/08/2009 - 13:54:12 - [0] ----D C:\Users\gold\AppData\Local\KodakGallery
O43 - CFD: 20/10/2009 - 14:46:00 - [86,611] ----D C:\Users\gold\AppData\Local\LogiShrd
O43 - CFD: 20/12/2012 - 20:32:56 - [0] ----D C:\Users\gold\AppData\Local\Macromedia
O43 - CFD: 09/08/2013 - 14:04:58 - [2,027] ----D C:\Users\gold\AppData\Local\MFAData
O43 - CFD: 05/12/2013 - 15:44:55 - [1308,638] ----D C:\Users\gold\AppData\Local\Microsoft
O43 - CFD: 18/12/2013 - 17:09:04 - [1,647] ----D C:\Users\gold\AppData\Local\Microsoft Help
O43 - CFD: 08/01/2014 - 15:14:27 - [0,001] ----D C:\Users\gold\AppData\Local\MigWiz
O43 - CFD: 23/09/2009 - 20:59:52 - [51,170] ----D C:\Users\gold\AppData\Local\Mozilla
O43 - CFD: 20/10/2011 - 15:23:15 - [2,112] ----D C:\Users\gold\AppData\Local\Nero
O43 - CFD: 20/10/2011 - 15:20:34 - [0,003] ----D C:\Users\gold\AppData\Local\Nero_AG
O43 - CFD: 19/08/2009 - 13:57:25 - [0] ----D C:\Users\gold\AppData\Local\PowerCinema
O43 - CFD: 19/09/2009 - 20:52:53 - [0,272] ----D C:\Users\gold\AppData\Local\Seven Zip
O43 - CFD: 02/03/2013 - 15:01:12 - [0] ----D C:\Users\gold\AppData\Local\Software
O43 - CFD: 23/01/2014 - 23:10:16 - [16,467] ----D C:\Users\gold\AppData\Local\Temp
O43 - CFD: 13/08/2009 - 18:03:39 - [0] -SH-D C:\Users\gold\AppData\Local\Temporary Internet Files
O43 - CFD: 29/06/2010 - 19:14:14 - [1,529] ----D C:\Users\gold\AppData\Local\TomTom
O43 - CFD: 05/10/2012 - 12:18:55 - [10,227] ----D C:\Users\gold\AppData\Local\VirtualStore
O43 - CFD: 07/08/2013 - 00:25:47 - [0] ----D C:\Users\gold\AppData\Local\Windows Live
O43 - CFD: 18/12/2013 - 17:09:34 - [0,015] R---D C:\Users\gold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 18/12/2013 - 17:09:34 - [0] R---D C:\Users\gold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 18/12/2010 - 00:05:35 - [0] ----D C:\Users\gold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Media Plugin
O43 - CFD: 18/12/2013 - 17:09:34 - [0,001] R---D C:\Users\gold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 18/12/2013 - 17:09:34 - [0] R---D C:\Users\gold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 381 Scanned in 00mn 02s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/01/2014 - 13:13:18 ---A- . (...) -- C:\Windows\setupact.log [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/01/2014 - 13:13:18 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.B25102984604720CEE8BD95ED7EEA9DF] - 09/01/2014 - 13:13:20 ---A- . (...) -- C:\Windows\System32\lvcoinst.log [25311]
O44 - LFC:[MD5.B583F45FC2B8B9226984B230A781ECA5] - 09/01/2014 - 13:22:31 ---A- . (...) -- C:\FINIS_IT.TXT [750]
O44 - LFC:[MD5.FE6694235A2BCF86E7611794C7C97B45] - 11/01/2014 - 14:10:35 ---A- . (...) -- C:\AdwCleaner[R10].txt [2086]
O44 - LFC:[MD5.DCA862F9796BBF621DB12768978DBBA6] - 15/01/2014 - 14:28:02 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\mrt.exe [86054176]
O44 - LFC:[MD5.6FB598E8DE02D879D17B35F144A1B3BC] - 19/01/2014 - 08:33:29 ----- . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\Windows\System32\MpSigStub.exe [270496]
O44 - LFC:[MD5.0BB97D43299910CBFBA59C461B99B910] - 22/01/2014 - 20:30:15 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25928]
O44 - LFC:[MD5.A640944605E06FE482B9023CA232F067] - 23/01/2014 - 19:31:43 ---A- . (...) -- C:\Windows\PFRO.log [18142]
O44 - LFC:[MD5.177E71895E891EA81792123ADECBA588] - 23/01/2014 - 19:32:48 ---A- . (...) -- C:\Windows\ntbtlog.txt [1228166]
O44 - LFC:[MD5.5217A13C9111815C54D41BCCAE6538D7] - 23/01/2014 - 19:47:00 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.9455FE4232D2FD83112B6ED8F95E4887] - 23/01/2014 - 19:51:40 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1425636]
~ Files: 12 Scanned in 00mn 05s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.0B9492FE96420B43F503FC54D9235712] - 23/01/2014 - 20:54:09 ---A- - C:\Windows\Prefetch\SFTGC.EXE-60323DC0.pf
O45 - LFCP:[MD5.F776A91F1938078906A65128BDDD30B3] - 23/01/2014 - 21:14:08 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.6A205D5E2B87A9C8E454B82DEC834672] - 23/01/2014 - 21:23:46 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-8FD92526.pf
O45 - LFCP:[MD5.8F90E0A92A89CDCCD6E0B61F1EF9D65D] - 23/01/2014 - 21:23:46 ---A- - C:\Windows\Prefetch\VSSVC.EXE-04D079CC.pf
O45 - LFCP:[MD5.31B711435DD0B4B618AACA996890C31D] - 23/01/2014 - 21:55:32 ---A- - C:\Windows\Prefetch\RIBBONS.SCR-B106D674.pf
O45 - LFCP:[MD5.FC45040B18CF48D26A90AC5C4528629F] - 23/01/2014 - 22:05:36 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-1BEE4A84.pf
O45 - LFCP:[MD5.9FA0FDEB0C049DE1D21E675EFD8D25E3] - 23/01/2014 - 22:45:57 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-905D47B9.pf
O45 - LFCP:[MD5.5E1114A753AAD7DE48D01DE67F1DD873] - 23/01/2014 - 22:46:02 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-331070A3.pf
O45 - LFCP:[MD5.6DDE39D641898646A6BEA2FA0AE9B6F7] - 23/01/2014 - 22:47:59 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.45E51EA775F491B41DB43F57DB8A46D7] - 23/01/2014 - 22:47:59 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.59230A1AFD20F482BA17BE53B0DDE47E] - 23/01/2014 - 22:47:59 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.7A37923C8CD78F9F89CA055CCC474738] - 23/01/2014 - 22:47:59 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.E15382FD27857105BA05FCCA2A977314] - 23/01/2014 - 22:49:46 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-58863F79.pf
O45 - LFCP:[MD5.434040C7FED2CC09CDAD0A5711FD8C73] - 23/01/2014 - 22:50:15 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2110523243-1586633563-1267511211-1000.db
O45 - LFCP:[MD5.E4D0DDF9F4F5E28DCBBE16D36A5C74B6] - 23/01/2014 - 22:50:15 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2110523243-1586633563-1267511211-1000.db
O45 - LFCP:[MD5.06922E0DACFD55F9FA7FE39865BFD673] - 23/01/2014 - 22:53:16 ---A- - C:\Windows\Prefetch\ZHPDIAG2 (1).TMP-BF9125EC.pf
O45 - LFCP:[MD5.EED1B65B1D37B3DFCE52055A1AC3613E] - 23/01/2014 - 22:53:21 ---A- - C:\Windows\Prefetch\ZHPDIAG2 (1).EXE-4A84046C.pf
O45 - LFCP:[MD5.67EA6DC4D59F4F47569E0018B70E40EB] - 23/01/2014 - 22:53:21 ---A- - C:\Windows\Prefetch\ZHPDIAG2 (1).TMP-490E9084.pf
O45 - LFCP:[MD5.FBAC32675E3631463F69088E8A0FDCBD] - 23/01/2014 - 22:54:24 ---A- - C:\Windows\Prefetch\CSPEP.EXE-6F771592.pf
O45 - LFCP:[MD5.D23EC9B63A69AA08703DE2978F90FB27] - 23/01/2014 - 23:02:16 ---A- - C:\Windows\Prefetch\TASKENG.EXE-5BAF290C.pf
O45 - LFCP:[MD5.B288CD2095EB8AE2CD32AB4980A87CC7] - 23/01/2014 - 23:07:27 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-71214090.pf
O45 - LFCP:[MD5.C57A45069F27985254745EECF9218BA2] - 23/01/2014 - 23:08:01 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-648FB068.pf
O45 - LFCP:[MD5.FA9DC45C865DDB2488A447FDB02DC638] - 23/01/2014 - 23:08:03 ---A- - C:\Windows\Prefetch\WOW_HELPER.EXE-F1D236DB.pf
O45 - LFCP:[MD5.4F88696BE5F4AB5875828B88DF05876B] - 23/01/2014 - 23:08:13 ---A- - C:\Windows\Prefetch\CHROME.EXE-5FE9909D.pf
O45 - LFCP:[MD5.BE719107C71D192BC818CAE3A7E1EC50] - 23/01/2014 - 23:09:13 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-1B3ABCE8.pf
O45 - LFCP:[MD5.831C6F1F8B36143E473D05EB13C70563] - 23/01/2014 - 23:10:20 ---A- - C:\Windows\Prefetch\CONSENT.EXE-65F6206D.pf
O45 - LFCP:[MD5.FD9E88D66A5F7385591D7904C2BED33F] - 23/01/2014 - 23:10:25 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-893DDF55.pf
O45 - LFCP:[MD5.17CD8F435ADAE5B142DE97EA1AE05FE1] - 23/01/2014 - 23:10:44 ---A- - C:\Windows\Prefetch\CMD.EXE-EABFE48B.pf
O45 - LFCP:[MD5.9B85574CA0C180C900947611652D4886] - 23/01/2014 - 23:10:44 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-228E38AF.pf
O45 - LFCP:[MD5.E8EA8069589A02511723B73CCAADA55C] - 23/01/2014 - 23:10:44 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-94D7CB13.pf
O45 - LFCP:[MD5.2EA2C11D8247B37E0958504B2C96C67B] - 23/01/2014 - 23:10:46 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-AFAD3EF9.pf
O45 - LFCP:[MD5.3603C716616DC67BD537696AD1499CC8] - 23/01/2014 - 23:10:55 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-AA7A1FDD.pf
O45 - LFCP:[MD5.C57CAB206CD109EF886B436000114B73] - 23/01/2014 - 23:11:09 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-7E9C9BE3.pf
~ Prefetcher: 33 Scanned in 00mn 01s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
~ LSA: 7 Scanned in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s
---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"vidc.i420"="lvcod64.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcod64.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 3 Scanned in 00mn 00s
---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O53 - SMSR:HKLM\...\startupreg\Adobe Photo Downloader [Key] . (...) -- C:\Program Files (x86)\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\APSDaemon [Key] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O53 - SMSR:HKLM\...\startupreg\CLMLServer for HP TouchSmart [Key] . (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
O53 - SMSR:HKLM\...\startupreg\Connexion SFR 9props.exe [Key] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe
O53 - SMSR:HKLM\...\startupreg\DriverTurbo [Key] . (...) -- C:\Program Files (x86)\DriverTurbo\DriverTurbo.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\DVDAgent [Key] . (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
O53 - SMSR:HKLM\...\startupreg\HP Health Check Scheduler [Key] . (.Hewlett-Packard - HP Health Check Scheduler.) -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O53 - SMSR:HKLM\...\startupreg\HP Remote Software [Key] . (.Pas de propriétaire - Core functionality module for HP Remote sof.) -- C:\Program Files\Hewlett-Packard\HP Remote\HP REMOTE V1.0.5.exe
O53 - SMSR:HKLM\...\startupreg\HP Software Update [Key] . (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O53 - SMSR:HKLM\...\startupreg\HPADVISOR [Key] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O53 - SMSR:HKLM\...\startupreg\hpqSRMon [Key] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O53 - SMSR:HKLM\...\startupreg\hpsysdrv [Key] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe =>.Hewlett-Packard Co
O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O53 - SMSR:HKLM\...\startupreg\LightScribe Control Panel [Key] . (...) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\LogitechQuickCamRibbon [Key] . (...) -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe =>.Logitech Inc
O53 - SMSR:HKLM\...\startupreg\NvCplDaemon [Key] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll =>.NVIDIA Corporation
O53 - SMSR:HKLM\...\startupreg\PC Cleaner [Key] . (...) -- C:\Program Files (x86)\PC Cleaner\PCCLauncher.exe (.not file.) =>USP.PCCleaner
O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O53 - SMSR:HKLM\...\startupreg\SmartMenu [Key] . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SmartSoft PDF Printer Agent [Key] . (...) -- C:\Program Files\Convertisseur PDF Pro\SmartSoft PDF Printer Agent.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O53 - SMSR:HKLM\...\startupreg\TomTomHOME.exe [Key] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O53 - SMSR:HKLM\...\startupreg\TSMAgent [Key] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
O53 - SMSR:HKLM\...\startupreg\UpdateLBPShortCut [Key] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O53 - SMSR:HKLM\...\startupreg\UpdateP2GoShortCut [Key] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O53 - SMSR:HKLM\...\startupreg\UpdatePDIRShortCut [Key] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
O53 - SMSR:HKLM\...\startupreg\UpdatePSTShortCut [Key] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe
~ SMSR Keys: 28 Scanned in 00mn 00s
---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 1 Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "HideFastUserSwitching"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableLockWorkstation"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableChangePassword"=0
~ MWPS: 20 Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLogoff"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoClose"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
~ MWPE Keys: 6 Scanned in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.F14215E37CF124104575073F782111D2] - 21/01/2008 - 03:46:53 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [486456]
O58 - SDL:[MD5.7D05A75E3066861A6610F7EE04FF085C] - 21/01/2008 - 03:46:54 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [342584]
O58 - SDL:[MD5.820A201FE08A0C345B3BEDBC30E1A77C] - 21/01/2008 - 03:46:54 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (X64).) -- C:\Windows\System32\Drivers\adpu160m.sys [126520]
O58 - SDL:[MD5.9B4AB6854559DC168FBB4C24FC52E794] - 21/01/2008 - 03:47:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [185912]
O58 - SDL:[MD5.157D0898D4B73F075CE9FA26B482DF98] - 21/01/2008 - 03:46:50 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15976]
O58 - SDL:[MD5.BA8417D4765F3988FF921F30F630E303] - 21/01/2008 - 03:46:52 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [90680]
O58 - SDL:[MD5.9D41C435619733B34CC16A511E644B11] - 21/01/2008 - 03:47:00 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [91192]
O58 - SDL:[MD5.40014A6251A68D1EC48001B1653CCEE0] - 21/01/2008 - 03:47:30 ---A- . (...) -- C:\Windows\System32\Drivers\bdasup.sys [15616]
O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 18/09/2006 - 22:30:15 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432]
O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 18/09/2006 - 22:30:15 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704]
O58 - SDL:[MD5.F0F0BA4D815BE446AA6A4583CA3BCA9B] - 02/11/2006 - 09:43:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [86528]
O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 18/09/2006 - 22:30:18 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104]
O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 18/09/2006 - 22:30:18 ---A- . (...) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976]
O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 19/09/2006 - 12:42:33 ---A- . (...) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720]
O58 - SDL:[MD5.E5D5499A1C50A54B5161296B6AFE6192] - 21/01/2008 - 03:46:50 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [18024]
O58 - SDL:[MD5.222CB641B4B8A1D1126F8033F9FD6A00] - 02/11/2006 - 12:50:06 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\Drivers\djsvs.sys [88168]
O58 - SDL:[MD5.264CEE7B031A9D6C827F3D0CB031F2FE] - 21/01/2008 - 03:46:56 ---A- . (...) -- C:\Windows\System32\Drivers\E1G6032E.sys [146176]
O58 - SDL:[MD5.C4636D6E10469404AB5308D9FD45ED07] - 21/01/2008 - 03:46:59 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [397368]
O58 - SDL:[MD5.8E98D21EE06192492A5671A6144D092F] - 21/08/2012 - 12:01:20 ---A- . (...) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240]
O58 - SDL:[MD5.603F4C5E89B67331DDACECAA6C231CB1] - 03/07/2013 - 03:22:30 ---A- . (...) -- C:\Windows\System32\Drivers\hidparse.sys [31616]
O58 - SDL:[MD5.D7109A1E6BD2DFDBCBA72A6BC626A13B] - 21/01/2008 - 03:46:59 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\System32\Drivers\HpCISSs.sys [47672]
O58 - SDL:[MD5.3E3BF3627D886736D0B4E90054F929F6] - 21/01/2008 - 03:46:59 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\System32\Drivers\iaStorV.sys [290872]
O58 - SDL:[MD5.8C3951AD2FE886EF76C7B5027C3125D3] - 02/11/2006 - 13:02:39 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44648]
O58 - SDL:[MD5.63C766CDC609FF8206CB447A65ABBA4A] - 02/11/2006 - 13:02:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [37480]
O58 - SDL:[MD5.1281FE73B17664631D12F643CBEA3F59] - 02/11/2006 - 13:02:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [37480]
O58 - SDL:[MD5.1D419CF43DB29396ECD7113D129D94EB] - 21/01/2008 - 03:49:00 ---A- . (...) -- C:\Windows\System32\Drivers\ksthunk.sys [20864]
O58 - SDL:[MD5.ACBE1AF32D3123E330A07BFBC5EC4A9B] - 21/01/2008 - 03:46:51 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [113720]
O58 - SDL:[MD5.799FFB2FC4729FA46D2157C0065B3525] - 21/01/2008 - 03:46:56 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [105016]
O58 - SDL:[MD5.F445FF1DAAD8A226366BFAF42551226B] - 21/01/2008 - 03:47:01 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [113720]
O58 - SDL:[MD5.4A503882318BB2F59218D401614E6AF6] - 30/04/2009 - 23:55:46 ---A- . (.Logitech Inc. - Audio filter for Express Plus.) -- C:\Windows\System32\Drivers\lv302a64.sys [15896]
O58 - SDL:[MD5.AE0B94363DA0F60D42B9D05B352F61ED] - 30/04/2009 - 23:55:56 ---A- . (...) -- C:\Windows\System32\Drivers\LV302V64.SYS [2755096]
O58 - SDL:[MD5.7717A2CB550267860D3933F3FBA0216F] - 30/04/2009 - 14:59:48 ---A- . (...) -- C:\Windows\System32\Drivers\LVPr2M64.sys [30232]
O58 - SDL:[MD5.125AE13C293889001B8456CF3EB04A40] - 01/05/2009 - 00:01:34 ---A- . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Driver.) -- C:\Windows\System32\Drivers\lvrs64.sys [327576]
O58 - SDL:[MD5.6562FCEE704F14C05F5338B147D67A16] - 12/10/2007 - 03:00:20 ---A- . (...) -- C:\Windows\System32\Drivers\LVUSBS64.sys [50072]
O58 - SDL:[MD5.0BB97D43299910CBFBA59C461B99B910] - 04/04/2013 - 14:50:32 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25928]
O58 - SDL:[MD5.5C5CD6AACED32FB26C3FB34B3DCF972F] - 21/01/2008 - 03:46:59 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\System32\Drivers\megasas.sys [35896]
O58 - SDL:[MD5.859BC2436B076C77C159ED694ACFE8F8] - 21/01/2008 - 03:46:56 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [438328]
O58 - SDL:[MD5.3C200630A89EF2C0864D515B7A75802E] - 02/11/2006 - 13:02:24 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\System32\Drivers\Mraid35x.sys [39016]
O58 - SDL:[MD5.0EA73E498F53B96D83DBFCA074AD4CF8] - 21/01/2008 - 03:49:52 ---A- . (...) -- C:\Windows\System32\Drivers\mskssrv.sys [11008]
O58 - SDL:[MD5.52E59B7E992A58E740AA63F57EDBAE8B] - 02/11/2006 - 10:37:30 ---A- . (...) -- C:\Windows\System32\Drivers\mspclock.sys [7040]
O58 - SDL:[MD5.49084A75BAE043AE02D5B44D02991BB2] - 02/11/2006 - 10:37:30 ---A- . (...) -- C:\Windows\System32\Drivers\mspqm.sys [6656]
O58 - SDL:[MD5.86D632D75D05D5B7C7C043FA3564AE86] - 21/01/2008 - 03:49:52 ---A- . (...) -- C:\Windows\System32\Drivers\mstee.sys [7936]
O58 - SDL:[MD5.0E27AF88B9C2291D2FDE9FAAEBD2E9A3] - 26/02/2008 - 18:18:00 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- C:\Windows\System32\Drivers\netr7364.sys [615424]
O58 - SDL:[MD5.4AC08BD6AF2DF42E0C3196D826C8AEA7] - 02/11/2006 - 13:03:03 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51816]
O58 - SDL:[MD5.BE52A3EDA5E4E8EFACC41F6238B709DF] - 24/04/2009 - 17:54:06 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\Drivers\nvhda64v.sys [79392]
O58 - SDL:[MD5.766199A6341F7775B0A60D865123F95A] - 01/05/2009 - 13:27:00 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 185.86.) -- C:\Windows\System32\Drivers\nvlddmkm.sys [11725728]
O58 - SDL:[MD5.98350606682594521D56ECCB5D01ECF7] - 01/08/2008 - 13:51:12 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\System32\Drivers\nvmfdx64.sys [1498016]
O58 - SDL:[MD5.2C040B7ADA5B06F6FACADAC8514AA034] - 21/01/2008 - 03:46:54 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [128056]
O58 - SDL:[MD5.2F60404C51999DAED32517606B6B9585] - 12/11/2008 - 18:04:40 ----- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvrd64.sys [167456]
O58 - SDL:[MD5.16D36074B84DA72D160233C8D132DC89] - 22/05/2008 - 10:39:48 ----- . (.NVIDIA Corporation - NVIDIA nForce(TM) SMU Microcontroller Driver.) -- C:\Windows\System32\Drivers\nvsmu.sys [27168]
O58 - SDL:[MD5.F7EA0FE82842D05EDA3EFDD376DBFDBA] - 21/01/2008 - 03:46:54 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [54328]
O58 - SDL:[MD5.3EAE16D8E9C4ED4725186EACE6F5357A] - 12/11/2008 - 18:04:14 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor64.sys [170016]
O58 - SDL:[MD5.7B58953E2F263421FDBB09A192712A85] - 02/11/2006 - 10:43:56 ---A- . (...) -- C:\Windows\System32\Drivers\ohci1394.sys [72192]
O58 - SDL:[MD5.0B83F4E681062F3839BE2EC1D98FD94A] - 21/01/2008 - 03:46:52 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1221176]
O58 - SDL:[MD5.E1C80F8D4D1E39EF9595809C1369BF2A] - 02/11/2006 - 12:50:27 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [124008]
O58 - SDL:[MD5.1EDAB7F9B9DE4424BECCDEF950CE2FF0] - 11/02/2009 - 21:39:24 ---A- . (...) -- C:\Windows\System32\Drivers\RTKVHD64.sys [1708192]
O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 30/09/2006 - 00:51:44 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:[MD5.3A2F769FAB9582BC720E11EA1DFB184D] - 21/01/2008 - 03:47:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [78392]
O58 - SDL:[MD5.EB69069B969F4252A3BDE2BB3621811E] - 11/04/2009 - 06:39:31 ---A- . (...) -- C:\Windows\System32\Drivers\stream.sys [68224]
O58 - SDL:[MD5.2F26A2C6FC96B29BEFF5D8ED74E6625B] - 02/11/2006 - 13:02:52 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\symc8xx.sys [49256]
O58 - SDL:[MD5.A909667976D3BCCD1DF813FED517D837] - 02/11/2006 - 13:02:37 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\sym_hi.sys [44648]
O58 - SDL:[MD5.36887B56EC2D98B9C362F6AE4DE5B7B0] - 02/11/2006 - 13:02:47 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\sym_u3.sys [48232]
O58 - SDL:[MD5.697F0446134CDC8F99E69306184FBBB4] - 21/01/2008 - 03:46:56 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [284728]
O58 - SDL:[MD5.31707F09846056651EA2C37858F5DDB0] - 02/11/2006 - 12:50:54 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [148072]
O58 - SDL:[MD5.85E5E43ED5B48C8376281BAB519271B7] - 21/01/2008 - 03:46:52 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series x64 Windows Driver.) -- C:\Windows\System32\Drivers\ulsata2.sys [174696]
O58 - SDL:[MD5.D46BDF1C810138E2D3B985FA3A7AB05E] - 11/04/2009 - 06:39:40 ---A- . (...) -- C:\Windows\System32\Drivers\USBCAMD2.sys [32640]
O58 - SDL:[MD5.7BCE39EE2B61BC3A17E80BC0583F6797] - 29/06/2013 - 03:25:14 ---A- . (...) -- C:\Windows\System32\Drivers\usbd.sys [7552]
O58 - SDL:[MD5.8294B6C3FDB6C33F24E150DE647ECDAA] - 21/01/2008 - 03:46:50 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [18024]
O58 - SDL:[MD5.A68F455ED2673835209318DD61BFBB0E] - 21/01/2008 - 03:47:25 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [149048]
O58 - SDL:[MD5.FEF8FE5923FEAD2CEE4DFABFCE3393A7] - 02/11/2006 - 10:40:24 ---A- . (...) -- C:\Windows\System32\Drivers\wacompen.sys [26624]
~ Drivers: 20 Scanned in 00mn 03s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 20/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_player.vimeo.com_0.localstorage [3072]
O61 - LFC: 20/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_player.vimeo.com_0.localstorage-journal [3608]
O61 - LFC: 20/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.boulanger.fr_0.localstorage [28672]
O61 - LFC: 20/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.boulanger.fr_0.localstorage-journal [16384]
O61 - LFC: 20/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_fnac.livechat.iadvize.com_0.localstorage [3072]
O61 - LFC: 20/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_fnac.livechat.iadvize.com_0.localstorage-journal [3608]
O61 - LFC: 20/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_secure-a.vimeocdn.com_0.localstorage [3072]
O61 - LFC: 20/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_secure-a.vimeocdn.com_0.localstorage-journal [3608]
O61 - LFC: 20/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\chatsync\93\93956356cd890779.dat [3437]
O61 - LFC: 20/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\chatsync\8a\8a1c3a014e2ac5d0.dat [4837]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.bouyguestelecom.fr_0.localstorage [3072]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.bouyguestelecom.fr_0.localstorage-journal [3608]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.laboutique.bouyguestelecom.fr_0.localstorage [3072]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.laboutique.bouyguestelecom.fr_0.localstorage-journal [3608]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.laredoute.fr_0.localstorage [33792]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.laredoute.fr_0.localstorage-journal [16384]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.renouvellement.bouyguestelecom.fr_0.localstorage [4096]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.renouvellement.bouyguestelecom.fr_0.localstorage-journal [4640]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.search.bouyguestelecom.fr_0.localstorage [13312]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.search.bouyguestelecom.fr_0.localstorage-journal [3608]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.espaceclient.bouyguestelecom.fr_0.localstorage [3072]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.espaceclient.bouyguestelecom.fr_0.localstorage-journal [3608]
O61 - LFC: 21/01/2014 - 23:11:30 ----- . (...) -- C:\Users\gold\AppData\Local\Temp\Cookies\index.dat [16384]
O61 - LFC: 21/01/2014 - 23:11:30 ----- . (...) -- C:\Users\gold\AppData\Local\Temp\Fichiers Internet temporaires\Content.IE5\index.dat [32768]
O61 - LFC: 21/01/2014 - 23:11:30 ----- . (...) -- C:\Users\gold\AppData\Local\Temp\History\History.IE5\index.dat [16384]
O61 - LFC: 21/01/2014 - 23:11:30 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Adobe\Acrobat\10.0\JSCache\GlobSettings [24]
O61 - LFC: 21/01/2014 - 23:11:30 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Adobe\Acrobat\10.0\Security\CRLCache\48B76449F3D5FEFA1133AA805E420F0FCA643651.crl [898]
O61 - LFC: 21/01/2014 - 23:11:30 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Adobe\Acrobat\10.0\Security\CRLCache\A9B8213768ADC68AF64FCC6409E8BE414726687F.crl [37213]
O61 - LFC: 21/01/2014 - 23:11:30 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Adobe\Acrobat\10.0\Security\addressbook.acrodata [5486]
O61 - LFC: 21/01/2014 - 23:11:30 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Adobe\Acrobat\10.0\TMDocs.sav [36]
O61 - LFC: 21/01/2014 - 23:11:30 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Adobe\Acrobat\10.0\TMGrpPrm.sav [54]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\bistats.db [77824]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\chatsync\0f\0fcd5c91cb4c62a0.dat [1989]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\chatsync\1a\1a09ad3d6af229fc.dat [1965]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\chatsync\57\5762f254ab10846f.dat [1949]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\chatsync\61\6103687eeb5c3941.dat [2037]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\chatsync\ab\ab5279f0d3ecee7b.dat [1965]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\chatsync\d3\d360f3d542e3b2f4.dat [3149]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\config.xml [15307]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\dc.db [790528]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\eas.db [65536]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\httpfe\cookies.dat [2]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\keyval.db [49152]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\main.db [3870720]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\msn.db [53248]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\qikdb\qik_main.db [28672]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\simcache\streamlist [44]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\statistics.db [53248]
O61 - LFC: 21/01/2014 - 23:15:49 ---A- . (...) -- C:\Users\gold\Downloads\Mobile_Bouyguestelecom_Facture_decembre2013.pdf [143156]
O61 - LFC: 21/01/2014 - 23:15:49 ---A- . (...) -- C:\Users\gold\Downloads\Mobile_Bouyguestelecom_Facture_janvier2014 (1).pdf [124103]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0 [45056]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1 [270336]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_badoo.com_0.localstorage [35840]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_badoo.com_0.localstorage-journal [16384]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.meetic.fr_0.localstorage [3072]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.meetic.fr_0.localstorage-journal [3608]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_fr-fr.facebook.com_0.localstorage [4096]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_fr-fr.facebook.com_0.localstorage-journal [3608]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage [4096]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage-journal [3608]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs [29696]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs-journal [4640]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\PJFPWC2F\macromedia.com\support\flashplayer\sys\#p1.badoocdn.com\settings.sol [85]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\PJFPWC2F\macromedia.com\support\flashplayer\sys\settings.sol [1012]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\PJFPWC2F\p1.badoocdn.com\statf.sol [42]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\PJFPWC2F\player.ooyala.com\auth2.sol [204]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\PJFPWC2F\player.ooyala.com\perf.sol [123]
O61 - LFC: 22/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\MBAM-log-2014-01-22 (22-33-13).txt [2764]
O61 - LFC: 22/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2014-01-22 (20-32-14).txt [2878]
O61 - LFC: 22/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\bistats.db [155648]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\config.xml [14362]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\dc.db [753664]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\eas.db [65536]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\httpfe\cookies.dat [2]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\keyval.db [49152]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\main.db [2686976]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\msn.db [53248]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\qikdb\qik_main.db [28672]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\simcache\streamlist [44]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\statistics.db [53248]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\shared.xml [90057]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\shared_dynco\dc.db [2375680]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\shared_dynco\dc.db-journal [1297376]
O61 - LFC: 22/01/2014 - 23:15:49 ---A- . (.Malwarebytes Corporation.) -- C:\Users\gold\Downloads\mbam-setup-1.75.0.1300 (1).exe [10285040]
O61 - LFC: 22/01/2014 - 23:15:49 ---A- . (.Malwarebytes Corporation.) -- C:\Users\gold\Downloads\mbam-setup-1.75.0.1300 (2).exe [10285040]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Bookmarks [9937]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak [9937]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Cookies [1281024]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal [16384]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Current Session [79041]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Current Tabs [12180]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT [16]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG [148]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old [148]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000745 [711]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG [0]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old [0]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Favicons [2027520]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal [16384]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\History [1658880]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache [272512]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\History-journal [16384]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Last Session [443787]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Last Tabs [352462]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.pagesjaunes.fr_0.localstorage [10240]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.pagesjaunes.fr_0.localstorage-journal [10832]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.presence-pc.com_0.localstorage [3072]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.presence-pc.com_0.localstorage-journal [3608]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.tomsguide.fr_0.localstorage [3072]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.tomsguide.fr_0.localstorage-journal [3608]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage [6144]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal [3608]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor [327680]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal [16384]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Preferences [185379]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Session Storage\001406.ldb [147]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Session Storage\001408.ldb [10537]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Session Storage\001411.ldb [10726]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Session Storage\001414.ldb [239097]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT [16]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG [277]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old [276]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-001413 [254] =>.Google Inc
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Shortcuts [77824]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal [16384]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3 [1191936]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3-journal [16384]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Top Sites [94208]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal [16384]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity [3522]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Visited Links [131072]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Web Data [520192]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal [16384]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Local State [68413]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom [9634900]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [1371228]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies [6144]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal [2576]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist [135496]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Safe Browsing Download [927784]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist [19504]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist [6952]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [4]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\d3d9caps64.dat [732]
O61 - LFC: 23/01/2014 - 23:11:30 ----- . (...) -- C:\Users\gold\AppData\Local\Temp\etilqs_6LkoTlsadVE4Qkf [16400]
O61 - LFC: 23/01/2014 - 23:11:30 ----- . (...) -- C:\Users\gold\AppData\Local\Temp\etilqs_aySP010zgOKNlNR [2052]
O61 - LFC: 23/01/2014 - 23:11:30 ----- . (...) -- C:\Users\gold\AppData\Local\Temp\etilqs_vAIMgRay7qm7Jqq [4104]
O61 - LFC: 23/01/2014 - 23:11:30 ----- . (...) -- C:\Users\gold\AppData\Local\Temp\etilqs_yhD6zW7T15zfP8x [4]
O61 - LFC: 23/01/2014 - 23:11:30 ----- . (...) -- C:\Users\gold\AppData\Local\Temp\gold.bmp [31832]
O61 - LFC: 23/01/2014 - 23:11:30 ----- . (...) -- C:\Users\gold\AppData\Local\Temp\preferences [0]
O61 - LFC: 23/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2014-01-23 (20-10-38).txt [2]
O61 - LFC: 23/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\ZHP\Log.txt [45060] =>.Nicolas Coolman
O61 - LFC: 23/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\ZHP\TestsZHPDiag.txt [2816] =>.Nicolas Coolman
O61 - LFC: 23/01/2014 - 23:15:44 ---A- . (.Thisisu.) -- C:\Users\gold\Downloads\JRT.exe [1037068]
O61 - LFC: 23/01/2014 - 23:15:49 ---A- . (...) -- C:\Users\gold\Downloads\SFTGC.exe [1052616]
O61 - LFC: 23/01/2014 - 23:15:49 ---A- . (...) -- C:\Users\gold\Downloads\les-pages (1).exe [1772016]
O61 - LFC: 23/01/2014 - 23:15:49 ---A- . (.Nicolas Coolman.) -- C:\Users\gold\Downloads\ZHPDiag2 (1).exe [6864616] =>.Nicolas Coolman
O61 - LFC: 23/01/2014 - 23:15:49 ---A- . (.Nicolas Coolman.) -- C:\Users\gold\Downloads\ZHPDiag2 (2).exe [6864616] =>.Nicolas Coolman
O61 - LFC: 23/01/2014 - 23:15:49 ---A- . (.Nicolas Coolman.) -- C:\Users\gold\Downloads\ZHPDiag2.exe [6864616] =>.Nicolas Coolman
~ 9 Fichiers temporaires (Temporary files)
~ 1 Fichiers cookies (Cookies files)
~ Files: 159 Scanned in 04mn 31s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 04/09/2013 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 18/02/2011 - C:\Windows\System32\DRIVERS\bowser.sys (bowser) .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\CLFS.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\crcdisk.sys (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK
O64 - Services: CurCS - 14/04/2011 - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - 01/08/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - 20/02/2010 - C:\Windows\System32\drivers\HTTP.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - 04/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 21/01/2008 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - 30/04/2009 - C:\Windows\System32\DRIVERS\LVPr2M64.sys (LVPr2M64) .(...) - LEGACY_LVPR2M64
O64 - Services: CurCS - 04/04/2013 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\mountmgr.sys (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - 27/09/2013 - C:\Windows\System32\DRIVERS\MpFilter.sys (MpFilter) .(.Microsoft Corporation - Microsoft antimalware file system filter dr.) - LEGACY_MPFILTER
O64 - Services: CurCS - 21/01/2008 - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\drivers\mrxdav.sys (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\mrxsmb.sys (mrxsmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB
O64 - Services: CurCS - 06/07/2011 - C:\Windows\System32\DRIVERS\mrxsmb10.sys (mrxsmb10) .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\mrxsmb20.sys (mrxsmb20) .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\Drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP) .(.Microsoft Corporation - NativeWiFi Miniport Driver.) - LEGACY_NATIVEWIFIP
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O driver.) - LEGACY_NDISUIO
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\DRIVERS\netbt.sys (netbt) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 27/09/2013 - C:\Windows\System32\DRIVERS\NisDrvWFP.sys (NisDrv) .(.Microsoft Corporation - Microsoft Network Realtime Inspection Drive.) - LEGACY_NISDRV
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\nvraid.sys (nvraid) .(.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - LEGACY_NVRAID
O64 - Services: CurCS - 24/10/2006 - C:\Windows\System32\drivers\peauth.sys (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\rasacd.sys (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\DRIVERS\rdbss.sys (rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\rdpencdd.sys (RDPENCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - 30/09/2006 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\tcpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr) .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR
O64 - Services: CurCS - 18/02/2011 - C:\Windows\System32\DRIVERS\srv.sys (srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srv2.sys (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP
O64 - Services: CurCS - 05/07/2013 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX
O64 - Services: CurCS - 21/01/2008 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX
O64 - Services: CurCS - 21/08/2012 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\DRIVERS\wanarp.sys (Wanarpv6) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6
O64 - Services: CurCS - 27/06/2013 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000
O64 - Services: CurCS - 26/07/2012 - C:\Windows\system32\drivers\Wudfpf.sys (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF
~ Legacy: 77 Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
~ FASS Keys: 13 Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0AD45DEB-0BE6-7F14-ECD5-0CA339790946} [DefaultScope] - (Mysearchdial) - http://start.mysearchdial.com =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {1EF7A1C9-5124-B058-3140-3DBE4A77CDB9} - ({0AD45DEB-0BE6-7F14-ECD5-0CA339790946}) - http://search.babylon.com =>PUP.Babylon
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s
---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [26624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [85504]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [302080]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [49664]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [49664]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [179712]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [719360]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [462848]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [446464]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [98304]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [309760]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [88064]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [61952]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [342016]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [318976]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [547328]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [1081856]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [302080]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [225280]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [28672]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [45056]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [154112]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [37888]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [86528]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [74752]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [855040]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [221696]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll [74752]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [103424]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [178176]
~ Services: 31 Scanned in 00mn 03s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.D832C9C0DA4550168FCE5D9C291D9A6F] [SPRF][04/09/2010] (...) -- C:\ProgramData\ntuser.dat [262144]
[MD5.D71BCA80702FCB793D230906BA7E168C] [SPRF][23/01/2014] (...) -- C:\ProgramData\nvModes.dat [8]
[MD5.C2078692CB33A9E37ED1C0EE3B717EB2] [SPRF][02/12/2013] (...) -- C:\Users\gold\AppData\Local\d3d9caps.dat [8484]
[MD5.96572DC3789EC8CBA61E508A92680F2A] [SPRF][23/01/2014] (...) -- C:\Users\gold\AppData\Local\d3d9caps64.dat [732]
[MD5.03F30C58D3AD81691F3BD28B21413A63] [SPRF][19/03/2011] (...) -- C:\Users\gold\AppData\Local\ilvazdg.bat [90]
[MD5.F0A5B44B9B8A23E2F2950B346B5C7718] [SPRF][23/12/2013] (...) -- C:\Users\gold\AppData\Local\Temp\Quarantine.exe [360051]
[MD5.6911A72591E0B28047F8BD592F5B8CF8] [SPRF][05/12/2013] (...) -- C:\Users\gold\AppData\Roaming\wklnhst.dat [31166]
[MD5.56940B50AB0E5923822F47B0E4463885] [SPRF][26/06/2012] (.Bitdefender LLC - Bitdefender QuickScan.) -- C:\Windows\Downloaded Program Files\qsax.dll [731688]
~ Files: 8 Scanned in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l’autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WinCollab-P2P-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WinCollab-P2P-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WinCollab-Out-UDP" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Collaboration\WinCollab.exe (.not file.)
O87 - FAEL: "WinCollab-In-UDP" |In - Domain - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Collaboration\WinCollab.exe (.not file.)
O87 - FAEL: "WinCollab-Out-TCP" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Collaboration\WinCollab.exe (.not file.)
O87 - FAEL: "WinCollab-In-TCP" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Collaboration\WinCollab.exe (.not file.)
O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "MCX-Prov-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "BITSSVC-RPCSS-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "BITSSVC-RPC-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "BITSSVC-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "BITSSVC-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur DCOM des journaux et alertes de performance.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Serveur DCOM des journaux et alertes de performance.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "{CA6A3407-C77B-4B3E-8FAA-7161E12F78A1}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- c:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe
O87 - FAEL: "{A3F5B87E-29CB-4BC4-8384-FFB33E55D231}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Music Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
O87 - FAEL: "{DC259613-E5D1-481A-9077-49F30334AEAD}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Photo Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
O87 - FAEL: "{E244CA63-E91D-4214-BBB5-00BE1867856D}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Video Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
O87 - FAEL: "{80A62966-C8E3-48FD-88CA-69F78FFE0003}" | In - None - P6 - TRUE | .(.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
O87 - FAEL: "{528EEE31-E43A-4EBC-8A11-29A4214822AA}" | In - None - P6 - TRUE | .(.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
O87 - FAEL: "{40D42EA0-FFF0-44B5-B032-4D03206F32DD}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe (.not file.)
O87 - FAEL: "{BA11140B-753D-42BD-B7A4-0FC3C8791214}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe (.not file.)
O87 - FAEL: "{F0D893C7-1115-4B6D-B940-E09120678E89}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe (.not file.)
O87 - FAEL: "{E0E07615-478E-4FBA-888F-B9B1BF8CEDE7}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe (.not file.)
O87 - FAEL: "{AFDE8804-A831-4665-93E1-B89B3DC6904E}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe (.not file.)
O87 - FAEL: "{5F1B0D42-9D3D-4140-95ED-4E675D721BEA}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDSmart Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
O87 - FAEL: "TCP Query User{E3053A3D-ECB6-4CC2-8F76-BD3D2A7D5996}C:\program files (x86)\activision value\soldier of fortune payback\sof3.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\activision value\soldier of fortune payback\sof3.exe
O87 - FAEL: "UDP Query User{E99BB01D-570D-43A6-A79D-34ACA4D53173}C:\program files (x86)\activision value\soldier of fortune payback\sof3.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\activision value\soldier of fortune payback\sof3.exe
O87 - FAEL: "TelnetServer-TlntSvr-TCP-In" | In - None - P6 - TRUE | .(.Microsoft Corporation - Telnet.) -- C:\Windows\system32\tlntsvr.exe
O87 - FAEL: "TelnetServer-Tlntadmn-RPCSS-EPMAP-In" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "TelnetServer-Tlntadmn-DCOM-In" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "TelnetServer-Tlntadmn-RPC-In" | In - None - P6 - FALSE | .(.Microsoft Corporation - Telnet.) -- C:\Windows\system32\tlntsvr.exe
O87 - FAEL: "TCP Query User{7D939B66-CB9B-4235-ACBF-A99FDAD16864}C:\users\gold\desktop\fichier\program files\emule\emule.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\gold\desktop\fichier\program files\emule\emule.exe (.not file.)
O87 - FAEL: "UDP Query User{836288E2-6DC3-4F76-BFE2-E37AED728134}C:\users\gold\desktop\fichier\program files\emule\emule.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\gold\desktop\fichier\program files\emule\emule.exe (.not file.)
O87 - FAEL: "{A5D36040-75A6-4623-834F-610F4F871361}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "TCP Query User{FD42435E-9E3D-4FE0-BB4B-A657988C096B}C:\program files (x86)\internet explorer\iexplore.exe" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files (x86)\internet explorer\iexplore.exe
O87 - FAEL: "UDP Query User{AD10DAC6-910C-49AE-ABBF-AD7A7F35C4A2}C:\program files (x86)\internet explorer\iexplore.exe" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files (x86)\internet explorer\iexplore.exe
O87 - FAEL: "{B75C8F90-13CA-461B-A920-A01E0D92D60B}" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (.not file.)
O87 - FAEL: "{459107A2-6FEB-4DE4-A56B-68516EC71B95}" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (.not file.)
O87 - FAEL: "{0CF9C051-CB04-4A22-8563-9E5D17C616FA}" |In - Public - P6 - FALSE | .(...) -- C:\Users\gold\AppData\Local\Temp\ImInstaller\incredimail_installer.exe (.not file.)
O87 - FAEL: "{CD234FF9-2FB0-456F-AD44-11394158A086}" |In - Public - P17 - FALSE | .(...) -- C:\Users\gold\AppData\Local\Temp\ImInstaller\incredimail_installer.exe (.not file.)
O87 - FAEL: "{1046F800-CFA0-4C7B-954F-4A727A7A86BE}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O87 - FAEL: "{08393F88-6532-40E1-B79A-909CBE875044}" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe (.not file.)
O87 - FAEL: "{6F187094-9088-4F06-8972-448546CB0DA1}" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe (.not file.)
O87 - FAEL: "{09B2EAB7-ABD8-4171-BD13-8D97682CF08C}" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe (.not file.)
O87 - FAEL: "{F68751A7-1CC4-4711-8D84-8DC61943E40F}" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe (.not file.)
O87 - FAEL: "{E2F8E11C-C054-42CB-9FE8-E6858A40C01E}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "{06E19CEF-8D95-49A0-AFD8-625AC73B35F8}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "{D83422CD-AB77-4884-9D72-DD624EB10960}" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "{F721B77A-3548-49B1-9BDC-D62703AA8AE0}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "{BD6E1F40-83AE-497E-965C-2CB923779220}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "{E2CFC844-89BF-4FEA-A920-3B1889932152}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "{E799E4F0-BF2C-4498-AC0F-57F6C8462A08}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "{220786C6-F3B0-4D3E-BCE3-4FBD03380AC6}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "{E71E4D1B-BD78-443C-BD45-398C5F82D2DE}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "TCP Query User{33EF3692-FEB9-436C-AB6E-7680931C1CA2}C:\program files (x86)\emule\emule.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\emule\emule.exe (.not file.)
O87 - FAEL: "UDP Query User{4DC4B03F-9B81-40B7-A59B-AA7F76F75A70}C:\program files (x86)\emule\emule.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\emule\emule.exe (.not file.)
O87 - FAEL: "{39571394-93D1-4AD4-BEEF-B83EBCAC3380}" | In - None - P17 - TRUE | .(.Hewlett-Packard - HP Update Client.) -- C:\Program Files (x86)\HP\hp software update\hpwucli.exe =>.Hewlett-Packard Co
O87 - FAEL: "TCP Query User{44D62C7D-CA4C-42DF-87E9-C60DECA447D4}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\symantec\norton online backup\nobuclient.exe (.not file.) =>.Symantec Corporation
O87 - FAEL: "UDP Query User{2BD99E11-98FB-488D-8723-D383D3611EE8}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\symantec\norton online backup\nobuclient.exe (.not file.) =>.Symantec Corporation
O87 - FAEL: "{58A389B4-DD86-44D5-A363-89BB380B2BF2}" |In - Public - P6 - TRUE | .(...) -- C:\Users\gold\AppData\Local\Temp\7zS6952.tmp\SymNRT.exe (.not file.)
O87 - FAEL: "{AFCF6B07-A69C-42B0-87F5-89EA83E69B62}" |In - Public - P17 - TRUE | .(...) -- C:\Users\gold\AppData\Local\Temp\7zS6952.tmp\SymNRT.exe (.not file.)
O87 - FAEL: "TCP Query User{D42E5E5D-5DAC-422C-9F4C-4E81C827BB34}C:\program files (x86)\google\google earth\client\googleearth.exe" | In - Public - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files (x86)\google\google earth\client\googleearth.exe =>.Google Inc
O87 - FAEL: "UDP Query User{7EF37D38-4CE5-4B41-BC89-C82BEC199CFA}C:\program files (x86)\google\google earth\client\googleearth.exe" | In - Public - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files (x86)\google\google earth\client\googleearth.exe =>.Google Inc
O87 - FAEL: "TCP Query User{7482AFCA-7850-4A67-9FD9-5A0EDA31A9A1}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\videolan\vlc\vlc.exe
O87 - FAEL: "UDP Query User{44BAC0AB-98F1-4A71-8330-2C3999C511A4}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\videolan\vlc\vlc.exe
O87 - FAEL: "{9EFE26BA-E098-4A05-8277-6473E1A2BF2D}" | In - Public - P6 - TRUE | .(.Logitech Inc. - Logitech Vid HD.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
O87 - FAEL: "{CCEC3D0F-82D1-4CE5-A963-47248252C5F1}" | In - Public - P17 - TRUE | .(.Logitech Inc. - Logitech Vid HD.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
O87 - FAEL: "{2CAD57D0-1BC6-406E-A5F8-A70449E67F73}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.exe =>.Microsoft Corporation
O87 - FAEL: "{C589C173-9EFA-4894-9411-ADC5343FBD92}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.exe =>.Microsoft Corporation
O87 - FAEL: "{A40C6375-2236-404C-B4FC-06C5E4DCF594}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files (x86)\Microsoft Office\Office14\outlook.exe
O87 - FAEL: "TCP Query User{E2A553F5-DC93-4756-B1B1-E13324C8F0F9}C:\program files (x86)\google\google earth\plugin\geplugin.exe" | In - Public - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files (x86)\google\google earth\plugin\geplugin.exe =>.Google Inc
O87 - FAEL: "UDP Query User{8F5ADE53-B640-490C-92D0-9D3876DB04B8}C:\program files (x86)\google\google earth\plugin\geplugin.exe" | In - Public - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files (x86)\google\google earth\plugin\geplugin.exe =>.Google Inc
O87 - FAEL: "TCP Query User{238DBFE5-4D2A-4495-9BE8-343361382D5F}C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe (.not file.)
O87 - FAEL: "UDP Query User{6B186B4B-3B8C-42D9-8DFC-4EFD80D5A189}C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe (.not file.)
O87 - FAEL: "{447057D9-9DA3-4EBB-9076-5ECFAAF2779F}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
O87 - FAEL: "{585BDFFD-A2B7-43DA-A6A9-72D8215CD4B1}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{58A29927-85C5-41FC-9FED-3294C302DAB9}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{55C05FFB-5A55-48AB-A545-EC862B7AA027}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{087C5737-760A-4D05-BA84-1D989A05CE35}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{281B6B59-568F-4BFA-AB82-F071FE584877}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\expressdl.exe (.not file.) =>Adware.ExpressFiles
O87 - FAEL: "{A56F4372-99BA-4B80-B2BE-726B6739C76F}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\expressdl.exe (.not file.) =>Adware.ExpressFiles
O87 - FAEL: "{19822EBE-CD3E-4EB5-B534-654AEC0B6568}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe (.not file.) =>Adware.ExpressFiles
O87 - FAEL: "{F3D11EBF-FC41-4CB9-BC86-EFC315E152A1}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe (.not file.) =>Adware.ExpressFiles
O87 - FAEL: "{F7A7A3BA-ADFA-4A28-90F1-EE38B8D517CA}" | In - None - P6 - FALSE | .(.Microsoft Corporation - SMSvcHost.exe.) -- c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
O87 - FAEL: "{856F05A9-0A24-41F5-BA19-D5787421AF67}" | In - Public - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O87 - FAEL: "{8620CA37-591F-401D-B42D-CEB75B27D352}" | In - Public - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O87 - FAEL: "{529065FC-528F-47DF-BF79-48850F7508E2}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Iminent\Iminent.exe (.not file.) =>Adware.IMBooster
O87 - FAEL: "{39CA13B2-F620-4AB4-B732-7553D5F3B516}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (.not file.) =>Adware.IMBooster
O87 - FAEL: "{0F247E9D-B4A1-40E2-B81E-A5EE832EDC39}" |In - Public - P6 - TRUE | .(...) -- C:\ProgramData\eSafe\eGdpSvc.exe (.not file.) =>PUP.eSafeSecurity
O87 - FAEL: "{F408756B-2820-47BA-BB09-0AE64A758AB2}" | In - None - P6 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe
O87 - FAEL: "TCP Query User{6424B907-9483-4424-AB7E-FAB4F3BF97F2}C:\users\gold\documents\bolzon\desktop\fichier\program files\emule\emule.exe" | In - Public - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\users\gold\documents\bolzon\desktop\fichier\program files\emule\emule.exe
O87 - FAEL: "UDP Query User{26EFC76C-BCF1-49F5-BF33-6283E63BCDE5}C:\users\gold\documents\bolzon\desktop\fichier\program files\emule\emule.exe" | In - Public - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\users\gold\documents\bolzon\desktop\fichier\program files\emule\emule.exe
O87 - FAEL: "{62E5B17E-2CF2-4751-8752-13874910EFAE}" | In - Public - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe
O87 - FAEL: "{FF10FC70-15E2-4B59-BEBC-B9EDE7FF665B}" | In - Public - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe
~ Firewall: 248 Scanned in 00mn 03s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "000021090200C0400000000000F01FEC" . (.Module de compatibilité pour Microsoft Office System 2007.) -- C:\Windows\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe
O90 - PUC: "00002159FA00C0400000000000F01FEC" . (.Microsoft Office PowerPoint Viewer 2007 (French).) -- C:\Windows\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe,0 =>.Microsoft Corporation
O90 - PUC: "098990BCF5D15D11E99A0005AB3E711E" . (.PowerDirector.) -- c:\Windows\Installer\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\ARPPRODUCTICON.exe
O90 - PUC: "098CCE33084C42149BB5AB630E521B02" . (.FrameFox Extensions 1.0.7.0.) -- C:\Windows\Installer\{33ECC890-C480-4124-B95B-BA36E025B120}\FrameFox.ico =>PUP.FrameFox
O90 - PUC: "168061B30527E1545BEEB829FB037A01" . (.Microsoft Works.) -- C:\Windows\Installer\{3B160861-7250-451E-B5EE-8B92BF30A710}\MSWorks.exe
O90 - PUC: "24E34A3785639DD45815AFDC3A365283" . (.HP Advisor.) -- c:\Windows\Installer\{73A43E42-3658-4DD9-8551-FACDA3632538}\ARPPRODUCTICON.exe
O90 - PUC: "2B0163E6D0340BE4183EB2758E9BEDD8" . (.Bonjour.) -- C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\Bonjour.ico
O90 - PUC: "2CE0460AE79B1CF4DA4122C7E983B64B" . (.HP Recovery Manager RSS.) -- C:\Windows\Installer\{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}\ARPPRODUCTICON.exe
O90 - PUC: "345F8E2DA32D83A4FACFB4EDFBABF6AD" . (.HP MediaSmart SmartMenu.) -- c:\Windows\Installer\{D2E8F543-D23A-4A38-AFFC-4BDEBFBA6FDA}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "38E1FB04BE028D11795C00905C206085" . (.Power2Go.) -- c:\Windows\Installer\{40BF1E83-20EB-11D8-97C5-0009C5020658}\ARPPRODUCTICON.exe
O90 - PUC: "3DF3FD4D7644FE74D8A4FAE196E1435F" . (.Logitech Webcam Software.) -- C:\Windows\Installer\{D4DF3FD3-4467-47EF-8D4A-AF1E691E34F5}\ARPPRODUCTICON.exe =>.Logitech Inc
O90 - PUC: "42C6FBF1DF1C10144AB2C065F4E9E897" . (.PowerStarter.) -- c:\Windows\Installer\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\ARPPRODUCTICON.exe
O90 - PUC: "482AA67AD25E6E74E9F48BD5FBE8533C" . (.IMinent Toolbar.) -- C:\Documents and Settings\CATA\My Documents\My Received Files\icon.ico =>Adware.IMBooster
O90 - PUC: "5529FA197D10C8F469B0ACF2C4E8C799" . (.Logitech QuickCapture Gadget.) -- C:\Windows\Installer\{91AF9255-01D7-4F8C-960B-CA2F4C8E7C99}\ARPPRODUCTICON.exe
O90 - PUC: "56A9756CEAC913B4B8B633600E36A066" . (.Apple Software Update.) -- C:\Windows\Installer\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}\Installer.ico =>.Apple Inc
O90 - PUC: "5A440F64B8EC691489E4B56D25E563D1" . (.Apple Application Support.) -- C:\Windows\Installer\{46F044A5-CE8B-4196-984E-5BD6525E361D}\WinInstall.ico
O90 - PUC: "68AB67CA7DA746454382090000000040" . (.Spelling Dictionaries Support For Adobe Reader 9.) -- C:\Windows\Installer\{AC76BA86-7AD7-5464-3428-900000000004}\ARPPRODUCTICON.exe
O90 - PUC: "68AB67CA7DA76301B744AA0100000010" . (.Adobe Reader X (10.1.9) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O90 - PUC: "6EA72AD506440834ABCBBB971E1D908D" . (.Ma-Config.com (64 bits).) -- C:\Windows\Installer\{5DA27AE6-4460-4380-BABC-BB79E1D109D8}\maconfico
O90 - PUC: "7692FC6BE18C0C0489510C7547EF1F02" . (.Skype Click to Call.) -- C:\Windows\Installer\{B6CF2967-C81E-40C0-9815-C05774FEF120}\IconUninstallIco
O90 - PUC: "7E31197DC472B074DB64101B2091FDA6" . (.HPPhotosmartEssential.) -- C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\ARPPRODUCTICON.exe
O90 - PUC: "86DA14F42F9826243AC2F2070BF1ECE9" . (.Photorécit 3 pour Windows.) -- C:\Windows\Installer\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}\PhotoStory3_ICON
O90 - PUC: "970DACCDC29FAD442B8526F46C15A7A5" . (.MediaSmart DVD.) -- c:\Windows\Installer\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\ARPPRODUCTICON.exe
O90 - PUC: "9B52EE2B00B5FCA4490F2934C3823CE9" . (.HP.) -- c:\Windows\Installer\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\ARPPRODUCTICON.exe
O90 - PUC: "9F2FDFE0D6387BE43AD230B83D1FBFA2" . (.Security Update for CAPICOM (KB931906).) -- C:\Windows\Installer\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}\folder.ico
O90 - PUC: "A28B4D68DEBAA244EB686953B7074FEF" . (.Ask Toolbar.) -- C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe =>Toolbar.Ask
O90 - PUC: "ABFAB76BF9C4AF84496939E3B3520544" . (.QuickTime.) -- C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\Installer.ico
O90 - PUC: "ADA8B8ABF48097F40AACE6850A087849" . (.FlashPlayer.) -- C:\Windows\Installer\{BA8B8ADA-084F-4F79-A0CA-6E58A0808794}\_112D608FD02CD87FDC7735.exe
O90 - PUC: "B1C4F5CE838F7BC45816F808296924B8" . (.TomTom HOME.) -- C:\Windows\Installer\{EC5F4C1B-F838-4CB7-8561-8F809296428B}\ARPPRODUCTICON.exe
O90 - PUC: "B506D6D57B4EB0947A492948CBD3A2B8" . (.Driver Detective.) -- C:\Windows\Installer\{5D6D605B-E4B7-490B-A794-9284BC3D2A8B}\ARPPRODUCTICON.exe
O90 - PUC: "B846977CE014ABB47BB58551CBFE7ED1" . (.Safari.) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\Installer.ico
O90 - PUC: "B9B0B7844DCDD044980A6ADE1E5A543A" . (.HPSSupply.) -- C:\Windows\Installer\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}\ARPPRODUCTICON.exe
O90 - PUC: "C971C95CD8669A946BAE1012CCCF2134" . (.LabelPrint.) -- c:\Windows\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe
O90 - PUC: "CDD2E27F8BD309142AD13688D359F57E" . (.PSSWCORE.) -- C:\Windows\Installer\{F72E2DDC-3DB8-4190-A21D-63883D955FE7}\ARPPRODUCTICON.exe
O90 - PUC: "D366E3D3E7E477545A06E7DCDD5445A8" . (.PVSonyDll.) -- C:\Windows\Installer\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "DAEC106DF4E2BBB458CC2CA9C46E3A0C" . (.iTunes.) -- C:\Windows\Installer\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}\Installer.ico
O90 - PUC: "DCBDCDC5A9111EA4C9558B61BDEB2454" . (.Iminent.) -- C:\Windows\Installer\{5CDCDBCD-119A-4AE1-9C55-B816DBBE4245}\imbooster.ico =>Adware.IMBooster
O90 - PUC: "E6EBDF634866B264EA89A9931A2B00CC" . (.HP Product Assistant.) -- C:\Windows\Installer\{36FDBE6E-6684-462B-AE98-9A39A1B200CC}\ARPPRODUCTICON.exe
O90 - PUC: "E78D5FE2DB7BF85448824E0D8B4B6EC5" . (.Apple Mobile Device Support.) -- C:\Windows\Installer\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}\Installer.ico
O90 - PUC: "E7FF67E4ABEA78C47B88DC745E24B5D9" . (.Skype™ 6.11.) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O90 - PUC: "F097867CBF400E11B9C200A10A730BE1" . (.Google Earth.) -- C:\Windows\Installer\{C768790F-04FB-11E0-9B2C-001AA037B01E}\ARPPRODUCTICON.exe
O90 - PUC: "F4015DDD44C1BE94E9B692CED57256B8" . (.HP Update.) -- C:\Windows\Installer\{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}\ARPPRODUCTICON.exe
O90 - PUC: "F6071111A6667304777712318267D401" . (.JavaFX 2.1.1.) -- C:\Windows\Installer\{1111706F-666A-4037-7777-211328764D10}\javaIcon.ico
O90 - PUC: "F98F5920896F1014A9D7944F70CED228" . (.HP Active Support Library.) -- c:\Windows\Installer\{0295F89F-F698-4101-9A7D-49F407EC2D82}\ARPPRODUCTICON.exe
~ Update Products: 169 Scanned in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.FDEA8EE9849DCCBC27C96AA655D85278] [WIS][05/12/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\179b106.msi [1634304]
[MD5.C51BFAADA67ADD8DC4DF95300365A67A] [WIS][16/01/2013] (.Ask.com - Blank Project Template.) -- C:\Windows\Installer\1b7b245.msi [2291712]
[MD5.539DB74B672269281D1BE7EFA50B2506] [WIS][07/08/2013] (.PC Drivers HeadQuarters - Driver Detective.) -- C:\Windows\Installer\28afd04.msi [5957632]
[MD5.219888F1443B8B35DB6D98FD5769F443] [WIS][03/02/2012] (.Edilingua - Progetto Italiano 2.) -- C:\Windows\Installer\29b10a.msi [1166848]
[MD5.57C30F4E1F2C169CF2E17E6E12EF29E6] [WIS][02/03/2013] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\3a433.msi [24576] =>Adware.Boxore
[MD5.47A7F162CCFA08DEABFA38D0B25565AA] [WIS][29/01/2011] (.Edilingua - Progetto Italiano 1.) -- C:\Windows\Installer\3c821e.msi [870400]
[MD5.DB250E4C3C3D13512789FA1EA8BA2C42] [WIS][16/11/2013] (.QwertyBox Team - FrameFox Extensions 1.0.7.0 Setup.) -- C:\Windows\Installer\4ec52d.msi [219136] =>PUP.FrameFox
[MD5.0D79C6746473B730DA75A0EEBABD348D] [WIS][18/08/2009] (.Kodak EasyShare software - Kodak EasyShare software.) -- C:\Windows\Installer\6b285.msi [291840]
[MD5.CA11EB174D715B78602B6C5B73CC8321] [WIS][07/08/2013] (.Iminent - Iminent.) -- C:\Windows\Installer\8627b.msi [1791488] =>Adware.IMBooster
[MD5.4F00B281961BE89E2C2A718961F42C83] [WIS][05/10/2012] (.Skype Technologies S.A. - Skype Click to Call.) -- C:\Windows\Installer\927946.msi [1188352]
[MD5.0790C56747FAE657C0FD83E50F5312F8] [WIS][05/04/2011] (.IMinent - IMinent Toolbar.) -- C:\Windows\Installer\d41434.msi [206336] =>Adware.IMBooster
[MD5.0C436759EF9A5ACD95FEACC37BF7DAC8] [WIS][18/08/2009] (.eSupportQFolder - eSupportQFolder.) -- C:\Windows\Installer\ee20f.msi [121344]
[MD5.87DAE880F4BF29A60F1D7DC2E82966DA] [WIS][18/08/2009] (.DeviceManagementQFolder - DeviceManagementQFolder.) -- C:\Windows\Installer\ee229.msi [121344]
[MD5.763351CD1D5486161EBC1C9FE87FAF96] [WIS][18/08/2009] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\ee23b.msi [646656]
[MD5.5818E8653444717C96A2DB678507977E] [WIS][18/08/2009] (.CustomerResearchQFolder - CustomerResearchQFolder.) -- C:\Windows\Installer\ee261.msi [121344]
[MD5.3A9797EF337CDF8617CD28EEAD541A49] [WIS][18/08/2009] (.DocumentViewerQFolder - DocumentViewerQFolder.) -- C:\Windows\Installer\ee271.msi [121344]
~ WIS: 173 Scanned in 00mn 06s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 15/01/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 17/07/2009 250616 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
SS - | Auto 04/12/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/12/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 22/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 03/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 02/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Auto 25/02/2013 1260320 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SS - | Demand 02/02/2009 23536 | (PCDSRVC{F36B3A4C-F95654BD-06000000}_0) . (.PC-Doctor, Inc..) - c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 21/01/2008 27648 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 21/01/2008 27648 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SR - | Auto 04/12/2008 94208 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Demand 21/01/2008 27648 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 27648 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 17/12/2013 46904 | (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
SR - | Auto 30/04/2009 190488 | (LVPrcS64) . (.Logitech Inc..) - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
SR - | Auto 08/01/2014 2768720 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 23/10/2013 23808 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 21/01/2008 27648 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 01/10/2012 69640 | (nlsX86cc) . (.Nalpeiron Ltd..) - C:\Windows\SysWOW64\NLSSRV32.exe
SR - | Auto 01/05/2009 381984 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 21/01/2008 27648 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2009 247152 | (RichVideo) . (...) - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
SR - | Auto 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SR - | Auto 12/02/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SR - | Auto 21/01/2008 27648 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 08s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by gold at 23/01/2014 23:17:15
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by gold at 23/01/2014 23:17:17
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 13024 - (17/01/2014)
Clés trouvées (Keys found) : 45
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 6
Fichiers trouvés (Files found) : 11
[HKLM\Software\Google\Chrome\Extensions\kbjlipmgfoamgjaogmbihaffnpkpjajp] =>PUP.BubbleDock^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilvazdg] =>Adware.Favorit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BA8B8ADA-084F-4F79-A0CA-6E58A0808794}] =>PUP.VAFPlayer^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\VuuPC Packages] =>PUP.VuuPC^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A3B277D2-6D43-4E78-8D73-6DA4370D689D}_is1] =>Adware.SocialSkinz^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\PC Cleaner] =>USP.PCCleaner^
[HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Classes\Installer\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKCU\Software\DM] =>PUP.BearShare
[HKLM\Software\Wow6432Node\VBMZ] =>Toolbar.Conduit
[HKLM\Software\Classes\Installer\Features\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Classes\Installer\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate] =>PUP.DealPly
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKCU\Software\Classes\MF] =>PUP.MediaFinder
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask
[HKLM\Software\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}] =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:fst_fr_9 =>PUA.FSTfr9^
C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbjlipmgfoamgjaogmbihaffnpkpjajp =>PUP.BubbleDock^
C:\Users\gold\AppData\Roaming\Mozilla\Firefox\Profiles\oboqkui3.default\extensions\crossriderapp2258@crossrider.com =>PUP.CrossRider^
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\Users\gold\AppData\Roaming\PC Cleaner =>USP.PCCleaner^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaner =>USP.PCCleaner
C:\Users\gold\AppData\Local\Software =>Adware.Boxore
[HKCU\Software\AppDataLow\Software\Softonic.fr] =>Toolbar.Conduit^
[HKCU\Software\AppDataLow\Software\electroLyrics] =>Adware.AddLyrics^
[HKCU\Software\PC Cleaner] =>USP.PCCleaner^
[HKLM\Software\Wow6432Node\MajEoRezo] =>PUP.Eorezo^
C:\Windows\Installer\3a433.msi =>Adware.Boxore^
C:\Windows\Installer\4ec52d.msi =>PUP.FrameFox^
C:\Windows\Installer\8627b.msi =>Adware.IMBooster^
C:\Windows\Installer\d41434.msi =>Adware.IMBooster^
C:\Users\gold\Downloads\flvmplayer.exe =>PUP.Offerware
C:\Users\gold\Downloads\SaveAs.exe =>PUP.Offerware
C:\Windows\Reimage.ini =>Rogue.ReimageRepair
~ Additionnel Scan: 490231 Items scanned in 00mn 26s
---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/31746142-toolbar-bubbledock =>Toolbar.BubbleDock
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/26631242-hijacker-qvo6 =>Hijacker.Qvo6
~ http://nicolascoolman.webs.com/apps/blog/show/34014358-pua-fstfr9 =>PUA.FSTfr9
~ http://nicolascoolman.webs.com/apps/blog/show/27469224-pup-eorezo =>PUP.EoRezo
~ http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop =>Adware.Lollipop
~ http://nicolascoolman.webs.com/apps/blog/show/29439557-adware-favorit =>Adware.Favorit
~ http://nicolascoolman.webs.com/apps/blog/show/30392620-pup-vafplayer =>PUP.VAFPlayer
~ http://nicolascoolman.webs.com/apps/blog/show/33388048-pup-vuupc =>PUP.VuuPC
~ http://nicolascoolman.webs.com/apps/blog/show/27480243-adware-socialskinz =>Adware.SocialSkinz
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics =>Adware.AddLyrics
~ http://nicolascoolman.webs.com/apps/blog/show/29956939-usp-pccleaner =>USP.PCCleaner
~ http://nicolascoolman.webs.com/apps/blog/show/37752731-pup-duuqu =>PUP.Duuqu
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/26753274-adware-expressfiles =>Adware.ExpressFiles
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/27588628-pup-esafesecurity =>PUP.eSafeSecurity
~ http://nicolascoolman.webs.com/apps/blog/show/32789922-pup-framefox =>PUP.FrameFox
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ http://nicolascoolman.webs.com/apps/blog/show/26705717-pup-bearshare =>PUP.BearShare
~ http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply =>PUP.DealPly
~ http://nicolascoolman.webs.com/apps/blog/show/28445531-pup-mediafinder =>PUP.MediaFinder
~ http://nicolascoolman.webs.com/apps/blog/show/27332348-pup-offerware =>PUP.Offerware
~ http://nicolascoolman.webs.com/apps/blog/show/26633218-rogue-reimagerepair =>Rogue.ReimageRepair
~ MSI: 29 link(s) detected in 00mn 27s
End of the scan (2268 lines in 07mn 16s)(0)
~ Lancé par gold (23/01/2014 23:10:33)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 64-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : WQD8Q
Windows License : OK
Windows Automatic Updates : OK
---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Security Client v4.4.0304.0
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader X
Java 7 Update 45
---\\ Informations sur le système
~ Processor: AMD64 Family 16 Model 2 Stepping 3, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4093 MB (57% free)
System Restore: Activé (Enable)
System drive C: has 178 GB (39%) free of 451 GB
---\\ Mode de connexion au système
~ Computer Name: PC-DE-GOLD
~ User Name: gold
~ All Users Names: UpdatusUser, gold, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\gold\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\gold\AppData\Roaming\
~ %Desktop% : C:\Users\gold\Desktop\
~ %Favorites% : C:\Users\gold\Favorites\
~ %LocalAppData% : C:\Users\gold\AppData\Local\
~ %StartMenu% : C:\Users\gold\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 178 Go of 451 Go)
D: Hard drive, Flash drive, Thumb drive (Free 1 Go of 15 Go)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 49 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.6B08E54A451B3F95E4109DBA7E594270] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 08:10:17.) -- C:\Windows\Explorer.exe [3079168]
[MD5.117EA87DF785CA1B9D821F6F213DCE07] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:50:23.) -- C:\Windows\System32\Wininit.exe [123904]
[MD5.60CA010B705660542FB33B43C3653BA0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.15/11/2013 - 02:29:03.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.6D0773A3A65D28B663F334C90441D01A] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 08:11:08.) -- C:\Windows\System32\Winlogon.exe [405504]
[MD5.2BA159E1F9FD75F6A496742B20F1D9CF] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.04/09/2013 - 03:31:51.) -- C:\Windows\system32\Drivers\AFD.sys [404992]
[MD5.1898FAE8E07D97F2F6C2D5326C633FAC] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.21/01/2008 - 03:46:50.) -- C:\Windows\system32\Drivers\atapi.sys [22584]
[MD5.B4D787DB8D30793A4D4DF9FEED18F136] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:50:39.) -- C:\Windows\system32\Drivers\Cdfs.sys [90624]
[MD5.C025AA69BE3D0D25C7A2E746EF6F94FC] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 06:34:39.) -- C:\Windows\system32\Drivers\Cdrom.sys [79872]
[MD5.8B722BA35205C71E7951CDC4CDBADE19] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 16:14:19.) -- C:\Windows\system32\Drivers\DfsC.sys [97792]
[MD5.F942C5820205F2FB453243EDFEC82A3D] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 06:39:41.) -- C:\Windows\system32\Drivers\HDAudBus.sys [948736]
[MD5.CBB597659A2713CE0C9CC20C88C7591F] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:46:59.) -- C:\Windows\system32\Drivers\i8042prt.sys [64000]
[MD5.B7E6212F581EA5F6AB0C3A6CEEEB89BE] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:48:45.) -- C:\Windows\system32\Drivers\IpNat.sys [115712]
[MD5.1485811B320FF8C7EDAD1CAEBB1C6C2B] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:39:34.) -- C:\Windows\system32\Drivers\MRxSmb.sys [135680]
[MD5.FC2C792EBDDC8E28DF939D6A92C83D61] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 06:42:33.) -- C:\Windows\system32\Drivers\netBT.sys [248320]
[MD5.2ACCAA3C3C55370A32F17B3595E1A217] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:13:14.) -- C:\Windows\system32\Drivers\ntfs.sys [1513320]
[MD5.AECD57F94C887F58919F307C35498EA0] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 10:37:57.) -- C:\Windows\system32\Drivers\Parport.sys [96768]
[MD5.AC7BC4D42A7E558718DFDEC599BBFC2C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.11/04/2009 - 06:43:38.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.C045D1FB111C28DF0D1BE8D4BDA22C06] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:46:51.) -- C:\Windows\system32\Drivers\rdpdr.sys [314368]
[MD5.290B6F6A0EC4FCDFC90F5CB6D7020473] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 06:42:19.) -- C:\Windows\system32\Drivers\smb.sys [88064]
[MD5.458919C8C42E398DC4802178D5FFEE27] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 06:43:00.) -- C:\Windows\system32\Drivers\tdx.sys [94720]
[MD5.582F710097B46140F5A89A19A6573D4B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:50:57.) -- C:\Windows\system32\Drivers\volsnap.sys [267648]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/3410
~ Mes musiques (My Musics) : 0/0
~ Mes Videos (My Videos) : 1/109
~ Mes Favoris (My Favorites) : 1/9
~ Mes Documents (My Documents) : 1/55688
~ Mon Bureau (My Desktop) : 1/7
~ Menu demarrer (Programs) : 1/27
~ Hidden Files: Scanned in 00mn 04s
---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2888]
[MD5.F1AA26C6F261C28D42994CF46F3F83B7] - (.Pas de propriétaire - cspep.) -- C:\Program Files (x86)\cspep\cspep.exe [684032] [PID.920]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\SysWOW64\conime.exe [69120] [PID.2100]
[MD5.8E5651B04BE775696B32F7F1F5DA8871] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8336896] [PID.3772]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [PID.1168]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.2232]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.2284]
[MD5.974A1F783ED34588B45FAD6375077BA6] - (.Hewlett-Packard Company - SolutionsFrameworkService.) -- C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [46904] [PID.2480]
[MD5.5B1F7C0EE4C968D0DAE6736AF328B502] - (.Logitech Inc. - Logitech LVPrS64H Module..) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe [125464] [PID.2636]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2704]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.2772]
[MD5.3C7BE29B76F837DB7CC44844EACAE78B] - (.Nalpeiron Ltd. - This service enables products that use the.) -- C:\Windows\SysWOW64\NLSSRV32.exe [69640] [PID.2852]
[MD5.25B58FC4564A6B175BCFC9FC34CFE0C6] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [247152] [PID.2912]
[MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000] [PID.2992]
[MD5.A21E58F345F337316A98C5121CBE17E8] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [93072] [PID.2080]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://kogoa.com
G0 - GCSP: Preference [User Data\Default] http://www.google.fr
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [kbjlipmgfoamgjaogmbihaffnpkpjajp] Bubble Dock v.1.0.0.130 (Désactivé) =>PUP.BubbleDock
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call v.5.9.0.9216 (Désactivé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)
~ Google Browser: 16 Scanned in 00mn 12s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\gold\AppData\Roaming\Mozilla\Firefox\Profiles\oboqkui3.default\prefs.js
M3 - MFPP: Plugins - [gold] -- C:\Users\gold\AppData\Roaming\Mozilla\Firefox\Profiles\oboqkui3.default\searchplugins\Wibeez.xml
M2 - MFEP: prefs.js [gold - oboqkui3.default\50819c80b1756@50819c80b178e.com] [] SaveAs v2 (..)
M2 - MFEP: prefs.js [gold - oboqkui3.default\crossriderapp2258@crossrider.com] [] I Want This v2 (..) =>PUP.CrossRider
M2 - MFEP: prefs.js [gold - oboqkui3.default\{40a1f5d7-afc2-498f-b264-02668d616ff6}] [] Mega Manager Integration v1.1 (..)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.7.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
~ Firefox Browser: 20 Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.bing.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com
~ IE Browser: 21 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.dll
~ BHO: 2 Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2CDCBCF7-7969-43F5-AC59-91DED800EDDF} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{09A07B02-F491-4B6B-BFC9-684A624F4F3B} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Adobe Reader X.lnk . (.Adobe Systems Incorporated - Adobe Reader.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
O4 - GS\Desktop [Public]: Centre de solutions HP.lnk . (.Hewlett-Packard Company - hpqdirec.exe.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqdirec.exe
O4 - GS\Desktop [Public]: Choix de navigateur .lnk . (.Microsoft Corporation - Choix de navigateur .) -- C:\Windows\System32\browserchoice.exe
O4 - GS\Desktop [Public]: Convertisseur PDF Pro.lnk . (.SmartSoft - Convertisseur PDF Pro.) -- C:\Program Files\Convertisseur PDF Pro\Convertisseur PDF Pro.exe
O4 - GS\Desktop [Public]: Développement de photos online.lnk - Clé orpheline
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Google Earth.lnk . (.Google - Google Earth.) -- C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe =>.Google Inc
O4 - GS\Desktop [Public]: Help and Support.lnk - Clé orpheline
O4 - GS\Desktop [Public]: HP Photosmart Essential 3.5.lnk . (.Hewlett-Packard Development Co. L.P. - HP Photosmart Essential Software.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe =>.Hewlett-Packard Co
O4 - GS\Desktop [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Public]: iTunes.lnk . (.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe
O4 - GS\Desktop [Public]: Jouer à HP Games.lnk . (...) -- C:\Program Files (x86)\HP Games\onplay\onplay.exe
O4 - GS\Desktop [Public]: Logiciel Logitech Webcam.lnk . (...) -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe =>.Logitech Inc
O4 - GS\Desktop [Public]: Ma-Config.com - Démarrer la détection.lnk . (...) -- C:\Program Files (x86)\ma-config.com\MCDetection.exe (.not file.)
O4 - GS\Desktop [Public]: QuickTime Player.lnk . (.Apple Inc. - QuickTime Player.) -- C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe =>.Apple Inc
O4 - GS\Desktop [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Desktop [Public]: VLC media player.lnk . (...) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN
O4 - GS\Desktop [Public]: VPlayer.lnk . (...) -- C:\Windows\Installer\{BA8B8ADA-084F-4F79-A0CA-6E58A0808794}\_7C62873CCFADC86FED3CB7.exe
O4 - GS\Program [Public]: Adobe Reader X.lnk . (...) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O4 - GS\Program [Public]: Microsoft Access.lnk . (...) -- C:\Windows\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\accicons.exe
O4 - GS\Program [Public]: Microsoft Excel.lnk . (...) -- C:\Windows\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\xlicons.exe
O4 - GS\Program [Public]: Microsoft Outlook.lnk . (...) -- C:\Windows\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\outicon.exe
O4 - GS\Program [Public]: Microsoft PowerPoint.lnk . (...) -- C:\Windows\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\pptico.exe
O4 - GS\Program [Public]: Microsoft Security Essentials.lnk . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - GS\Program [Public]: Microsoft Word.lnk . (...) -- C:\Windows\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\wordicon.exe
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\System32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) -- C:\Windows\System32\mblctr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: NetworkProjection.lnk . (.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\System32\NetProj.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\System32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\System32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sidebar.lnk . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) -- C:\Windows\System32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\System32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Backup.lnk . (.Microsoft Corporation - Sauvegarde Microsoft® Windows.) -- C:\Windows\System32\sdclt.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\System32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) -- C:\Windows\System32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\SysWOW64\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: migwiz.lnk . (.Microsoft Corporation - Transfert de fichiers et paramètres Windows.) -- C:\Windows\System32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) -- C:\Windows\System32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\System32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\System32\taskschd.msc
O4 - GS\QuickLaunch [gold]: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch [gold]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [gold]: HP MediaSmart.lnk . (...) -- c:\Windows\Installer\{D2E8F543-D23A-4A38-AFFC-4BDEBFBA6FDA}\_BD15A4BF3888028F418EC7.exe
O4 - GS\QuickLaunch [gold]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [gold]: Microsoft Outlook.lnk . (.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.exe
O4 - GS\QuickLaunch [gold]: Pages Annuaire.lnk - Clé orpheline
O4 - GS\QuickLaunch [gold]: QuickTime Player.lnk - Clé orpheline =>.Apple Inc
O4 - GS\QuickLaunch [gold]: qvo6.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>Hijacker.Qvo6
O4 - GS\QuickLaunch [gold]: Skype (2).lnk - Clé orpheline
O4 - GS\QuickLaunch [gold]: Skype (3).lnk - Clé orpheline
O4 - GS\QuickLaunch [gold]: Skype (4).lnk - Clé orpheline
O4 - GS\QuickLaunch [gold]: Skype (5).lnk - Clé orpheline
O4 - GS\QuickLaunch [gold]: Skype.lnk - Clé orpheline
O4 - GS\QuickLaunch [gold]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Program [gold]: Create Amazing Presentations.lnk - Clé orpheline
O4 - GS\Program [gold]: CyberLink DVD Suite Deluxe.lnk . (.CyberLink - PowerStarter.) -- C:\Program Files (x86)\Cyberlink\CyberLink DVD Suite Deluxe\PowerStarter.exe
O4 - GS\Program [gold]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [gold]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [gold]: Magic Desktop.lnk . (.EasyBits Software AS - EasyBits Security Shield.) -- C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe =>.EasyBits Software AS
O4 - GS\Program [gold]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O4 - GS\Accessories [gold]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [gold]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\System32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [gold]: Run.lnk - Clé orpheline
O4 - GS\Accessories [gold]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [gold]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo [gold]: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - GS\Desktop [gold]: DivX Movies.lnk . (...) -- C:\Users\gold\Videos\DivX Movies
O4 - GS\Desktop [gold]: Edilingua Progetto italiano 1.lnk . (.Adobe Systems, Inc. - Adobe Projector.) -- C:\Program Files (x86)\Edilingua\Progetto Italiano 1\Edilingua.exe
O4 - GS\Desktop [gold]: Edilingua Progetto Italiano 2.lnk . (.Adobe Systems, Inc. - Adobe Projector.) -- C:\Program Files (x86)\Edilingua\Progetto Italiano 2\Progetto italiano 2.exe
O4 - GS\Desktop [gold]: hpqdirec - Raccourci.lnk . (.Hewlett-Packard Company - hpqdirec.exe.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqdirec.exe
O4 - GS\Desktop [gold]: Microsoft Office - Raccourci.lnk . (...) -- C:\Microsoft Office
O4 - GS\Desktop [gold]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 76 Scanned in 00mn 00s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [Windows Defender] C:\Program Files (x86)\Windows Defender\MSASCui.exe (.not file.)
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKLM\..\Wow6432Node\Run: [fst_fr_9] Clé orpheline =>PUA.FSTfr9
O4 - HKLM\..\Wow6432Node\Run: [eorezo_fr_3] Clé orpheline =>PUP.Eorezo
O4 - HKLM\..\Wow6432Node\RunOnce: [cspep.exe] . (.Pas de propriétaire - cspep.) -- C:\Program Files (x86)\cspep\cspep.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-21-2110523243-1586633563-1267511211-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2110523243-1586633563-1267511211-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Winsock: 7 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5A58E81-FFBE-4C5C-882F-242193A8E487}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD35B60D-4EEC-4166-B12A-2A209B7DF13F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{C5A58E81-FFBE-4C5C-882F-242193A8E487}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{CD35B60D-4EEC-4166-B12A-2A209B7DF13F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{C5A58E81-FFBE-4C5C-882F-242193A8E487}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{CD35B60D-4EEC-4166-B12A-2A209B7DF13F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon [64Bits] - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Google Software Updater (gusvc) . (.Google - gusvc.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company - SolutionsFrameworkService.) - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Process Monitor (LVPrcS64) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Ma-Config Agent (MaConfigAgent) . (.CybelSoft - Service de détection matériel.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) . (.Nalpeiron Ltd. - This service enables products that use the.) - C:\Windows\SysWOW64\NLSSRV32.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 185.8.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Skype C2C Service (Skype C2C Service) . (.Skype Technologies S.A. - Skype C2C Service.) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
~ Services: 18 Scanned in 00mn 04s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Windows\Web\Wallpaper\awisp_2650x1600.jpg
O24 - Desktop General: WallPaper - .(...) - C:\Windows\Web\Wallpaper\awisp_2650x1600.jpg
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Google Software Updater.job [1012]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1060]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PCDRScheduledMaintenance.job [552]
[MD5.00000000000000000000000000000000] [APT] [4603] (...) -- C:\Users\gold\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0]
[MD5.5D4BC124FAAE6730AC002CDB67BF1A1C] [APT] [Google Software Updater] (.Google.) -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [194032]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-2110523243-1586633563-1267511211-1000Core] (...) -- C:\Users\gold\AppData\Local\Google\Update\GoogleUpdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-2110523243-1586633563-1267511211-1000UA] (...) -- C:\Users\gold\AppData\Local\Google\Update\GoogleUpdate.exe (.not file.) [0]
[MD5.0C8A70BC3BAAF7BF69DCA495C1E1AB79] [APT] [HP Health Check] (.Hewlett-Packard.) -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75016]
[MD5.8B84B3ECFB9D6B50B989D6DB8143F365] [APT] [PCDRScheduledMaintenance] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2951664]
[MD5.00000000000000000000000000000000] [APT] [{0B1723BE-F79D-42B9-9F92-8A78475D9FE4}] (...) -- E:\Installer.exe (.not file.) [0]
[MD5.299CDAF86E27484EAAA243D3288AF0D8] [APT] [{1B995D34-B695-4D26-BD70-D730180E772C}] (...) -- C:\Users\gold\Downloads\install_easyshare-8.3.exe [1857488]
[MD5.00000000000000000000000000000000] [APT] [{399EBF39-C22E-4998-AB48-7A042E872016}] (...) -- c:\users\gold\appdata\local\lollipop\lollipop.bat (.not file.) [0] =>Adware.Lollipop
[MD5.00000000000000000000000000000000] [APT] [{53A88AC9-2BEC-432B-A314-B58163F46226}] (...) -- E:\install.exe (.not file.) [0]
[MD5.58920E6A409046BA06548D9D139CE0F0] [APT] [{84F19DD7-D68E-4F0A-9D5D-51B93C992B71}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608]
[MD5.00000000000000000000000000000000] [APT] [{A14C805F-DC04-4B4A-9306-6EA3C286D840}] (...) -- E:\install.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A5276905-DB72-49DB-8363-4D7AB70C19B8}] (...) -- C:\Users\gold\Desktop\fichier\Program Files\BeWAN ADSL V1.9.0.5\Disk1\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AB3AF08B-A7D1-48B0-8E4A-54C0E026C363}] (...) -- C:\Users\gold\Downloads\sp43080.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F890B5F2-6738-47C7-B750-709BC373A47F}] (...) -- E:\Disk1\setup.exe (.not file.) [0]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
~ Scheduled Task: 25 Scanned in 00mn 02s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
~ Drivers: 60 Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: 64 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM][64Bits] -- {78F697ED-EC97-4D8D-881D-838984EA9855}
O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM][64Bits] -- AVS Update Manager_is1
O42 - Logiciel: AVS4YOU Software Navigator 1.4 - (.Online Media Technologies Ltd..) [HKLM][64Bits] -- AVS4YOU Software Navigator_is1
O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {254C37AA-6B72-4300-84F6-98A82419187E}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 12 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.9) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {46F044A5-CE8B-4196-984E-5BD6525E361D}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {C6579A65-9CAE-4B31-8B6B-3306E0630A66} =>.Apple Inc
O42 - Logiciel: BeWAN ADSL modem - (...) [HKLM][64Bits] -- StmAdsl
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: CCScore - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
O42 - Logiciel: Coffret de pilotes Logitech Webcam Software - (.Logitech Inc..) [HKLM][64Bits] -- lvdrivers_12.0 =>.Logitech Inc
O42 - Logiciel: Convertisseur PDF Pro 6.3.0.467 - (.Smart Soft.) [HKLM][64Bits] -- Convertisseur PDF Pro_is1
O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM][64Bits] -- {B7050CBDB2504B34BC2A9CA0A692CC29}
O42 - Logiciel: ESSBrwr - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {643EAE81-920C-4931-9F0B-4B343B225CA6}
O42 - Logiciel: ESSCDBK - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
O42 - Logiciel: ESSPCD - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
O42 - Logiciel: ESSPDock - (.Nom de votre société.) [HKLM][64Bits] -- {FCDB1C92-03C6-4C76-8625-371224256091}
O42 - Logiciel: ESSSONIC - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {073F22CE-9A5B-4A40-A604-C7270AC6BF34}
O42 - Logiciel: ESSTOOLS - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {8A502E38-29C9-49FA-BCFA-D727CA062589}
O42 - Logiciel: ESScore - (.Nom de votre société.) [HKLM][64Bits] -- {42938595-0D83-404D-9F73-F8177FDD531A}
O42 - Logiciel: ESSgui - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {91517631-A9F3-4B7C-B482-43E0068FD55A}
O42 - Logiciel: ESSini - (.Nom de votre société.) [HKLM][64Bits] -- {8E92D746-CD9F-4B90-9668-42B74C14F765}
O42 - Logiciel: Falsh Player 10 - (...) [HKLM][64Bits] -- {4C5F4B75-32D1-472B-90DF-26A3181D7597}_is1
O42 - Logiciel: Favorit (ilvazdg) - (...) [HKLM][64Bits] -- ilvazdg =>Adware.Favorit
O42 - Logiciel: FlashPlayer - (.Tuguu SL.) [HKLM][64Bits] -- {BA8B8ADA-084F-4F79-A0CA-6E58A0808794} =>PUP.VAFPlayer
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {C768790F-04FB-11E0-9B2C-001AA037B01E}
O42 - Logiciel: HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {0295F89F-F698-4101-9A7D-49F407EC2D82}
O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM][64Bits] -- {73A43E42-3658-4DD9-8551-FACDA3632538}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {B84739A3-F943-47E4-95D8-96381EF5AC48}
O42 - Logiciel: HP Customer Participation Program 9.0 - (.HP.) [HKLM][64Bits] -- HPExtendedCapabilities
O42 - Logiciel: HP Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent hp Master Uninstall
O42 - Logiciel: HP Imaging Device Functions 9.0 - (.HP.) [HKLM][64Bits] -- HP Imaging Device Functions
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM][64Bits] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM][64Bits] -- {B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart SmartMenu - (.Hewlett-Packard.) [HKLM][64Bits] -- {D2E8F543-D23A-4A38-AFFC-4BDEBFBA6FDA}
O42 - Logiciel: HP OCR Software 9.0 - (.HP.) [HKLM][64Bits] -- HPOCR
O42 - Logiciel: HP Photosmart All-In-One Software 9.0 - (.HP.) [HKLM][64Bits] -- {B09BCBF6-87EE-4403-A336-3A9510856535} =>.Hewlett-Packard Co
O42 - Logiciel: HP Photosmart Essential 3.5 - (.HP.) [HKLM][64Bits] -- HP Photosmart Essential =>.Hewlett-Packard Co
O42 - Logiciel: HP Picasso Media Center Add-In - (.HP.) [HKLM][64Bits] -- {55979C41-7D6A-49CC-B591-64AC1BBE2C8B}
O42 - Logiciel: HP Product Assistant - (.Hewlett-Packard.) [HKLM][64Bits] -- {36FDBE6E-6684-462B-AE98-9A39A1B200CC}
O42 - Logiciel: HP Recovery Manager RSS - (.Hewlet Packard Company.) [HKLM][64Bits] -- {A0640EC2-B97E-4FC1-AD14-227C9E386BB4}
O42 - Logiciel: HP Remote Software - (.Hewlett-Packard.) [HKLM][64Bits] -- {5F240DB8-0D74-4F13-86C3-929760392A8D}
O42 - Logiciel: HP Smart Web Printing 4.60 - (.HP.) [HKLM][64Bits] -- HP Smart Web Printing
O42 - Logiciel: HP Solution Center 9.0 - (.HP.) [HKLM][64Bits] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: HP Support Solutions Framework - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {23CCE784-A812-4647-AEFF-1DCCD4E57478}
O42 - Logiciel: HP Total Care Setup - (.Hewlett-Packard.) [HKLM][64Bits] -- {784BEA84-FA66-4B19-BB80-7B545F248AC6}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {DDD5104F-1C44-49EB-9E6B-29EC5D27658B}
O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}
O42 - Logiciel: HPSSupply - (.Nom de votre société.) [HKLM][64Bits] -- {487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
O42 - Logiciel: Java 7 Update 45 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217025FF}
O42 - Logiciel: JavaFX 2.1.1 - (.Oracle Corporation.) [HKLM][64Bits] -- {1111706F-666A-4037-7777-211328764D10}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: Logitech QuickCapture Gadget - (.Nom de votre société.) [HKLM][64Bits] -- {91AF9255-01D7-4F8C-960B-CA2F4C8E7C99}
O42 - Logiciel: Logitech Vid HD - (.Logitech Inc...) [HKLM][64Bits] -- Logitech Vid
O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM][64Bits] -- {D4DF3FD3-4467-47EF-8D4A-AF1E691E34F5} =>.Logitech Inc
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Ma-Config.com (64 bits) - (.Cybelsoft.) [HKLM][64Bits] -- {5DA27AE6-4460-4380-BABC-BB79E1D109D8}
O42 - Logiciel: Magic Desktop - (.EasyBits Software AS.) [HKLM][64Bits] -- EasyBits Magic Desktop =>.EasyBits Software AS
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {E102B843-786A-4F58-AF75-6504570E207B}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {DC911ADF-7B60-40F2-A112-FB1EB6402D07}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Mises à jour NVIDIA 1.11.3 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA Pilote audio HD : 1.3.18.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: NVIDIA Pilote graphique 311.06 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: OfotoXMI - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
O42 - Logiciel: Outils de diagnostic du matériel - (.PC-Doctor, Inc..) [HKLM][64Bits] -- PC-Doctor for Windows
O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM][64Bits] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}
O42 - Logiciel: Photorécit 3 pour Windows - (.Microsoft Corporation.) [HKLM][64Bits] -- {4F41AD68-89F2-4262-A32C-2F70B01FCE9E}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: Progetto Italiano 1 - (.Edilingua.) [HKLM][64Bits] -- {27B2CE9E-C428-4922-89AD-F4C19D4294C0}
O42 - Logiciel: Progetto Italiano 2 - (.Edilingua.) [HKLM][64Bits] -- {77FBBDA9-B9A7-4BF7-A861-6B1FCEC3FDC1}
O42 - Logiciel: Python 2.6 pywin32-212 - (.Python Software Foundation.) [HKLM][64Bits] -- pywin32-py2.6
O42 - Logiciel: Python 2.6.1 - (.Python Software Foundation.) [HKLM][64Bits] -- {9CC89170-000B-457D-91F1-53691F85B223}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {B67BAFBA-4C9F-48FA-9496-933E3B255044}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SFR - (.Eastman Kodak Company.) [HKLM][64Bits] -- {DB02F716-6275-42E9-B8D2-83BA2BF5100B}
O42 - Logiciel: SFR - Kit de connexion - (.SFR.) [HKLM][64Bits] -- SFR_Kit
O42 - Logiciel: SHASTA - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {605A4E39-613C-4A12-B56F-DEFBE6757237}
O42 - Logiciel: SKINXSDK - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM][64Bits] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM][64Bits] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM][64Bits] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM][64Bits] -- {B6CF2967-C81E-40C0-9815-C05774FEF120}
O42 - Logiciel: Skype™ 6.11 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: Soldier of Fortune Payback - (.Activision Value.) [HKLM][64Bits] -- {11BFB898-71E5-488A-A8FF-0E462667FB72}
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-5464-3428-900000000004}
O42 - Logiciel: Todae - Live Media - (.Todae.fr.) [HKLM][64Bits] -- Live Media
O42 - Logiciel: TomTom HOME - (.Nom de votre société.) [HKLM][64Bits] -- {EC5F4C1B-F838-4CB7-8561-8F809296428B}
O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM][64Bits] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
O42 - Logiciel: VC80CRTRedist - 8.0.50727.762 - (.DivX, Inc.) [HKLM][64Bits] -- {767CC44C-9BBC-438D-BAD3-FD4595DD148B}
O42 - Logiciel: VLC media player 2.0.2 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: VPRINTOL - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {999D43F4-9709-4887-9B1A-83EBB15A8370}
O42 - Logiciel: VuuPC Packages - (...) [HKCU][64Bits] -- VuuPC Packages =>PUP.VuuPC
O42 - Logiciel: WIRELESS - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {F9593CFB-D836-49BC-BFF1-0E669A411D9F}
O42 - Logiciel: Webplayer setup version 1.0 - (...) [HKLM][64Bits] -- {A3B277D2-6D43-4E78-8D73-6DA4370D689D}_is1 =>Adware.SocialSkinz
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM][64Bits] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} =>.Microsoft Corporation
O42 - Logiciel: cspep.0 - (.cspep.) [HKLM][64Bits] -- cspep_is1
O42 - Logiciel: essvatgt - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
O42 - Logiciel: fflink - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {608D2A3C-6889-4C11-9B54-A42F45ACBFDB}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}
O42 - Logiciel: kgcbaby - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {E18B549C-5D15-45DA-8D8F-8FD2BD946344}
O42 - Logiciel: kgcbase - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
O42 - Logiciel: kgchday - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {11F3F858-4131-4FFA-A560-3FE282933B6E}
O42 - Logiciel: kgchlwn - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {03EDED24-8375-407D-A721-4643D9768BE1}
O42 - Logiciel: kgcinvt - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {9BD54685-1496-46A5-AB62-357CD140ED8B}
O42 - Logiciel: kgckids - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {693C08A7-9E76-43FF-B11E-9A58175474C4}
O42 - Logiciel: kgcmove - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {A1588373-1D86-4D44-86C9-78ABD190F9CC}
O42 - Logiciel: kgcvday - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {8A8664E1-84C8-4936-891C-BC1F07797549}
O42 - Logiciel: netbrdg - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {4537EA4B-F603-4181-89FB-2953FC695AB1}
O42 - Logiciel: skin0001 - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {5316DFC9-CE99-4458-9AB3-E8726EDE0210}
O42 - Logiciel: sp44626 - (.Hewlett-Packard.) [HKLM][64Bits] -- sp44626
O42 - Logiciel: staticcr - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {8943CE61-53BD-475E-90E1-A580869E98A2}
O42 - Logiciel: tooltips - (.EASTMAN KODAK Company.) [HKLM][64Bits] -- {E79987F0-0E34-42CC-B8FF-6C860AEEB26A}
~ Logic: 90 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AOL]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\Softonic.fr] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\electroLyrics] =>Adware.AddLyrics
[HKCU\Software\AppDataLow\Software\iGraal]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software\temp]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Binary Noise]
[HKCU\Software\BitDefender]
[HKCU\Software\BugSplat]
[HKCU\Software\Chromium]
[HKCU\Software\Classes.crx]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\DM]
[HKCU\Software\DefaultPackStatus]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DriverTurbo]
[HKCU\Software\EasyBits]
[HKCU\Software\EffectMgr]
[HKCU\Software\FileOpen]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\IncrediMail]
[HKCU\Software\Iris]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Kodak]
[HKCU\Software\Lake]
[HKCU\Software\Leadertech]
[HKCU\Software\Licenses]
[HKCU\Software\LightScribe]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\LogiShrd]
[HKCU\Software\Logitech]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MightyUninstaller]
[HKCU\Software\MimarSinan]
[HKCU\Software\Modern UI Test]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Neuf]
[HKCU\Software\Nitro PDF]
[HKCU\Software\Nitro]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\PC Cleaner] =>USP.PCCleaner
[HKCU\Software\Policies]
[HKCU\Software\SkypeApps]
[HKCU\Software\Skype]
[HKCU\Software\Smart Soft]
[HKCU\Software\Softthinks]
[HKCU\Software\Software]
[HKCU\Software\SolidDocuments]
[HKCU\Software\Todae]
[HKCU\Software\TomTom]
[HKCU\Software\Trolltech]
[HKCU\Software\VirginMega]
[HKCU\Software\WZC1218477 Save]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\Winamp]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\cspep]
[HKCU\Software\keyhole.com]
[HKCU\Software\nuevos-programas.com]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IM Providers]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\LogiShrd]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Smart Soft]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\WildTangent]
[HKLM\Software\Wow6432Node\AVS4YOU]
[HKLM\Software\Wow6432Node\AdobeFlashPlayerUpdate]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\America Online]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Avg]
[HKLM\Software\Wow6432Node\BitDefender]
[HKLM\Software\Wow6432Node\CLSID]
[HKLM\Software\Wow6432Node\Cauldron]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DivXNetworks]
[HKLM\Software\Wow6432Node\EasyBits]
[HKLM\Software\Wow6432Node\FlvPlayer]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\HP]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\ICE]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Interface]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Kodak]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Loader]
[HKLM\Software\Wow6432Node\LogiShrd]
[HKLM\Software\Wow6432Node\Logitech]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\MajEoRezo] =>PUP.Eorezo
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\NVIDIA Corporation]
[HKLM\Software\Wow6432Node\Nalpeiron]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\Neuf]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OldTimer Tools]
[HKLM\Software\Wow6432Node\Oracle]
[HKLM\Software\Wow6432Node\PC-Doctor]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\SolidDocuments]
[HKLM\Software\Wow6432Node\SymNRT]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Todae]
[HKLM\Software\Wow6432Node\TomTom]
[HKLM\Software\Wow6432Node\VBMZ] =>PUP.Duuqu
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\VirginMega]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\Wilson WindowWare]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\dotNetInstaller]
[HKLM\Software\Wow6432Node\mcafeeupdater]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
[HKLM\Software\ZSMC]
[HKLM\Software\cybelsoft]
~ Key Software: 406 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 19/09/2009 - 20:53:48 - [12,099] ----D C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD: 04/12/2013 - 01:11:25 - [13,898] ----D C:\Program Files (x86)\Activision Value
O43 - CFD: 04/12/2013 - 01:11:25 - [210,062] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 29/06/2011 - 17:49:52 - [2,201] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc
O43 - CFD: 04/08/2010 - 20:58:42 - [19,127] ----D C:\Program Files (x86)\AVS4YOU
O43 - CFD: 16/08/2009 - 21:14:57 - [2,725] ----D C:\Program Files (x86)\BeWAN ADSL V1.9.0.10
O43 - CFD: 14/08/2009 - 14:30:14 - [2,663] ----D C:\Program Files (x86)\BeWAN ADSL V1.9.0.5
O43 - CFD: 01/06/2012 - 19:53:55 - [0,586] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 08/02/2013 - 23:36:43 - [0,545] ----D C:\Program Files (x86)\CDex
O43 - CFD: 10/01/2014 - 14:48:32 - [755,447] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 23/01/2014 - 22:54:24 - [1,807] ----D C:\Program Files (x86)\cspep
O43 - CFD: 04/12/2013 - 01:11:26 - [861,362] ----D C:\Program Files (x86)\Cyberlink
O43 - CFD: 13/09/2009 - 22:45:35 - [4,586] ----D C:\Program Files (x86)\DivX
O43 - CFD: 02/12/2013 - 21:08:42 - [86,610] ----D C:\Program Files (x86)\EasyBits For Kids
O43 - CFD: 03/02/2012 - 12:00:14 - [785,350] ----D C:\Program Files (x86)\Edilingua
O43 - CFD: 23/09/2009 - 20:03:13 - [2,115] ----D C:\Program Files (x86)\FP
O43 - CFD: 04/12/2013 - 13:35:30 - [628,238] ----D C:\Program Files (x86)\Google
O43 - CFD: 30/05/2009 - 17:30:27 - [582,000] ----D C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 25/01/2010 - 18:26:56 - [279,599] ----D C:\Program Files (x86)\HP
O43 - CFD: 30/05/2009 - 17:38:27 - [286,482] ----D C:\Program Files (x86)\HP Games
O43 - CFD: 04/12/2013 - 01:11:29 - [78,039] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 11/12/2013 - 21:36:09 - [5,974] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 11/12/2013 - 22:59:49 - [184,756] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 24/10/2013 - 09:53:01 - [30,318] ----D C:\Program Files (x86)\Java
O43 - CFD: 09/01/2010 - 13:40:11 - [0] ----D C:\Program Files (x86)\Lead Pursuit
O43 - CFD: 10/09/2010 - 14:36:08 - [133,425] ----D C:\Program Files (x86)\Logitech
O43 - CFD: 22/01/2014 - 20:30:22 - [13,264] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 15/09/2013 - 12:20:23 - [6,533] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 20/09/2010 - 14:52:46 - [38,002] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 10/08/2011 - 09:49:34 - [0] ----D C:\Program Files (x86)\Microsoft Antimalware
O43 - CFD: 22/08/2009 - 02:28:10 - [0,764] ----D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 09/11/2011 - 22:47:47 - [1015,860] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 14/11/2013 - 11:45:10 - [1,502] ----D C:\Program Files (x86)\Microsoft Security Client
O43 - CFD: 11/10/2013 - 11:26:15 - [40,851] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 10/10/2012 - 15:09:25 - [137,975] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 20/09/2010 - 14:56:58 - [7,797] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 30/07/2013 - 23:36:02 - [6,219] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 02/11/2006 - 16:07:27 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 22/08/2009 - 02:28:14 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 09/11/2011 - 22:47:48 - [0] ----D C:\Program Files (x86)\Nemo PDF Converter 4.0
O43 - CFD: 20/10/2011 - 15:41:08 - [0] ----D C:\Program Files (x86)\Nero
O43 - CFD: 04/12/2013 - 01:11:31 - [2,974] ----D C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 13/08/2009 - 18:05:13 - [0,305] R---D C:\Program Files (x86)\Online Services
O43 - CFD: 15/06/2012 - 21:47:50 - [33,205] ----D C:\Program Files (x86)\Oracle
O43 - CFD: 12/01/2012 - 14:32:42 - [15,658] ----D C:\Program Files (x86)\Photo Story 3 for Windows
O43 - CFD: 30/05/2009 - 16:32:23 - [61,949] ----D C:\Program Files (x86)\Python
O43 - CFD: 05/07/2013 - 22:06:57 - [73,545] ----D C:\Program Files (x86)\QuickTime
O43 - CFD: 30/05/2009 - 16:55:36 - [73,919] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 02/11/2006 - 16:07:27 - [36,906] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 01/06/2012 - 20:05:43 - [102,605] ----D C:\Program Files (x86)\Safari
O43 - CFD: 21/08/2009 - 12:46:02 - [13,955] ----D C:\Program Files (x86)\SFR
O43 - CFD: 11/12/2013 - 19:21:56 - [49,238] R---D C:\Program Files (x86)\Skype
O43 - CFD: 09/01/2014 - 13:17:46 - [35,881] ----D C:\Program Files (x86)\SMINST
O43 - CFD: 12/11/2013 - 22:44:39 - [0,132] ----D C:\Program Files (x86)\Snapshot Viewer
O43 - CFD: 30/05/2009 - 16:55:48 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 12/05/2011 - 20:05:21 - [0] ----D C:\Program Files (x86)\TomTom HOME
O43 - CFD: 01/03/2013 - 15:37:27 - [49,283] ----D C:\Program Files (x86)\TomTom HOME 2
O43 - CFD: 12/05/2011 - 20:05:54 - [0,021] ----D C:\Program Files (x86)\TomTom International B.V
O43 - CFD: 02/11/2006 - 16:36:07 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 12/12/2013 - 12:48:59 - [0] ----D C:\Program Files (x86)\Video Codec
O43 - CFD: 04/08/2010 - 21:03:47 - [91,800] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 21/10/2009 - 21:24:29 - [0,970] ----D C:\Program Files (x86)\Windows Calendar
O43 - CFD: 21/01/2008 - 04:09:47 - [0,051] ----D C:\Program Files (x86)\Windows Collaboration
O43 - CFD: 31/05/2009 - 00:41:44 - [0,481] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 23/04/2012 - 10:41:58 - [8,522] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 15/10/2010 - 10:16:42 - [4,253] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 02/11/2006 - 16:07:27 - [7,589] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 21/10/2009 - 21:24:29 - [12,902] ----D C:\Program Files (x86)\Windows Photo Gallery
O43 - CFD: 17/11/2009 - 19:08:58 - [0,128] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 21/10/2009 - 21:24:29 - [6,225] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 23/01/2014 - 23:10:21 - [17,264] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 17/06/2011 - 10:08:39 - [3,801] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 11/12/2013 - 22:58:57 - [96,835] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 04/08/2010 - 20:58:43 - [48,844] ----D C:\Program Files (x86)\Common Files\AVSMedia
O43 - CFD: 20/09/2010 - 14:57:19 - [0,095] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 13/09/2009 - 22:45:30 - [1,512] ----D C:\Program Files (x86)\Common Files\DivX Shared
O43 - CFD: 18/08/2009 - 14:07:38 - [0,436] ----D C:\Program Files (x86)\Common Files\Hewlett-Packard
O43 - CFD: 18/08/2009 - 14:08:05 - [5,311] ----D C:\Program Files (x86)\Common Files\HP
O43 - CFD: 18/08/2009 - 20:44:26 - [9,767] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 04/12/2013 - 01:11:26 - [1,188] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 11/12/2013 - 19:21:52 - [3,308] ----D C:\Program Files (x86)\Common Files\Kodak
O43 - CFD: 20/10/2011 - 15:23:06 - [0,052] ---AD C:\Program Files (x86)\Common Files\LightScribe
O43 - CFD: 20/10/2009 - 14:38:40 - [10,542] ----D C:\Program Files (x86)\Common Files\LogiShrd
O43 - CFD: 30/05/2009 - 17:17:47 - [0,054] ---AD C:\Program Files (x86)\Common Files\LS Getting Started
O43 - CFD: 07/08/2013 - 00:36:52 - [459,427] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 11/12/2013 - 19:21:52 - [0,622] ----D C:\Program Files (x86)\Common Files\MSSoap
O43 - CFD: 11/12/2013 - 19:21:52 - [3,475] ----D C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 02/11/2006 - 14:33:53 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 11/12/2013 - 19:21:52 - [1,904] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 02/11/2006 - 14:33:53 - [39,198] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 12/11/2013 - 22:37:38 - [25,269] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 20/09/2010 - 17:20:37 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 23/11/2013 - 12:33:16 - [43,806] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 11/12/2013 - 22:59:52 - [2,775] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 28/11/2013 - 00:47:12 - [0,008] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69(149)
O43 - CFD: 22/06/2013 - 14:01:38 - [13,174] ----D C:\ProgramData\Adobe
O43 - CFD: 01/06/2012 - 19:56:16 - [398,325] ----D C:\ProgramData\Apple
O43 - CFD: 22/11/2013 - 20:35:37 - [147,904] ----D C:\ProgramData\Apple Computer
O43 - CFD: 02/11/2006 - 16:42:17 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 04/08/2010 - 20:50:23 - [0] ----D C:\ProgramData\AVS4YOU
O43 - CFD: 13/08/2009 - 18:03:31 - [0] -SH-D C:\ProgramData\Bureau
O43 - CFD: 09/08/2013 - 14:04:58 - [0] --H-D C:\ProgramData\Common Files
O43 - CFD: 05/08/2010 - 15:02:38 - [0,144] ----D C:\ProgramData\CyberLink
O43 - CFD: 02/11/2006 - 16:42:17 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 16:42:17 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 19/12/2009 - 22:55:06 - [2,255] ----D C:\ProgramData\Downloaded Installations
O43 - CFD: 01/08/2013 - 14:26:12 - [0] ----D C:\ProgramData\DriverGenius
O43 - CFD: 03/02/2010 - 22:27:44 - [0] ----D C:\ProgramData\eMule
O43 - CFD: 13/08/2009 - 18:03:31 - [0] -SH-D C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 16:42:17 - [0] -SH-D C:\ProgramData\Favorites
O43 - CFD: 05/10/2012 - 13:39:45 - [0] ----D C:\ProgramData\FileOpen
O43 - CFD: 14/09/2013 - 15:39:12 - [0,502] ----D C:\ProgramData\Google
O43 - CFD: 12/09/2011 - 20:40:37 - [0,013] ----D C:\ProgramData\Google Updater
O43 - CFD: 18/08/2009 - 14:29:58 - [96,428] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 06/10/2012 - 23:03:22 - [2,420] ----D C:\ProgramData\HP
O43 - CFD: 18/12/2013 - 17:08:56 - [0,009] ----D C:\ProgramData\HP Product Assistant
O43 - CFD: 24/09/2009 - 21:07:42 - [0] ----D C:\ProgramData\HPSSUPPLY
O43 - CFD: 22/11/2009 - 13:58:13 - [0] ----D C:\ProgramData\IM
O43 - CFD: 22/11/2009 - 13:57:10 - [0,009] ----D C:\ProgramData\IncrediMail
O43 - CFD: 01/08/2013 - 14:19:20 - [1,517] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 11/12/2013 - 19:21:57 - [0,001] ----D C:\ProgramData\Kodak
O43 - CFD: 20/10/2009 - 14:38:36 - [12,440] ----D C:\ProgramData\Logishrd
O43 - CFD: 18/08/2009 - 20:34:03 - [0] ----D C:\ProgramData\Logitech
O43 - CFD: 29/11/2013 - 22:47:46 - [0,003] ----D C:\ProgramData\Logs
O43 - CFD: 12/01/2014 - 18:51:58 - [1,395] ----D C:\ProgramData\ma-config.com
O43 - CFD: 31/07/2013 - 14:27:30 - [7,835] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 16/06/2011 - 14:48:11 - [0] ----D C:\ProgramData\McAfee
O43 - CFD: 13/08/2009 - 18:03:31 - [0] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 09/08/2013 - 14:06:41 - [18,418] ----D C:\ProgramData\MFAData
O43 - CFD: 05/12/2013 - 18:22:17 - [1342,345] -S--D C:\ProgramData\Microsoft
O43 - CFD: 11/12/2013 - 20:51:19 - [0,069] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 13/08/2009 - 18:03:31 - [0] -SH-D C:\ProgramData\Modèles
O43 - CFD: 20/10/2011 - 15:08:20 - [0,478] ----D C:\ProgramData\Nero
O43 - CFD: 08/08/2013 - 13:43:40 - [0,015] ----D C:\ProgramData\Norton
O43 - CFD: 30/05/2009 - 17:43:12 - [11,462] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 12/01/2014 - 11:36:07 - [2,669] ----D C:\ProgramData\NVIDIA
O43 - CFD: 03/12/2013 - 22:33:31 - [2,104] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 24/10/2013 - 10:04:27 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 30/05/2009 - 16:58:24 - [2,695] ----D C:\ProgramData\PC-Doctor for Windows
O43 - CFD: 05/12/2013 - 23:13:10 - [196,269] ----D C:\ProgramData\Skype
O43 - CFD: 30/06/2011 - 18:19:59 - [9,482] ----D C:\ProgramData\Skype Extras
O43 - CFD: 05/10/2012 - 22:06:23 - [17,448] ----D C:\ProgramData\SolidDocuments
O43 - CFD: 02/11/2006 - 16:42:17 - [0] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 30/03/2010 - 21:46:59 - [0] ----D C:\ProgramData\Sun
O43 - CFD: 27/01/2010 - 22:51:25 - [0] ----D C:\ProgramData\Symantec
O43 - CFD: 30/05/2009 - 17:14:53 - [0,242] ----D C:\ProgramData\Temp
O43 - CFD: 02/11/2006 - 16:42:17 - [0] -SH-D C:\ProgramData\Templates
O43 - CFD: 29/06/2010 - 15:03:40 - [0,210] ----D C:\ProgramData\TomTom
O43 - CFD: 11/08/2013 - 22:24:05 - [-1355,609] ----D C:\ProgramData\WildTangent
O43 - CFD: 13/05/2011 - 11:43:56 - [0] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 27/08/2010 - 22:00:52 - [0] ----D C:\ProgramData\WinZip
O43 - CFD: 02/12/2013 - 20:49:30 - [0,002] ----D C:\ProgramData\Xerox
O43 - CFD: 14/04/2010 - 12:54:53 - [0,002] ----D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 19/09/2009 - 20:53:49 - [6,585] ----D C:\ProgramData\{B3C2C1CD-6B77-4A96-B670-F734AC2A1CBC}
O43 - CFD: 23/06/2013 - 13:28:35 - [0] ----D C:\ProgramData\߈B萐QrogramData
O43 - CFD: 30/07/2013 - 15:34:20 - [0] ----D C:\ProgramData\߈B萐RrogramData
O43 - CFD: 07/07/2013 - 20:06:47 - [0] ----D C:\ProgramData\߈E萐ʲrogramData
O43 - CFD: 19/03/2013 - 11:08:52 - [0] ----D C:\ProgramData\߈I萐ʾrogramData
O43 - CFD: 12/03/2013 - 18:10:42 - [0] ----D C:\ProgramData\߈Q萐ʶrogramData
O43 - CFD: 16/06/2013 - 11:11:55 - [0] ----D C:\ProgramData\߈T萐-rogramData
O43 - CFD: 30/07/2013 - 14:36:11 - [0] ----D C:\ProgramData\߈U萐ʚrogramData
O43 - CFD: 07/04/2013 - 12:42:54 - [0] ----D C:\ProgramData\߈W萐jrogramData
O43 - CFD: 06/03/2013 - 10:23:53 - [0] ----D C:\ProgramData\߈W萐ˑrogramData
O43 - CFD: 09/05/2013 - 09:55:54 - [0] ----D C:\ProgramData\߈X萐#rogramData
O43 - CFD: 08/04/2013 - 11:45:16 - [0] ----D C:\ProgramData\߈x萐3rogramData
O43 - CFD: 27/03/2013 - 08:58:16 - [0] ----D C:\ProgramData\߈_萐orogramData
O43 - CFD: 11/07/2013 - 13:38:59 - [0] ----D C:\ProgramData\߈«萐ʄrogramData
O43 - CFD: 17/07/2013 - 20:00:36 - [0] ----D C:\ProgramData\߈¸萐ʶrogramData
O43 - CFD: 15/03/2013 - 15:19:46 - [0] ----D C:\ProgramData\߈»萐ʟrogramData
O43 - CFD: 14/03/2013 - 19:54:56 - [0] ----D C:\ProgramData\߈À萐ʞrogramData
O43 - CFD: 30/07/2013 - 14:19:45 - [0] ----D C:\ProgramData\߈Â萐ʞrogramData
O43 - CFD: 29/07/2013 - 15:08:09 - [0] ----D C:\ProgramData\߈â萐˂rogramData
O43 - CFD: 08/05/2013 - 09:53:18 - [0] ----D C:\ProgramData\߈É萐ʠrogramData
O43 - CFD: 17/05/2013 - 09:48:39 - [0] ----D C:\ProgramData\߈Ê萐ʁrogramData
O43 - CFD: 27/05/2013 - 18:16:04 - [0] ----D C:\ProgramData\߈ê萐˄rogramData
O43 - CFD: 24/03/2013 - 09:58:09 - [0] ----D C:\ProgramData\߈Ë萐ʲrogramData
O43 - CFD: 12/03/2013 - 10:51:56 - [0] ----D C:\ProgramData\߈ì萐QrogramData
O43 - CFD: 26/05/2013 - 11:52:15 - [0] ----D C:\ProgramData\߈í萐ërogramData
O43 - CFD: 23/03/2013 - 09:44:33 - [0] ----D C:\ProgramData\߈í萐ürogramData
O43 - CFD: 10/04/2013 - 10:08:07 - [0] ----D C:\ProgramData\߈Ï萐ìrogramData
O43 - CFD: 04/06/2013 - 08:23:32 - [0] ----D C:\ProgramData\߈ø萐ʐrogramData
O43 - CFD: 21/03/2013 - 14:24:28 - [0] ----D C:\ProgramData\߈û萐ʧrogramData
O43 - CFD: 30/06/2013 - 13:57:58 - [0] ----D C:\ProgramData\߈Ü萐ɹrogramData
O43 - CFD: 19/06/2013 - 16:58:55 - [0] ----D C:\ProgramData\߈Ā萐ʋrogramData
O43 - CFD: 25/04/2013 - 18:26:51 - [0] ----D C:\ProgramData\߈Ĉ萐ĠrogramData
O43 - CFD: 07/05/2013 - 18:55:51 - [0] ----D C:\ProgramData\߈č萐ĝrogramData
O43 - CFD: 08/03/2013 - 23:28:25 - [0] ----D C:\ProgramData\߈Ď萐ÃrogramData
O43 - CFD: 08/07/2013 - 12:49:46 - [0] ----D C:\ProgramData\߈Đ萐īrogramData
O43 - CFD: 22/06/2013 - 10:54:07 - [0] ----D C:\ProgramData\߈ě萐˅rogramData
O43 - CFD: 19/03/2013 - 22:55:27 - [0] ----D C:\ProgramData\߈ĝ萐(rogramData
O43 - CFD: 29/07/2013 - 14:19:01 - [0] ----D C:\ProgramData\߈ğ萐ÔrogramData
O43 - CFD: 19/04/2013 - 10:24:52 - [0] ----D C:\ProgramData\߈ɓ萐ʅrogramData
O43 - CFD: 30/03/2013 - 12:03:13 - [0] ----D C:\ProgramData\߈ə萐¯rogramData
O43 - CFD: 11/03/2013 - 12:50:04 - [0] ----D C:\ProgramData\߈ɛ萐ʈrogramData
O43 - CFD: 30/07/2013 - 09:57:16 - [0] ----D C:\ProgramData\߈ɛ萐ʙrogramData
O43 - CFD: 30/05/2013 - 12:19:01 - [0] ----D C:\ProgramData\߈ɩ萐 rogramData
O43 - CFD: 23/05/2013 - 12:11:43 - [0] ----D C:\ProgramData\߈ɩ萐ɓrogramData
O43 - CFD: 04/07/2013 - 21:39:14 - [0] ----D C:\ProgramData\߈ɩ萐ɹrogramData
O43 - CFD: 17/06/2013 - 12:39:21 - [0] ----D C:\ProgramData\߈ɩ萐ʝrogramData
O43 - CFD: 29/03/2013 - 22:58:57 - [0] ----D C:\ProgramData\߈ɩ萐ʟrogramData
O43 - CFD: 10/05/2013 - 10:14:06 - [0] ----D C:\ProgramData\߈ɨ萐ɺrogramData
O43 - CFD: 20/04/2013 - 10:53:00 - [0] ----D C:\ProgramData\߈ɯ萐ɭrogramData
O43 - CFD: 06/05/2013 - 09:31:00 - [0] ----D C:\ProgramData\߈ɯ萐ɿrogramData
O43 - CFD: 27/06/2013 - 12:35:22 - [0] ----D C:\ProgramData\߈ɯ萐ʶrogramData
O43 - CFD: 15/06/2013 - 17:57:08 - [0] ----D C:\ProgramData\߈ʀ萐=rogramData
O43 - CFD: 05/03/2013 - 11:08:00 - [0] ----D C:\ProgramData\߈ʀ萐ʑrogramData
O43 - CFD: 18/04/2013 - 10:58:41 - [0] ----D C:\ProgramData\߈ʀ萐ʙrogramData
O43 - CFD: 11/04/2013 - 13:07:23 - [0] ----D C:\ProgramData\߈ʀ萐ʛrogramData
O43 - CFD: 02/04/2013 - 12:53:58 - [0] ----D C:\ProgramData\߈ʊ萐ʈrogramData
O43 - CFD: 13/04/2013 - 13:19:09 - [0] ----D C:\ProgramData\߈ȋ萐ȉrogramData
O43 - CFD: 18/03/2013 - 10:38:25 - [0] ----D C:\ProgramData\߈ȗ萐°rogramData
O43 - CFD: 21/07/2013 - 19:51:20 - [0] ----D C:\ProgramData\߈ș萐ȪrogramData
O43 - CFD: 13/05/2013 - 14:13:50 - [0] ----D C:\ProgramData\߈Ȣ萐ȲrogramData
O43 - CFD: 17/04/2013 - 21:44:02 - [0] ----D C:\ProgramData\߈Ȳ萐programData
O43 - CFD: 19/07/2013 - 13:04:19 - [0] ----D C:\ProgramData\߈Ȳ萐ʑrogramData
O43 - CFD: 02/06/2013 - 12:46:40 - [0] ----D C:\ProgramData\߈ȿ萐ʃrogramData
O43 - CFD: 27/03/2013 - 12:10:48 - [0] ----D C:\ProgramData\߈ʉ萐&rogramData
O43 - CFD: 29/07/2013 - 23:12:46 - [0] ----D C:\ProgramData\߈ʉ萐ʚrogramData
O43 - CFD: 13/06/2013 - 11:50:35 - [0] ----D C:\ProgramData\߈ʌ萐(rogramData
O43 - CFD: 15/05/2013 - 10:27:56 - [0] ----D C:\ProgramData\߈ʌ萐ôrogramData
O43 - CFD: 17/03/2013 - 08:09:53 - [0] ----D C:\ProgramData\߈Ɏ萐3rogramData
O43 - CFD: 14/03/2013 - 12:55:39 - [0] ----D C:\ProgramData\߈ɕ萐ɤrogramData
O43 - CFD: 04/04/2013 - 19:00:01 - [0] ----D C:\ProgramData\߈ɕ萐ɧrogramData
O43 - CFD: 20/05/2013 - 13:02:38 - [0] ----D C:\ProgramData\߈ɘ萐ȍrogramData
O43 - CFD: 13/06/2013 - 13:16:48 - [0] ----D C:\ProgramData\߈ɜ萐ɴrogramData
O43 - CFD: 26/04/2013 - 10:08:22 - [0] ----D C:\ProgramData\߈ɝ萐ɶrogramData
O43 - CFD: 03/03/2013 - 11:51:01 - [0] ----D C:\ProgramData\߈ɞ萐ɲrogramData
O43 - CFD: 17/04/2013 - 11:19:17 - [0] ----D C:\ProgramData\߈ɞ萐ɮrogramData
O43 - CFD: 28/07/2013 - 13:14:00 - [0] ----D C:\ProgramData\߈ɟ萐ɯrogramData
O43 - CFD: 28/05/2013 - 13:00:20 - [0] ----D C:\ProgramData\߈ɟ萐ʖrogramData
O43 - CFD: 16/05/2013 - 18:56:10 - [0] ----D C:\ProgramData\߈ɡ萐ȦrogramData
O43 - CFD: 24/07/2013 - 14:32:19 - [0] ----D C:\ProgramData\߈ɡ萐ɶrogramData
O43 - CFD: 12/04/2013 - 08:53:45 - [0] ----D C:\ProgramData\߈ɢ萐ɼrogramData
O43 - CFD: 22/03/2013 - 17:57:38 - [0] ----D C:\ProgramData\߈ɤ萐¬rogramData
O43 - CFD: 21/06/2013 - 09:06:10 - [0] ----D C:\ProgramData\߈ɦ萐ʀrogramData
O43 - CFD: 26/03/2013 - 11:54:02 - [0] ----D C:\ProgramData\߈ɦ萐ʃrogramData
O43 - CFD: 10/07/2013 - 12:41:15 - [0] ----D C:\ProgramData\߈ɦ萐ˆrogramData
O43 - CFD: 25/05/2013 - 09:44:56 - [0] ----D C:\ProgramData\߈ɧ萐ɟrogramData
O43 - CFD: 29/07/2013 - 19:17:21 - [0] ----D C:\ProgramData\߈ɧ萐ʁrogramData
O43 - CFD: 29/05/2013 - 12:18:01 - [0] ----D C:\ProgramData\߈ɪ萐ɌrogramData
O43 - CFD: 07/05/2013 - 09:55:34 - [0] ----D C:\ProgramData\߈ɪ萐ɿrogramData
O43 - CFD: 19/05/2013 - 10:36:16 - [0] ----D C:\ProgramData\߈ɭ萐ȩrogramData
O43 - CFD: 03/04/2013 - 10:02:20 - [0] ----D C:\ProgramData\߈ɮ萐¶rogramData
O43 - CFD: 05/05/2013 - 10:34:32 - [0] ----D C:\ProgramData\߈ɮ萐ʌrogramData
O43 - CFD: 24/04/2013 - 10:28:49 - [0] ----D C:\ProgramData\߈ɮ萐ʂrogramData
O43 - CFD: 18/07/2013 - 12:53:03 - [0] ----D C:\ProgramData\߈ɮ萐˂rogramData
O43 - CFD: 28/06/2013 - 12:56:38 - [0] ----D C:\ProgramData\߈ɰ萐ʂrogramData
O43 - CFD: 08/07/2013 - 22:22:08 - [0] ----D C:\ProgramData\߈ɴ萐ʸrogramData
O43 - CFD: 12/07/2013 - 18:49:59 - [0] ----D C:\ProgramData\߈ɶ萐ɴrogramData
O43 - CFD: 08/05/2013 - 22:44:25 - [0] ----D C:\ProgramData\߈ɶ萐ʷrogramData
O43 - CFD: 10/03/2013 - 12:34:48 - [0] ----D C:\ProgramData\߈ɷ萐ʏrogramData
O43 - CFD: 13/03/2013 - 09:18:46 - [0] ----D C:\ProgramData\߈ɸ萐ɱrogramData
O43 - CFD: 15/04/2013 - 19:33:22 - [0] ----D C:\ProgramData\߈ɸ萐ʶrogramData
O43 - CFD: 23/04/2013 - 09:19:23 - [0] ----D C:\ProgramData\߈ɹ萐ʑrogramData
O43 - CFD: 04/03/2013 - 09:48:22 - [0] ----D C:\ProgramData\߈ɻ萐¦rogramData
O43 - CFD: 02/07/2013 - 16:40:47 - [0] ----D C:\ProgramData\߈ɻ萐ɹrogramData
O43 - CFD: 29/07/2013 - 14:39:29 - [0] ----D C:\ProgramData\߈ɼ萐ʏrogramData
O43 - CFD: 27/07/2013 - 22:22:55 - [0] ----D C:\ProgramData\߈ɼ萐ʿrogramData
O43 - CFD: 16/04/2013 - 10:11:07 - [0] ----D C:\ProgramData\߈ɾ萐ʪrogramData
O43 - CFD: 05/07/2013 - 13:51:13 - [0] ----D C:\ProgramData\߈ɿ萐ʗrogramData
O43 - CFD: 24/07/2013 - 21:56:32 - [0] ----D C:\ProgramData\߈ʁ萐ɿrogramData
O43 - CFD: 20/03/2013 - 12:10:36 - [0] ----D C:\ProgramData\߈ʁ萐ɫrogramData
O43 - CFD: 19/04/2013 - 11:42:26 - [0] ----D C:\ProgramData\߈ʂ萐ʚrogramData
O43 - CFD: 22/04/2013 - 12:17:27 - [0] ----D C:\ProgramData\߈ʄ萐ʝrogramData
O43 - CFD: 15/07/2013 - 20:48:26 - [0] ----D C:\ProgramData\߈ʅ萐ɶrogramData
O43 - CFD: 20/07/2013 - 19:45:26 - [0] ----D C:\ProgramData\߈ʅ萐ʘrogramData
O43 - CFD: 05/04/2013 - 15:27:54 - [0] ----D C:\ProgramData\߈ʆ萐ɭrogramData
O43 - CFD: 14/04/2013 - 12:54:37 - [0] ----D C:\ProgramData\߈ʆ萐ʜrogramData
O43 - CFD: 24/06/2013 - 12:31:09 - [0] ----D C:\ProgramData\߈ʆ萐ʝrogramData
O43 - CFD: 29/07/2013 - 14:55:18 - [0] ----D C:\ProgramData\߈ʍ萐ɰrogramData
O43 - CFD: 06/04/2013 - 11:12:48 - [0] ----D C:\ProgramData\߈ʎ萐ɴrogramData
O43 - CFD: 21/05/2013 - 12:37:15 - [0] ----D C:\ProgramData\߈ʐ萐ʥrogramData
O43 - CFD: 22/03/2013 - 14:39:00 - [0] ----D C:\ProgramData\߈ʑ萐ɹrogramData
O43 - CFD: 20/06/2013 - 11:54:29 - [0] ----D C:\ProgramData\߈ʑ萐ʏrogramData
O43 - CFD: 08/03/2013 - 11:01:25 - [0] ----D C:\ProgramData\߈ʓ萐ʪrogramData
O43 - CFD: 29/07/2013 - 22:05:47 - [0] ----D C:\ProgramData\߈ʕ萐¤rogramData
O43 - CFD: 13/03/2013 - 19:12:07 - [0] ----D C:\ProgramData\߈ʚ萐ʘrogramData
O43 - CFD: 01/04/2013 - 12:58:00 - [0] ----D C:\ProgramData\߈ʠ萐ʞrogramData
O43 - CFD: 05/07/2013 - 22:48:37 - [0] ----D C:\ProgramData\߈ʥ萐ĉrogramData
O43 - CFD: 01/07/2013 - 17:24:09 - [0] ----D C:\ProgramData\߈ʲ萐árogramData
O43 - CFD: 22/07/2013 - 16:43:01 - [0] ----D C:\ProgramData\߈ʴ萐˃rogramData
O43 - CFD: 26/07/2013 - 13:31:21 - [0] ----D C:\ProgramData\߈ɫ萐ɩrogramData
O43 - CFD: 18/05/2013 - 12:40:46 - [0] ----D C:\ProgramData\߈ɽ萐(rogramData
O43 - CFD: 22/05/2013 - 09:48:41 - [0] ----D C:\ProgramData\߈ɽ萐ɦrogramData
O43 - CFD: 16/04/2013 - 21:19:21 - [0] ----D C:\ProgramData\߈ɽ萐ʕrogramData
O43 - CFD: 16/11/2013 - 14:19:07 - [1,063] ----D C:\Users\gold\AppData\Roaming\0C1I1L1R1J0M1P0I1G
O43 - CFD: 26/03/2011 - 21:36:45 - [10,726] ----D C:\Users\gold\AppData\Roaming\Adobe
O43 - CFD: 18/08/2009 - 20:54:16 - [0] ----D C:\Users\gold\AppData\Roaming\AdobeUM
O43 - CFD: 01/06/2012 - 22:30:48 - [8,389] ----D C:\Users\gold\AppData\Roaming\Apple Computer
O43 - CFD: 05/08/2010 - 15:41:45 - [0] ----D C:\Users\gold\AppData\Roaming\AVS4YOU
O43 - CFD: 05/10/2012 - 12:16:48 - [0,003] ----D C:\Users\gold\AppData\Roaming\Convertisseur PDF
O43 - CFD: 05/10/2012 - 12:25:48 - [0,004] ----D C:\Users\gold\AppData\Roaming\Convertisseur PDF Pro
O43 - CFD: 07/04/2010 - 11:13:50 - [0] ----D C:\Users\gold\AppData\Roaming\CoSoSys
O43 - CFD: 15/10/2009 - 21:06:33 - [0,005] ----D C:\Users\gold\AppData\Roaming\CyberLink
O43 - CFD: 05/10/2012 - 13:34:50 - [190,700] ----D C:\Users\gold\AppData\Roaming\Downloaded Installations
O43 - CFD: 21/11/2013 - 18:55:14 - [0,032] ----D C:\Users\gold\AppData\Roaming\DriverTurbo
O43 - CFD: 18/12/2013 - 17:09:29 - [0] ----D C:\Users\gold\AppData\Roaming\dvdcss
O43 - CFD: 06/01/2014 - 18:40:02 - [0,001] ----D C:\Users\gold\AppData\Roaming\Easeware
O43 - CFD: 05/10/2012 - 13:39:45 - [0] ----D C:\Users\gold\AppData\Roaming\FileOpen
O43 - CFD: 02/12/2013 - 22:49:45 - [0] ----D C:\Users\gold\AppData\Roaming\GlarySoft
O43 - CFD: 16/04/2011 - 10:18:55 - [0] ----D C:\Users\gold\AppData\Roaming\Google
O43 - CFD: 13/08/2009 - 18:09:13 - [0,024] ----D C:\Users\gold\AppData\Roaming\hewlett-packard
O43 - CFD: 19/09/2009 - 21:19:15 - [0,220] ----D C:\Users\gold\AppData\Roaming\HP
O43 - CFD: 13/08/2009 - 18:05:54 - [0,022] ----D C:\Users\gold\AppData\Roaming\HP TCS
O43 - CFD: 18/12/2013 - 20:29:40 - [0,003] ----D C:\Users\gold\AppData\Roaming\HpUpdate
O43 - CFD: 31/07/2013 - 14:50:47 - [0] ----D C:\Users\gold\AppData\Roaming\Icones
O43 - CFD: 13/08/2009 - 18:08:41 - [0] ----D C:\Users\gold\AppData\Roaming\Identities
O43 - CFD: 03/12/2009 - 23:36:35 - [0,889] ----D C:\Users\gold\AppData\Roaming\igraal
O43 - CFD: 23/08/2009 - 15:22:45 - [0,003] ----D C:\Users\gold\AppData\Roaming\Leadertech
O43 - CFD: 18/08/2009 - 16:09:51 - [3,509] ----D C:\Users\gold\AppData\Roaming\Macromedia
O43 - CFD: 31/07/2013 - 14:27:34 - [950,064] ----D C:\Users\gold\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 16:07:25 - [0] ----D C:\Users\gold\AppData\Roaming\Media Center Programs
O43 - CFD: 23/10/2013 - 14:46:59 - [33,284] -S--D C:\Users\gold\AppData\Roaming\Microsoft
O43 - CFD: 18/08/2009 - 13:33:19 - [0] ----D C:\Users\gold\AppData\Roaming\Microsoft Web Folders
O43 - CFD: 23/09/2009 - 21:01:53 - [4,070] ----D C:\Users\gold\AppData\Roaming\Mozilla
O43 - CFD: 20/10/2011 - 15:09:43 - [0,010] ----D C:\Users\gold\AppData\Roaming\Nero
O43 - CFD: 06/10/2012 - 11:28:52 - [1,477] ----D C:\Users\gold\AppData\Roaming\Nitro
O43 - CFD: 06/10/2012 - 12:01:51 - [0,001] ----D C:\Users\gold\AppData\Roaming\Nitro PDF
O43 - CFD: 17/05/2012 - 21:28:47 - [21,451] ----D C:\Users\gold\AppData\Roaming\OpenOffice.org
O43 - CFD: 10/08/2013 - 13:57:35 - [0] ----D C:\Users\gold\AppData\Roaming\PC Cleaner =>USP.PCCleaner
O43 - CFD: 23/01/2010 - 20:17:00 - [0] ----D C:\Users\gold\AppData\Roaming\PeerNetworking
O43 - CFD: 18/12/2013 - 17:09:34 - [0] ----D C:\Users\gold\AppData\Roaming\player
O43 - CFD: 13/12/2013 - 22:34:45 - [0,077] ----D C:\Users\gold\AppData\Roaming\QuickScan
O43 - CFD: 27/06/2013 - 12:39:58 - [0] ----D C:\Users\gold\AppData\Roaming\ShieldApps
O43 - CFD: 18/08/2009 - 13:53:55 - [0] ----D C:\Users\gold\AppData\Roaming\Skinux
O43 - CFD: 22/01/2014 - 22:27:48 - [39,087] ----D C:\Users\gold\AppData\Roaming\Skype
O43 - CFD: 01/07/2011 - 18:32:13 - [0,036] ----D C:\Users\gold\AppData\Roaming\skypePM
O43 - CFD: 05/10/2012 - 12:22:09 - [67,039] ----D C:\Users\gold\AppData\Roaming\SmartSoftOCRHelper
O43 - CFD: 06/10/2012 - 10:33:13 - [0,200] ----D C:\Users\gold\AppData\Roaming\SolidDocuments
O43 - CFD: 16/01/2010 - 23:39:24 - [0,046] ----D C:\Users\gold\AppData\Roaming\Template
O43 - CFD: 18/12/2010 - 00:05:35 - [2,177] ----D C:\Users\gold\AppData\Roaming\Todae
O43 - CFD: 29/06/2010 - 19:14:14 - [103,177] ----D C:\Users\gold\AppData\Roaming\TomTom
O43 - CFD: 08/01/2014 - 15:53:11 - [1,422] ----D C:\Users\gold\AppData\Roaming\vlc
O43 - CFD: 21/08/2009 - 19:24:06 - [0,001] ----D C:\Users\gold\AppData\Roaming\WildTangent
O43 - CFD: 18/05/2010 - 13:25:39 - [0] ----D C:\Users\gold\AppData\Roaming\WinBatch
O43 - CFD: 23/01/2014 - 23:11:10 - [0,042] ----D C:\Users\gold\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 02/12/2013 - 20:59:44 - [0,024] ----D C:\Users\gold\AppData\Roaming\_MDLogs
O43 - CFD: 15/01/2014 - 14:41:04 - [17,140] ----D C:\Users\gold\AppData\Local\Adobe
O43 - CFD: 10/02/2010 - 13:21:44 - [0] ----D C:\Users\gold\AppData\Local\Apple
O43 - CFD: 01/07/2011 - 18:32:10 - [34,306] ----D C:\Users\gold\AppData\Local\Apple Computer
O43 - CFD: 13/08/2009 - 18:03:39 - [0] -SH-D C:\Users\gold\AppData\Local\Application Data
O43 - CFD: 08/09/2013 - 16:35:49 - [0] ----D C:\Users\gold\AppData\Local\Apps
O43 - CFD: 09/08/2013 - 14:04:58 - [0] ----D C:\Users\gold\AppData\Local\Avg2013
O43 - CFD: 11/10/2013 - 14:23:07 - [0,146] ----D C:\Users\gold\AppData\Local\avgchrome
O43 - CFD: 05/10/2012 - 12:59:08 - [1,763] ----D C:\Users\gold\AppData\Local\CRE
O43 - CFD: 19/08/2009 - 13:57:26 - [0,133] ----D C:\Users\gold\AppData\Local\CyberLink
O43 - CFD: 08/09/2013 - 16:35:49 - [0] ----D C:\Users\gold\AppData\Local\Deployment
O43 - CFD: 17/09/2013 - 21:40:51 - [78,221] ----D C:\Users\gold\AppData\Local\Downloaded Installations
O43 - CFD: 26/11/2013 - 16:42:06 - [0] ----D C:\Users\gold\AppData\Local\DriverTuner
O43 - CFD: 17/12/2013 - 23:16:17 - [0] ----D C:\Users\gold\AppData\Local\ElevatedDiagnostics
O43 - CFD: 18/12/2013 - 17:08:57 - [0,029] ----D C:\Users\gold\AppData\Local\emaze
O43 - CFD: 03/02/2010 - 22:27:44 - [0] ----D C:\Users\gold\AppData\Local\eMule
O43 - CFD: 04/12/2013 - 13:46:37 - [116,443] ----D C:\Users\gold\AppData\Local\Google
O43 - CFD: 30/07/2011 - 19:56:38 - [118,709] ----D C:\Users\gold\AppData\Local\Hewlett-Packard
O43 - CFD: 13/08/2009 - 18:08:35 - [0] ----D C:\Users\gold\AppData\Local\Hewlett-Packard_Company
O43 - CFD: 13/08/2009 - 18:03:39 - [0] -SH-D C:\Users\gold\AppData\Local\Historique
O43 - CFD: 19/09/2009 - 21:12:00 - [36,539] ----D C:\Users\gold\AppData\Local\HP
O43 - CFD: 22/11/2009 - 14:42:32 - [105,749] ----D C:\Users\gold\AppData\Local\IM
O43 - CFD: 18/08/2009 - 13:54:12 - [0] ----D C:\Users\gold\AppData\Local\KodakGallery
O43 - CFD: 20/10/2009 - 14:46:00 - [86,611] ----D C:\Users\gold\AppData\Local\LogiShrd
O43 - CFD: 20/12/2012 - 20:32:56 - [0] ----D C:\Users\gold\AppData\Local\Macromedia
O43 - CFD: 09/08/2013 - 14:04:58 - [2,027] ----D C:\Users\gold\AppData\Local\MFAData
O43 - CFD: 05/12/2013 - 15:44:55 - [1308,638] ----D C:\Users\gold\AppData\Local\Microsoft
O43 - CFD: 18/12/2013 - 17:09:04 - [1,647] ----D C:\Users\gold\AppData\Local\Microsoft Help
O43 - CFD: 08/01/2014 - 15:14:27 - [0,001] ----D C:\Users\gold\AppData\Local\MigWiz
O43 - CFD: 23/09/2009 - 20:59:52 - [51,170] ----D C:\Users\gold\AppData\Local\Mozilla
O43 - CFD: 20/10/2011 - 15:23:15 - [2,112] ----D C:\Users\gold\AppData\Local\Nero
O43 - CFD: 20/10/2011 - 15:20:34 - [0,003] ----D C:\Users\gold\AppData\Local\Nero_AG
O43 - CFD: 19/08/2009 - 13:57:25 - [0] ----D C:\Users\gold\AppData\Local\PowerCinema
O43 - CFD: 19/09/2009 - 20:52:53 - [0,272] ----D C:\Users\gold\AppData\Local\Seven Zip
O43 - CFD: 02/03/2013 - 15:01:12 - [0] ----D C:\Users\gold\AppData\Local\Software
O43 - CFD: 23/01/2014 - 23:10:16 - [16,467] ----D C:\Users\gold\AppData\Local\Temp
O43 - CFD: 13/08/2009 - 18:03:39 - [0] -SH-D C:\Users\gold\AppData\Local\Temporary Internet Files
O43 - CFD: 29/06/2010 - 19:14:14 - [1,529] ----D C:\Users\gold\AppData\Local\TomTom
O43 - CFD: 05/10/2012 - 12:18:55 - [10,227] ----D C:\Users\gold\AppData\Local\VirtualStore
O43 - CFD: 07/08/2013 - 00:25:47 - [0] ----D C:\Users\gold\AppData\Local\Windows Live
O43 - CFD: 18/12/2013 - 17:09:34 - [0,015] R---D C:\Users\gold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 18/12/2013 - 17:09:34 - [0] R---D C:\Users\gold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 18/12/2010 - 00:05:35 - [0] ----D C:\Users\gold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Media Plugin
O43 - CFD: 18/12/2013 - 17:09:34 - [0,001] R---D C:\Users\gold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 18/12/2013 - 17:09:34 - [0] R---D C:\Users\gold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 381 Scanned in 00mn 02s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/01/2014 - 13:13:18 ---A- . (...) -- C:\Windows\setupact.log [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/01/2014 - 13:13:18 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.B25102984604720CEE8BD95ED7EEA9DF] - 09/01/2014 - 13:13:20 ---A- . (...) -- C:\Windows\System32\lvcoinst.log [25311]
O44 - LFC:[MD5.B583F45FC2B8B9226984B230A781ECA5] - 09/01/2014 - 13:22:31 ---A- . (...) -- C:\FINIS_IT.TXT [750]
O44 - LFC:[MD5.FE6694235A2BCF86E7611794C7C97B45] - 11/01/2014 - 14:10:35 ---A- . (...) -- C:\AdwCleaner[R10].txt [2086]
O44 - LFC:[MD5.DCA862F9796BBF621DB12768978DBBA6] - 15/01/2014 - 14:28:02 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\mrt.exe [86054176]
O44 - LFC:[MD5.6FB598E8DE02D879D17B35F144A1B3BC] - 19/01/2014 - 08:33:29 ----- . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\Windows\System32\MpSigStub.exe [270496]
O44 - LFC:[MD5.0BB97D43299910CBFBA59C461B99B910] - 22/01/2014 - 20:30:15 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25928]
O44 - LFC:[MD5.A640944605E06FE482B9023CA232F067] - 23/01/2014 - 19:31:43 ---A- . (...) -- C:\Windows\PFRO.log [18142]
O44 - LFC:[MD5.177E71895E891EA81792123ADECBA588] - 23/01/2014 - 19:32:48 ---A- . (...) -- C:\Windows\ntbtlog.txt [1228166]
O44 - LFC:[MD5.5217A13C9111815C54D41BCCAE6538D7] - 23/01/2014 - 19:47:00 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.9455FE4232D2FD83112B6ED8F95E4887] - 23/01/2014 - 19:51:40 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1425636]
~ Files: 12 Scanned in 00mn 05s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.0B9492FE96420B43F503FC54D9235712] - 23/01/2014 - 20:54:09 ---A- - C:\Windows\Prefetch\SFTGC.EXE-60323DC0.pf
O45 - LFCP:[MD5.F776A91F1938078906A65128BDDD30B3] - 23/01/2014 - 21:14:08 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.6A205D5E2B87A9C8E454B82DEC834672] - 23/01/2014 - 21:23:46 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-8FD92526.pf
O45 - LFCP:[MD5.8F90E0A92A89CDCCD6E0B61F1EF9D65D] - 23/01/2014 - 21:23:46 ---A- - C:\Windows\Prefetch\VSSVC.EXE-04D079CC.pf
O45 - LFCP:[MD5.31B711435DD0B4B618AACA996890C31D] - 23/01/2014 - 21:55:32 ---A- - C:\Windows\Prefetch\RIBBONS.SCR-B106D674.pf
O45 - LFCP:[MD5.FC45040B18CF48D26A90AC5C4528629F] - 23/01/2014 - 22:05:36 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-1BEE4A84.pf
O45 - LFCP:[MD5.9FA0FDEB0C049DE1D21E675EFD8D25E3] - 23/01/2014 - 22:45:57 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-905D47B9.pf
O45 - LFCP:[MD5.5E1114A753AAD7DE48D01DE67F1DD873] - 23/01/2014 - 22:46:02 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-331070A3.pf
O45 - LFCP:[MD5.6DDE39D641898646A6BEA2FA0AE9B6F7] - 23/01/2014 - 22:47:59 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.45E51EA775F491B41DB43F57DB8A46D7] - 23/01/2014 - 22:47:59 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.59230A1AFD20F482BA17BE53B0DDE47E] - 23/01/2014 - 22:47:59 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.7A37923C8CD78F9F89CA055CCC474738] - 23/01/2014 - 22:47:59 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.E15382FD27857105BA05FCCA2A977314] - 23/01/2014 - 22:49:46 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-58863F79.pf
O45 - LFCP:[MD5.434040C7FED2CC09CDAD0A5711FD8C73] - 23/01/2014 - 22:50:15 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2110523243-1586633563-1267511211-1000.db
O45 - LFCP:[MD5.E4D0DDF9F4F5E28DCBBE16D36A5C74B6] - 23/01/2014 - 22:50:15 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2110523243-1586633563-1267511211-1000.db
O45 - LFCP:[MD5.06922E0DACFD55F9FA7FE39865BFD673] - 23/01/2014 - 22:53:16 ---A- - C:\Windows\Prefetch\ZHPDIAG2 (1).TMP-BF9125EC.pf
O45 - LFCP:[MD5.EED1B65B1D37B3DFCE52055A1AC3613E] - 23/01/2014 - 22:53:21 ---A- - C:\Windows\Prefetch\ZHPDIAG2 (1).EXE-4A84046C.pf
O45 - LFCP:[MD5.67EA6DC4D59F4F47569E0018B70E40EB] - 23/01/2014 - 22:53:21 ---A- - C:\Windows\Prefetch\ZHPDIAG2 (1).TMP-490E9084.pf
O45 - LFCP:[MD5.FBAC32675E3631463F69088E8A0FDCBD] - 23/01/2014 - 22:54:24 ---A- - C:\Windows\Prefetch\CSPEP.EXE-6F771592.pf
O45 - LFCP:[MD5.D23EC9B63A69AA08703DE2978F90FB27] - 23/01/2014 - 23:02:16 ---A- - C:\Windows\Prefetch\TASKENG.EXE-5BAF290C.pf
O45 - LFCP:[MD5.B288CD2095EB8AE2CD32AB4980A87CC7] - 23/01/2014 - 23:07:27 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-71214090.pf
O45 - LFCP:[MD5.C57A45069F27985254745EECF9218BA2] - 23/01/2014 - 23:08:01 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-648FB068.pf
O45 - LFCP:[MD5.FA9DC45C865DDB2488A447FDB02DC638] - 23/01/2014 - 23:08:03 ---A- - C:\Windows\Prefetch\WOW_HELPER.EXE-F1D236DB.pf
O45 - LFCP:[MD5.4F88696BE5F4AB5875828B88DF05876B] - 23/01/2014 - 23:08:13 ---A- - C:\Windows\Prefetch\CHROME.EXE-5FE9909D.pf
O45 - LFCP:[MD5.BE719107C71D192BC818CAE3A7E1EC50] - 23/01/2014 - 23:09:13 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-1B3ABCE8.pf
O45 - LFCP:[MD5.831C6F1F8B36143E473D05EB13C70563] - 23/01/2014 - 23:10:20 ---A- - C:\Windows\Prefetch\CONSENT.EXE-65F6206D.pf
O45 - LFCP:[MD5.FD9E88D66A5F7385591D7904C2BED33F] - 23/01/2014 - 23:10:25 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-893DDF55.pf
O45 - LFCP:[MD5.17CD8F435ADAE5B142DE97EA1AE05FE1] - 23/01/2014 - 23:10:44 ---A- - C:\Windows\Prefetch\CMD.EXE-EABFE48B.pf
O45 - LFCP:[MD5.9B85574CA0C180C900947611652D4886] - 23/01/2014 - 23:10:44 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-228E38AF.pf
O45 - LFCP:[MD5.E8EA8069589A02511723B73CCAADA55C] - 23/01/2014 - 23:10:44 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-94D7CB13.pf
O45 - LFCP:[MD5.2EA2C11D8247B37E0958504B2C96C67B] - 23/01/2014 - 23:10:46 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-AFAD3EF9.pf
O45 - LFCP:[MD5.3603C716616DC67BD537696AD1499CC8] - 23/01/2014 - 23:10:55 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-AA7A1FDD.pf
O45 - LFCP:[MD5.C57CAB206CD109EF886B436000114B73] - 23/01/2014 - 23:11:09 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-7E9C9BE3.pf
~ Prefetcher: 33 Scanned in 00mn 01s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
~ LSA: 7 Scanned in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s
---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"vidc.i420"="lvcod64.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcod64.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 3 Scanned in 00mn 00s
---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O53 - SMSR:HKLM\...\startupreg\Adobe Photo Downloader [Key] . (...) -- C:\Program Files (x86)\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\APSDaemon [Key] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O53 - SMSR:HKLM\...\startupreg\CLMLServer for HP TouchSmart [Key] . (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
O53 - SMSR:HKLM\...\startupreg\Connexion SFR 9props.exe [Key] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe
O53 - SMSR:HKLM\...\startupreg\DriverTurbo [Key] . (...) -- C:\Program Files (x86)\DriverTurbo\DriverTurbo.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\DVDAgent [Key] . (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
O53 - SMSR:HKLM\...\startupreg\HP Health Check Scheduler [Key] . (.Hewlett-Packard - HP Health Check Scheduler.) -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O53 - SMSR:HKLM\...\startupreg\HP Remote Software [Key] . (.Pas de propriétaire - Core functionality module for HP Remote sof.) -- C:\Program Files\Hewlett-Packard\HP Remote\HP REMOTE V1.0.5.exe
O53 - SMSR:HKLM\...\startupreg\HP Software Update [Key] . (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O53 - SMSR:HKLM\...\startupreg\HPADVISOR [Key] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O53 - SMSR:HKLM\...\startupreg\hpqSRMon [Key] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O53 - SMSR:HKLM\...\startupreg\hpsysdrv [Key] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe =>.Hewlett-Packard Co
O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O53 - SMSR:HKLM\...\startupreg\LightScribe Control Panel [Key] . (...) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\LogitechQuickCamRibbon [Key] . (...) -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe =>.Logitech Inc
O53 - SMSR:HKLM\...\startupreg\NvCplDaemon [Key] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll =>.NVIDIA Corporation
O53 - SMSR:HKLM\...\startupreg\PC Cleaner [Key] . (...) -- C:\Program Files (x86)\PC Cleaner\PCCLauncher.exe (.not file.) =>USP.PCCleaner
O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O53 - SMSR:HKLM\...\startupreg\SmartMenu [Key] . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SmartSoft PDF Printer Agent [Key] . (...) -- C:\Program Files\Convertisseur PDF Pro\SmartSoft PDF Printer Agent.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O53 - SMSR:HKLM\...\startupreg\TomTomHOME.exe [Key] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O53 - SMSR:HKLM\...\startupreg\TSMAgent [Key] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
O53 - SMSR:HKLM\...\startupreg\UpdateLBPShortCut [Key] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O53 - SMSR:HKLM\...\startupreg\UpdateP2GoShortCut [Key] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O53 - SMSR:HKLM\...\startupreg\UpdatePDIRShortCut [Key] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
O53 - SMSR:HKLM\...\startupreg\UpdatePSTShortCut [Key] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe
~ SMSR Keys: 28 Scanned in 00mn 00s
---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 1 Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "HideFastUserSwitching"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableLockWorkstation"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableChangePassword"=0
~ MWPS: 20 Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLogoff"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoClose"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
~ MWPE Keys: 6 Scanned in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.F14215E37CF124104575073F782111D2] - 21/01/2008 - 03:46:53 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [486456]
O58 - SDL:[MD5.7D05A75E3066861A6610F7EE04FF085C] - 21/01/2008 - 03:46:54 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [342584]
O58 - SDL:[MD5.820A201FE08A0C345B3BEDBC30E1A77C] - 21/01/2008 - 03:46:54 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (X64).) -- C:\Windows\System32\Drivers\adpu160m.sys [126520]
O58 - SDL:[MD5.9B4AB6854559DC168FBB4C24FC52E794] - 21/01/2008 - 03:47:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [185912]
O58 - SDL:[MD5.157D0898D4B73F075CE9FA26B482DF98] - 21/01/2008 - 03:46:50 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15976]
O58 - SDL:[MD5.BA8417D4765F3988FF921F30F630E303] - 21/01/2008 - 03:46:52 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [90680]
O58 - SDL:[MD5.9D41C435619733B34CC16A511E644B11] - 21/01/2008 - 03:47:00 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [91192]
O58 - SDL:[MD5.40014A6251A68D1EC48001B1653CCEE0] - 21/01/2008 - 03:47:30 ---A- . (...) -- C:\Windows\System32\Drivers\bdasup.sys [15616]
O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 18/09/2006 - 22:30:15 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432]
O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 18/09/2006 - 22:30:15 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704]
O58 - SDL:[MD5.F0F0BA4D815BE446AA6A4583CA3BCA9B] - 02/11/2006 - 09:43:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [86528]
O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 18/09/2006 - 22:30:18 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104]
O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 18/09/2006 - 22:30:18 ---A- . (...) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976]
O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 19/09/2006 - 12:42:33 ---A- . (...) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720]
O58 - SDL:[MD5.E5D5499A1C50A54B5161296B6AFE6192] - 21/01/2008 - 03:46:50 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [18024]
O58 - SDL:[MD5.222CB641B4B8A1D1126F8033F9FD6A00] - 02/11/2006 - 12:50:06 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\Drivers\djsvs.sys [88168]
O58 - SDL:[MD5.264CEE7B031A9D6C827F3D0CB031F2FE] - 21/01/2008 - 03:46:56 ---A- . (...) -- C:\Windows\System32\Drivers\E1G6032E.sys [146176]
O58 - SDL:[MD5.C4636D6E10469404AB5308D9FD45ED07] - 21/01/2008 - 03:46:59 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [397368]
O58 - SDL:[MD5.8E98D21EE06192492A5671A6144D092F] - 21/08/2012 - 12:01:20 ---A- . (...) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240]
O58 - SDL:[MD5.603F4C5E89B67331DDACECAA6C231CB1] - 03/07/2013 - 03:22:30 ---A- . (...) -- C:\Windows\System32\Drivers\hidparse.sys [31616]
O58 - SDL:[MD5.D7109A1E6BD2DFDBCBA72A6BC626A13B] - 21/01/2008 - 03:46:59 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\System32\Drivers\HpCISSs.sys [47672]
O58 - SDL:[MD5.3E3BF3627D886736D0B4E90054F929F6] - 21/01/2008 - 03:46:59 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\System32\Drivers\iaStorV.sys [290872]
O58 - SDL:[MD5.8C3951AD2FE886EF76C7B5027C3125D3] - 02/11/2006 - 13:02:39 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44648]
O58 - SDL:[MD5.63C766CDC609FF8206CB447A65ABBA4A] - 02/11/2006 - 13:02:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [37480]
O58 - SDL:[MD5.1281FE73B17664631D12F643CBEA3F59] - 02/11/2006 - 13:02:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [37480]
O58 - SDL:[MD5.1D419CF43DB29396ECD7113D129D94EB] - 21/01/2008 - 03:49:00 ---A- . (...) -- C:\Windows\System32\Drivers\ksthunk.sys [20864]
O58 - SDL:[MD5.ACBE1AF32D3123E330A07BFBC5EC4A9B] - 21/01/2008 - 03:46:51 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [113720]
O58 - SDL:[MD5.799FFB2FC4729FA46D2157C0065B3525] - 21/01/2008 - 03:46:56 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [105016]
O58 - SDL:[MD5.F445FF1DAAD8A226366BFAF42551226B] - 21/01/2008 - 03:47:01 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [113720]
O58 - SDL:[MD5.4A503882318BB2F59218D401614E6AF6] - 30/04/2009 - 23:55:46 ---A- . (.Logitech Inc. - Audio filter for Express Plus.) -- C:\Windows\System32\Drivers\lv302a64.sys [15896]
O58 - SDL:[MD5.AE0B94363DA0F60D42B9D05B352F61ED] - 30/04/2009 - 23:55:56 ---A- . (...) -- C:\Windows\System32\Drivers\LV302V64.SYS [2755096]
O58 - SDL:[MD5.7717A2CB550267860D3933F3FBA0216F] - 30/04/2009 - 14:59:48 ---A- . (...) -- C:\Windows\System32\Drivers\LVPr2M64.sys [30232]
O58 - SDL:[MD5.125AE13C293889001B8456CF3EB04A40] - 01/05/2009 - 00:01:34 ---A- . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Driver.) -- C:\Windows\System32\Drivers\lvrs64.sys [327576]
O58 - SDL:[MD5.6562FCEE704F14C05F5338B147D67A16] - 12/10/2007 - 03:00:20 ---A- . (...) -- C:\Windows\System32\Drivers\LVUSBS64.sys [50072]
O58 - SDL:[MD5.0BB97D43299910CBFBA59C461B99B910] - 04/04/2013 - 14:50:32 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25928]
O58 - SDL:[MD5.5C5CD6AACED32FB26C3FB34B3DCF972F] - 21/01/2008 - 03:46:59 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\System32\Drivers\megasas.sys [35896]
O58 - SDL:[MD5.859BC2436B076C77C159ED694ACFE8F8] - 21/01/2008 - 03:46:56 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [438328]
O58 - SDL:[MD5.3C200630A89EF2C0864D515B7A75802E] - 02/11/2006 - 13:02:24 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\System32\Drivers\Mraid35x.sys [39016]
O58 - SDL:[MD5.0EA73E498F53B96D83DBFCA074AD4CF8] - 21/01/2008 - 03:49:52 ---A- . (...) -- C:\Windows\System32\Drivers\mskssrv.sys [11008]
O58 - SDL:[MD5.52E59B7E992A58E740AA63F57EDBAE8B] - 02/11/2006 - 10:37:30 ---A- . (...) -- C:\Windows\System32\Drivers\mspclock.sys [7040]
O58 - SDL:[MD5.49084A75BAE043AE02D5B44D02991BB2] - 02/11/2006 - 10:37:30 ---A- . (...) -- C:\Windows\System32\Drivers\mspqm.sys [6656]
O58 - SDL:[MD5.86D632D75D05D5B7C7C043FA3564AE86] - 21/01/2008 - 03:49:52 ---A- . (...) -- C:\Windows\System32\Drivers\mstee.sys [7936]
O58 - SDL:[MD5.0E27AF88B9C2291D2FDE9FAAEBD2E9A3] - 26/02/2008 - 18:18:00 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- C:\Windows\System32\Drivers\netr7364.sys [615424]
O58 - SDL:[MD5.4AC08BD6AF2DF42E0C3196D826C8AEA7] - 02/11/2006 - 13:03:03 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51816]
O58 - SDL:[MD5.BE52A3EDA5E4E8EFACC41F6238B709DF] - 24/04/2009 - 17:54:06 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\Drivers\nvhda64v.sys [79392]
O58 - SDL:[MD5.766199A6341F7775B0A60D865123F95A] - 01/05/2009 - 13:27:00 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 185.86.) -- C:\Windows\System32\Drivers\nvlddmkm.sys [11725728]
O58 - SDL:[MD5.98350606682594521D56ECCB5D01ECF7] - 01/08/2008 - 13:51:12 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\System32\Drivers\nvmfdx64.sys [1498016]
O58 - SDL:[MD5.2C040B7ADA5B06F6FACADAC8514AA034] - 21/01/2008 - 03:46:54 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [128056]
O58 - SDL:[MD5.2F60404C51999DAED32517606B6B9585] - 12/11/2008 - 18:04:40 ----- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvrd64.sys [167456]
O58 - SDL:[MD5.16D36074B84DA72D160233C8D132DC89] - 22/05/2008 - 10:39:48 ----- . (.NVIDIA Corporation - NVIDIA nForce(TM) SMU Microcontroller Driver.) -- C:\Windows\System32\Drivers\nvsmu.sys [27168]
O58 - SDL:[MD5.F7EA0FE82842D05EDA3EFDD376DBFDBA] - 21/01/2008 - 03:46:54 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [54328]
O58 - SDL:[MD5.3EAE16D8E9C4ED4725186EACE6F5357A] - 12/11/2008 - 18:04:14 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor64.sys [170016]
O58 - SDL:[MD5.7B58953E2F263421FDBB09A192712A85] - 02/11/2006 - 10:43:56 ---A- . (...) -- C:\Windows\System32\Drivers\ohci1394.sys [72192]
O58 - SDL:[MD5.0B83F4E681062F3839BE2EC1D98FD94A] - 21/01/2008 - 03:46:52 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1221176]
O58 - SDL:[MD5.E1C80F8D4D1E39EF9595809C1369BF2A] - 02/11/2006 - 12:50:27 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [124008]
O58 - SDL:[MD5.1EDAB7F9B9DE4424BECCDEF950CE2FF0] - 11/02/2009 - 21:39:24 ---A- . (...) -- C:\Windows\System32\Drivers\RTKVHD64.sys [1708192]
O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 30/09/2006 - 00:51:44 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:[MD5.3A2F769FAB9582BC720E11EA1DFB184D] - 21/01/2008 - 03:47:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [78392]
O58 - SDL:[MD5.EB69069B969F4252A3BDE2BB3621811E] - 11/04/2009 - 06:39:31 ---A- . (...) -- C:\Windows\System32\Drivers\stream.sys [68224]
O58 - SDL:[MD5.2F26A2C6FC96B29BEFF5D8ED74E6625B] - 02/11/2006 - 13:02:52 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\symc8xx.sys [49256]
O58 - SDL:[MD5.A909667976D3BCCD1DF813FED517D837] - 02/11/2006 - 13:02:37 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\sym_hi.sys [44648]
O58 - SDL:[MD5.36887B56EC2D98B9C362F6AE4DE5B7B0] - 02/11/2006 - 13:02:47 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\sym_u3.sys [48232]
O58 - SDL:[MD5.697F0446134CDC8F99E69306184FBBB4] - 21/01/2008 - 03:46:56 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [284728]
O58 - SDL:[MD5.31707F09846056651EA2C37858F5DDB0] - 02/11/2006 - 12:50:54 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [148072]
O58 - SDL:[MD5.85E5E43ED5B48C8376281BAB519271B7] - 21/01/2008 - 03:46:52 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series x64 Windows Driver.) -- C:\Windows\System32\Drivers\ulsata2.sys [174696]
O58 - SDL:[MD5.D46BDF1C810138E2D3B985FA3A7AB05E] - 11/04/2009 - 06:39:40 ---A- . (...) -- C:\Windows\System32\Drivers\USBCAMD2.sys [32640]
O58 - SDL:[MD5.7BCE39EE2B61BC3A17E80BC0583F6797] - 29/06/2013 - 03:25:14 ---A- . (...) -- C:\Windows\System32\Drivers\usbd.sys [7552]
O58 - SDL:[MD5.8294B6C3FDB6C33F24E150DE647ECDAA] - 21/01/2008 - 03:46:50 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [18024]
O58 - SDL:[MD5.A68F455ED2673835209318DD61BFBB0E] - 21/01/2008 - 03:47:25 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [149048]
O58 - SDL:[MD5.FEF8FE5923FEAD2CEE4DFABFCE3393A7] - 02/11/2006 - 10:40:24 ---A- . (...) -- C:\Windows\System32\Drivers\wacompen.sys [26624]
~ Drivers: 20 Scanned in 00mn 03s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 20/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_player.vimeo.com_0.localstorage [3072]
O61 - LFC: 20/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_player.vimeo.com_0.localstorage-journal [3608]
O61 - LFC: 20/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.boulanger.fr_0.localstorage [28672]
O61 - LFC: 20/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.boulanger.fr_0.localstorage-journal [16384]
O61 - LFC: 20/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_fnac.livechat.iadvize.com_0.localstorage [3072]
O61 - LFC: 20/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_fnac.livechat.iadvize.com_0.localstorage-journal [3608]
O61 - LFC: 20/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_secure-a.vimeocdn.com_0.localstorage [3072]
O61 - LFC: 20/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_secure-a.vimeocdn.com_0.localstorage-journal [3608]
O61 - LFC: 20/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\chatsync\93\93956356cd890779.dat [3437]
O61 - LFC: 20/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\chatsync\8a\8a1c3a014e2ac5d0.dat [4837]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.bouyguestelecom.fr_0.localstorage [3072]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.bouyguestelecom.fr_0.localstorage-journal [3608]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.laboutique.bouyguestelecom.fr_0.localstorage [3072]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.laboutique.bouyguestelecom.fr_0.localstorage-journal [3608]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.laredoute.fr_0.localstorage [33792]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.laredoute.fr_0.localstorage-journal [16384]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.renouvellement.bouyguestelecom.fr_0.localstorage [4096]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.renouvellement.bouyguestelecom.fr_0.localstorage-journal [4640]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.search.bouyguestelecom.fr_0.localstorage [13312]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.search.bouyguestelecom.fr_0.localstorage-journal [3608]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.espaceclient.bouyguestelecom.fr_0.localstorage [3072]
O61 - LFC: 21/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.espaceclient.bouyguestelecom.fr_0.localstorage-journal [3608]
O61 - LFC: 21/01/2014 - 23:11:30 ----- . (...) -- C:\Users\gold\AppData\Local\Temp\Cookies\index.dat [16384]
O61 - LFC: 21/01/2014 - 23:11:30 ----- . (...) -- C:\Users\gold\AppData\Local\Temp\Fichiers Internet temporaires\Content.IE5\index.dat [32768]
O61 - LFC: 21/01/2014 - 23:11:30 ----- . (...) -- C:\Users\gold\AppData\Local\Temp\History\History.IE5\index.dat [16384]
O61 - LFC: 21/01/2014 - 23:11:30 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Adobe\Acrobat\10.0\JSCache\GlobSettings [24]
O61 - LFC: 21/01/2014 - 23:11:30 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Adobe\Acrobat\10.0\Security\CRLCache\48B76449F3D5FEFA1133AA805E420F0FCA643651.crl [898]
O61 - LFC: 21/01/2014 - 23:11:30 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Adobe\Acrobat\10.0\Security\CRLCache\A9B8213768ADC68AF64FCC6409E8BE414726687F.crl [37213]
O61 - LFC: 21/01/2014 - 23:11:30 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Adobe\Acrobat\10.0\Security\addressbook.acrodata [5486]
O61 - LFC: 21/01/2014 - 23:11:30 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Adobe\Acrobat\10.0\TMDocs.sav [36]
O61 - LFC: 21/01/2014 - 23:11:30 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Adobe\Acrobat\10.0\TMGrpPrm.sav [54]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\bistats.db [77824]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\chatsync\0f\0fcd5c91cb4c62a0.dat [1989]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\chatsync\1a\1a09ad3d6af229fc.dat [1965]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\chatsync\57\5762f254ab10846f.dat [1949]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\chatsync\61\6103687eeb5c3941.dat [2037]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\chatsync\ab\ab5279f0d3ecee7b.dat [1965]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\chatsync\d3\d360f3d542e3b2f4.dat [3149]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\config.xml [15307]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\dc.db [790528]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\eas.db [65536]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\httpfe\cookies.dat [2]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\keyval.db [49152]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\main.db [3870720]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\msn.db [53248]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\qikdb\qik_main.db [28672]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\simcache\streamlist [44]
O61 - LFC: 21/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\benoit.bolzon\statistics.db [53248]
O61 - LFC: 21/01/2014 - 23:15:49 ---A- . (...) -- C:\Users\gold\Downloads\Mobile_Bouyguestelecom_Facture_decembre2013.pdf [143156]
O61 - LFC: 21/01/2014 - 23:15:49 ---A- . (...) -- C:\Users\gold\Downloads\Mobile_Bouyguestelecom_Facture_janvier2014 (1).pdf [124103]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0 [45056]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1 [270336]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_badoo.com_0.localstorage [35840]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_badoo.com_0.localstorage-journal [16384]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.meetic.fr_0.localstorage [3072]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.meetic.fr_0.localstorage-journal [3608]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_fr-fr.facebook.com_0.localstorage [4096]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_fr-fr.facebook.com_0.localstorage-journal [3608]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage [4096]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage-journal [3608]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs [29696]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs-journal [4640]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\PJFPWC2F\macromedia.com\support\flashplayer\sys\#p1.badoocdn.com\settings.sol [85]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\PJFPWC2F\macromedia.com\support\flashplayer\sys\settings.sol [1012]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\PJFPWC2F\p1.badoocdn.com\statf.sol [42]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\PJFPWC2F\player.ooyala.com\auth2.sol [204]
O61 - LFC: 22/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\PJFPWC2F\player.ooyala.com\perf.sol [123]
O61 - LFC: 22/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\MBAM-log-2014-01-22 (22-33-13).txt [2764]
O61 - LFC: 22/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2014-01-22 (20-32-14).txt [2878]
O61 - LFC: 22/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\bistats.db [155648]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\config.xml [14362]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\dc.db [753664]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\eas.db [65536]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\httpfe\cookies.dat [2]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\keyval.db [49152]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\main.db [2686976]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\msn.db [53248]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\qikdb\qik_main.db [28672]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\simcache\streamlist [44]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\kristinnelle\statistics.db [53248]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\shared.xml [90057]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\shared_dynco\dc.db [2375680]
O61 - LFC: 22/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Skype\shared_dynco\dc.db-journal [1297376]
O61 - LFC: 22/01/2014 - 23:15:49 ---A- . (.Malwarebytes Corporation.) -- C:\Users\gold\Downloads\mbam-setup-1.75.0.1300 (1).exe [10285040]
O61 - LFC: 22/01/2014 - 23:15:49 ---A- . (.Malwarebytes Corporation.) -- C:\Users\gold\Downloads\mbam-setup-1.75.0.1300 (2).exe [10285040]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Bookmarks [9937]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak [9937]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Cookies [1281024]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal [16384]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Current Session [79041]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Current Tabs [12180]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT [16]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG [148]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old [148]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000745 [711]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG [0]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old [0]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Favicons [2027520]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal [16384]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\History [1658880]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache [272512]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\History-journal [16384]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Last Session [443787]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Last Tabs [352462]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.pagesjaunes.fr_0.localstorage [10240]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.pagesjaunes.fr_0.localstorage-journal [10832]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.presence-pc.com_0.localstorage [3072]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.presence-pc.com_0.localstorage-journal [3608]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.tomsguide.fr_0.localstorage [3072]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.tomsguide.fr_0.localstorage-journal [3608]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage [6144]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal [3608]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor [327680]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal [16384]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Preferences [185379]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Session Storage\001406.ldb [147]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Session Storage\001408.ldb [10537]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Session Storage\001411.ldb [10726]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Session Storage\001414.ldb [239097]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT [16]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG [277]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old [276]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-001413 [254] =>.Google Inc
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Shortcuts [77824]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal [16384]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3 [1191936]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3-journal [16384]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Top Sites [94208]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal [16384]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity [3522]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Visited Links [131072]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Web Data [520192]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal [16384]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Local State [68413]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom [9634900]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [1371228]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies [6144]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal [2576]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist [135496]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Safe Browsing Download [927784]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist [19504]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist [6952]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [4]
O61 - LFC: 23/01/2014 - 23:11:28 ---A- . (...) -- C:\Users\gold\AppData\Local\d3d9caps64.dat [732]
O61 - LFC: 23/01/2014 - 23:11:30 ----- . (...) -- C:\Users\gold\AppData\Local\Temp\etilqs_6LkoTlsadVE4Qkf [16400]
O61 - LFC: 23/01/2014 - 23:11:30 ----- . (...) -- C:\Users\gold\AppData\Local\Temp\etilqs_aySP010zgOKNlNR [2052]
O61 - LFC: 23/01/2014 - 23:11:30 ----- . (...) -- C:\Users\gold\AppData\Local\Temp\etilqs_vAIMgRay7qm7Jqq [4104]
O61 - LFC: 23/01/2014 - 23:11:30 ----- . (...) -- C:\Users\gold\AppData\Local\Temp\etilqs_yhD6zW7T15zfP8x [4]
O61 - LFC: 23/01/2014 - 23:11:30 ----- . (...) -- C:\Users\gold\AppData\Local\Temp\gold.bmp [31832]
O61 - LFC: 23/01/2014 - 23:11:30 ----- . (...) -- C:\Users\gold\AppData\Local\Temp\preferences [0]
O61 - LFC: 23/01/2014 - 23:11:31 ---A- . (...) -- C:\Users\gold\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2014-01-23 (20-10-38).txt [2]
O61 - LFC: 23/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\ZHP\Log.txt [45060] =>.Nicolas Coolman
O61 - LFC: 23/01/2014 - 23:11:35 ---A- . (...) -- C:\Users\gold\AppData\Roaming\ZHP\TestsZHPDiag.txt [2816] =>.Nicolas Coolman
O61 - LFC: 23/01/2014 - 23:15:44 ---A- . (.Thisisu.) -- C:\Users\gold\Downloads\JRT.exe [1037068]
O61 - LFC: 23/01/2014 - 23:15:49 ---A- . (...) -- C:\Users\gold\Downloads\SFTGC.exe [1052616]
O61 - LFC: 23/01/2014 - 23:15:49 ---A- . (...) -- C:\Users\gold\Downloads\les-pages (1).exe [1772016]
O61 - LFC: 23/01/2014 - 23:15:49 ---A- . (.Nicolas Coolman.) -- C:\Users\gold\Downloads\ZHPDiag2 (1).exe [6864616] =>.Nicolas Coolman
O61 - LFC: 23/01/2014 - 23:15:49 ---A- . (.Nicolas Coolman.) -- C:\Users\gold\Downloads\ZHPDiag2 (2).exe [6864616] =>.Nicolas Coolman
O61 - LFC: 23/01/2014 - 23:15:49 ---A- . (.Nicolas Coolman.) -- C:\Users\gold\Downloads\ZHPDiag2.exe [6864616] =>.Nicolas Coolman
~ 9 Fichiers temporaires (Temporary files)
~ 1 Fichiers cookies (Cookies files)
~ Files: 159 Scanned in 04mn 31s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 04/09/2013 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 18/02/2011 - C:\Windows\System32\DRIVERS\bowser.sys (bowser) .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\CLFS.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\crcdisk.sys (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK
O64 - Services: CurCS - 14/04/2011 - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - 01/08/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - 20/02/2010 - C:\Windows\System32\drivers\HTTP.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - 04/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 21/01/2008 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - 30/04/2009 - C:\Windows\System32\DRIVERS\LVPr2M64.sys (LVPr2M64) .(...) - LEGACY_LVPR2M64
O64 - Services: CurCS - 04/04/2013 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\mountmgr.sys (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - 27/09/2013 - C:\Windows\System32\DRIVERS\MpFilter.sys (MpFilter) .(.Microsoft Corporation - Microsoft antimalware file system filter dr.) - LEGACY_MPFILTER
O64 - Services: CurCS - 21/01/2008 - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\drivers\mrxdav.sys (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\mrxsmb.sys (mrxsmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB
O64 - Services: CurCS - 06/07/2011 - C:\Windows\System32\DRIVERS\mrxsmb10.sys (mrxsmb10) .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\mrxsmb20.sys (mrxsmb20) .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\Drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP) .(.Microsoft Corporation - NativeWiFi Miniport Driver.) - LEGACY_NATIVEWIFIP
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O driver.) - LEGACY_NDISUIO
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\DRIVERS\netbt.sys (netbt) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 27/09/2013 - C:\Windows\System32\DRIVERS\NisDrvWFP.sys (NisDrv) .(.Microsoft Corporation - Microsoft Network Realtime Inspection Drive.) - LEGACY_NISDRV
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\nvraid.sys (nvraid) .(.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - LEGACY_NVRAID
O64 - Services: CurCS - 24/10/2006 - C:\Windows\System32\drivers\peauth.sys (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\rasacd.sys (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\DRIVERS\rdbss.sys (rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\rdpencdd.sys (RDPENCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - 30/09/2006 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\tcpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr) .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR
O64 - Services: CurCS - 18/02/2011 - C:\Windows\System32\DRIVERS\srv.sys (srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srv2.sys (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP
O64 - Services: CurCS - 05/07/2013 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX
O64 - Services: CurCS - 21/01/2008 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX
O64 - Services: CurCS - 21/08/2012 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\DRIVERS\wanarp.sys (Wanarpv6) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6
O64 - Services: CurCS - 27/06/2013 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000
O64 - Services: CurCS - 26/07/2012 - C:\Windows\system32\drivers\Wudfpf.sys (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF
~ Legacy: 77 Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
~ FASS Keys: 13 Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0AD45DEB-0BE6-7F14-ECD5-0CA339790946} [DefaultScope] - (Mysearchdial) - http://start.mysearchdial.com =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {1EF7A1C9-5124-B058-3140-3DBE4A77CDB9} - ({0AD45DEB-0BE6-7F14-ECD5-0CA339790946}) - http://search.babylon.com =>PUP.Babylon
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s
---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [26624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [85504]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [302080]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [49664]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [49664]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [179712]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [719360]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [462848]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [446464]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [98304]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [309760]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [88064]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [61952]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [342016]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [318976]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [547328]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [1081856]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [302080]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [225280]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [28672]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [45056]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [154112]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [37888]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [86528]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [74752]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [855040]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [221696]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll [74752]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [103424]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [178176]
~ Services: 31 Scanned in 00mn 03s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.D832C9C0DA4550168FCE5D9C291D9A6F] [SPRF][04/09/2010] (...) -- C:\ProgramData\ntuser.dat [262144]
[MD5.D71BCA80702FCB793D230906BA7E168C] [SPRF][23/01/2014] (...) -- C:\ProgramData\nvModes.dat [8]
[MD5.C2078692CB33A9E37ED1C0EE3B717EB2] [SPRF][02/12/2013] (...) -- C:\Users\gold\AppData\Local\d3d9caps.dat [8484]
[MD5.96572DC3789EC8CBA61E508A92680F2A] [SPRF][23/01/2014] (...) -- C:\Users\gold\AppData\Local\d3d9caps64.dat [732]
[MD5.03F30C58D3AD81691F3BD28B21413A63] [SPRF][19/03/2011] (...) -- C:\Users\gold\AppData\Local\ilvazdg.bat [90]
[MD5.F0A5B44B9B8A23E2F2950B346B5C7718] [SPRF][23/12/2013] (...) -- C:\Users\gold\AppData\Local\Temp\Quarantine.exe [360051]
[MD5.6911A72591E0B28047F8BD592F5B8CF8] [SPRF][05/12/2013] (...) -- C:\Users\gold\AppData\Roaming\wklnhst.dat [31166]
[MD5.56940B50AB0E5923822F47B0E4463885] [SPRF][26/06/2012] (.Bitdefender LLC - Bitdefender QuickScan.) -- C:\Windows\Downloaded Program Files\qsax.dll [731688]
~ Files: 8 Scanned in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l’autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WinCollab-P2P-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WinCollab-P2P-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WinCollab-Out-UDP" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Collaboration\WinCollab.exe (.not file.)
O87 - FAEL: "WinCollab-In-UDP" |In - Domain - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Collaboration\WinCollab.exe (.not file.)
O87 - FAEL: "WinCollab-Out-TCP" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Collaboration\WinCollab.exe (.not file.)
O87 - FAEL: "WinCollab-In-TCP" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Collaboration\WinCollab.exe (.not file.)
O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "MCX-Prov-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "BITSSVC-RPCSS-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "BITSSVC-RPC-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "BITSSVC-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "BITSSVC-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur DCOM des journaux et alertes de performance.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Serveur DCOM des journaux et alertes de performance.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "{CA6A3407-C77B-4B3E-8FAA-7161E12F78A1}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- c:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe
O87 - FAEL: "{A3F5B87E-29CB-4BC4-8384-FFB33E55D231}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Music Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
O87 - FAEL: "{DC259613-E5D1-481A-9077-49F30334AEAD}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Photo Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
O87 - FAEL: "{E244CA63-E91D-4214-BBB5-00BE1867856D}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Video Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
O87 - FAEL: "{80A62966-C8E3-48FD-88CA-69F78FFE0003}" | In - None - P6 - TRUE | .(.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
O87 - FAEL: "{528EEE31-E43A-4EBC-8A11-29A4214822AA}" | In - None - P6 - TRUE | .(.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
O87 - FAEL: "{40D42EA0-FFF0-44B5-B032-4D03206F32DD}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe (.not file.)
O87 - FAEL: "{BA11140B-753D-42BD-B7A4-0FC3C8791214}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe (.not file.)
O87 - FAEL: "{F0D893C7-1115-4B6D-B940-E09120678E89}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe (.not file.)
O87 - FAEL: "{E0E07615-478E-4FBA-888F-B9B1BF8CEDE7}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe (.not file.)
O87 - FAEL: "{AFDE8804-A831-4665-93E1-B89B3DC6904E}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe (.not file.)
O87 - FAEL: "{5F1B0D42-9D3D-4140-95ED-4E675D721BEA}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDSmart Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
O87 - FAEL: "TCP Query User{E3053A3D-ECB6-4CC2-8F76-BD3D2A7D5996}C:\program files (x86)\activision value\soldier of fortune payback\sof3.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\activision value\soldier of fortune payback\sof3.exe
O87 - FAEL: "UDP Query User{E99BB01D-570D-43A6-A79D-34ACA4D53173}C:\program files (x86)\activision value\soldier of fortune payback\sof3.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\activision value\soldier of fortune payback\sof3.exe
O87 - FAEL: "TelnetServer-TlntSvr-TCP-In" | In - None - P6 - TRUE | .(.Microsoft Corporation - Telnet.) -- C:\Windows\system32\tlntsvr.exe
O87 - FAEL: "TelnetServer-Tlntadmn-RPCSS-EPMAP-In" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "TelnetServer-Tlntadmn-DCOM-In" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "TelnetServer-Tlntadmn-RPC-In" | In - None - P6 - FALSE | .(.Microsoft Corporation - Telnet.) -- C:\Windows\system32\tlntsvr.exe
O87 - FAEL: "TCP Query User{7D939B66-CB9B-4235-ACBF-A99FDAD16864}C:\users\gold\desktop\fichier\program files\emule\emule.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\gold\desktop\fichier\program files\emule\emule.exe (.not file.)
O87 - FAEL: "UDP Query User{836288E2-6DC3-4F76-BFE2-E37AED728134}C:\users\gold\desktop\fichier\program files\emule\emule.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\gold\desktop\fichier\program files\emule\emule.exe (.not file.)
O87 - FAEL: "{A5D36040-75A6-4623-834F-610F4F871361}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "TCP Query User{FD42435E-9E3D-4FE0-BB4B-A657988C096B}C:\program files (x86)\internet explorer\iexplore.exe" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files (x86)\internet explorer\iexplore.exe
O87 - FAEL: "UDP Query User{AD10DAC6-910C-49AE-ABBF-AD7A7F35C4A2}C:\program files (x86)\internet explorer\iexplore.exe" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files (x86)\internet explorer\iexplore.exe
O87 - FAEL: "{B75C8F90-13CA-461B-A920-A01E0D92D60B}" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (.not file.)
O87 - FAEL: "{459107A2-6FEB-4DE4-A56B-68516EC71B95}" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (.not file.)
O87 - FAEL: "{0CF9C051-CB04-4A22-8563-9E5D17C616FA}" |In - Public - P6 - FALSE | .(...) -- C:\Users\gold\AppData\Local\Temp\ImInstaller\incredimail_installer.exe (.not file.)
O87 - FAEL: "{CD234FF9-2FB0-456F-AD44-11394158A086}" |In - Public - P17 - FALSE | .(...) -- C:\Users\gold\AppData\Local\Temp\ImInstaller\incredimail_installer.exe (.not file.)
O87 - FAEL: "{1046F800-CFA0-4C7B-954F-4A727A7A86BE}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O87 - FAEL: "{08393F88-6532-40E1-B79A-909CBE875044}" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe (.not file.)
O87 - FAEL: "{6F187094-9088-4F06-8972-448546CB0DA1}" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe (.not file.)
O87 - FAEL: "{09B2EAB7-ABD8-4171-BD13-8D97682CF08C}" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe (.not file.)
O87 - FAEL: "{F68751A7-1CC4-4711-8D84-8DC61943E40F}" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe (.not file.)
O87 - FAEL: "{E2F8E11C-C054-42CB-9FE8-E6858A40C01E}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "{06E19CEF-8D95-49A0-AFD8-625AC73B35F8}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "{D83422CD-AB77-4884-9D72-DD624EB10960}" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "{F721B77A-3548-49B1-9BDC-D62703AA8AE0}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "{BD6E1F40-83AE-497E-965C-2CB923779220}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "{E2CFC844-89BF-4FEA-A920-3B1889932152}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "{E799E4F0-BF2C-4498-AC0F-57F6C8462A08}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "{220786C6-F3B0-4D3E-BCE3-4FBD03380AC6}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "{E71E4D1B-BD78-443C-BD45-398C5F82D2DE}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "TCP Query User{33EF3692-FEB9-436C-AB6E-7680931C1CA2}C:\program files (x86)\emule\emule.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\emule\emule.exe (.not file.)
O87 - FAEL: "UDP Query User{4DC4B03F-9B81-40B7-A59B-AA7F76F75A70}C:\program files (x86)\emule\emule.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\emule\emule.exe (.not file.)
O87 - FAEL: "{39571394-93D1-4AD4-BEEF-B83EBCAC3380}" | In - None - P17 - TRUE | .(.Hewlett-Packard - HP Update Client.) -- C:\Program Files (x86)\HP\hp software update\hpwucli.exe =>.Hewlett-Packard Co
O87 - FAEL: "TCP Query User{44D62C7D-CA4C-42DF-87E9-C60DECA447D4}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\symantec\norton online backup\nobuclient.exe (.not file.) =>.Symantec Corporation
O87 - FAEL: "UDP Query User{2BD99E11-98FB-488D-8723-D383D3611EE8}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\symantec\norton online backup\nobuclient.exe (.not file.) =>.Symantec Corporation
O87 - FAEL: "{58A389B4-DD86-44D5-A363-89BB380B2BF2}" |In - Public - P6 - TRUE | .(...) -- C:\Users\gold\AppData\Local\Temp\7zS6952.tmp\SymNRT.exe (.not file.)
O87 - FAEL: "{AFCF6B07-A69C-42B0-87F5-89EA83E69B62}" |In - Public - P17 - TRUE | .(...) -- C:\Users\gold\AppData\Local\Temp\7zS6952.tmp\SymNRT.exe (.not file.)
O87 - FAEL: "TCP Query User{D42E5E5D-5DAC-422C-9F4C-4E81C827BB34}C:\program files (x86)\google\google earth\client\googleearth.exe" | In - Public - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files (x86)\google\google earth\client\googleearth.exe =>.Google Inc
O87 - FAEL: "UDP Query User{7EF37D38-4CE5-4B41-BC89-C82BEC199CFA}C:\program files (x86)\google\google earth\client\googleearth.exe" | In - Public - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files (x86)\google\google earth\client\googleearth.exe =>.Google Inc
O87 - FAEL: "TCP Query User{7482AFCA-7850-4A67-9FD9-5A0EDA31A9A1}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\videolan\vlc\vlc.exe
O87 - FAEL: "UDP Query User{44BAC0AB-98F1-4A71-8330-2C3999C511A4}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\videolan\vlc\vlc.exe
O87 - FAEL: "{9EFE26BA-E098-4A05-8277-6473E1A2BF2D}" | In - Public - P6 - TRUE | .(.Logitech Inc. - Logitech Vid HD.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
O87 - FAEL: "{CCEC3D0F-82D1-4CE5-A963-47248252C5F1}" | In - Public - P17 - TRUE | .(.Logitech Inc. - Logitech Vid HD.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
O87 - FAEL: "{2CAD57D0-1BC6-406E-A5F8-A70449E67F73}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.exe =>.Microsoft Corporation
O87 - FAEL: "{C589C173-9EFA-4894-9411-ADC5343FBD92}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.exe =>.Microsoft Corporation
O87 - FAEL: "{A40C6375-2236-404C-B4FC-06C5E4DCF594}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files (x86)\Microsoft Office\Office14\outlook.exe
O87 - FAEL: "TCP Query User{E2A553F5-DC93-4756-B1B1-E13324C8F0F9}C:\program files (x86)\google\google earth\plugin\geplugin.exe" | In - Public - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files (x86)\google\google earth\plugin\geplugin.exe =>.Google Inc
O87 - FAEL: "UDP Query User{8F5ADE53-B640-490C-92D0-9D3876DB04B8}C:\program files (x86)\google\google earth\plugin\geplugin.exe" | In - Public - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files (x86)\google\google earth\plugin\geplugin.exe =>.Google Inc
O87 - FAEL: "TCP Query User{238DBFE5-4D2A-4495-9BE8-343361382D5F}C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe (.not file.)
O87 - FAEL: "UDP Query User{6B186B4B-3B8C-42D9-8DFC-4EFD80D5A189}C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe (.not file.)
O87 - FAEL: "{447057D9-9DA3-4EBB-9076-5ECFAAF2779F}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
O87 - FAEL: "{585BDFFD-A2B7-43DA-A6A9-72D8215CD4B1}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{58A29927-85C5-41FC-9FED-3294C302DAB9}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{55C05FFB-5A55-48AB-A545-EC862B7AA027}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{087C5737-760A-4D05-BA84-1D989A05CE35}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{281B6B59-568F-4BFA-AB82-F071FE584877}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\expressdl.exe (.not file.) =>Adware.ExpressFiles
O87 - FAEL: "{A56F4372-99BA-4B80-B2BE-726B6739C76F}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\expressdl.exe (.not file.) =>Adware.ExpressFiles
O87 - FAEL: "{19822EBE-CD3E-4EB5-B534-654AEC0B6568}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe (.not file.) =>Adware.ExpressFiles
O87 - FAEL: "{F3D11EBF-FC41-4CB9-BC86-EFC315E152A1}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe (.not file.) =>Adware.ExpressFiles
O87 - FAEL: "{F7A7A3BA-ADFA-4A28-90F1-EE38B8D517CA}" | In - None - P6 - FALSE | .(.Microsoft Corporation - SMSvcHost.exe.) -- c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
O87 - FAEL: "{856F05A9-0A24-41F5-BA19-D5787421AF67}" | In - Public - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O87 - FAEL: "{8620CA37-591F-401D-B42D-CEB75B27D352}" | In - Public - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O87 - FAEL: "{529065FC-528F-47DF-BF79-48850F7508E2}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Iminent\Iminent.exe (.not file.) =>Adware.IMBooster
O87 - FAEL: "{39CA13B2-F620-4AB4-B732-7553D5F3B516}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (.not file.) =>Adware.IMBooster
O87 - FAEL: "{0F247E9D-B4A1-40E2-B81E-A5EE832EDC39}" |In - Public - P6 - TRUE | .(...) -- C:\ProgramData\eSafe\eGdpSvc.exe (.not file.) =>PUP.eSafeSecurity
O87 - FAEL: "{F408756B-2820-47BA-BB09-0AE64A758AB2}" | In - None - P6 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe
O87 - FAEL: "TCP Query User{6424B907-9483-4424-AB7E-FAB4F3BF97F2}C:\users\gold\documents\bolzon\desktop\fichier\program files\emule\emule.exe" | In - Public - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\users\gold\documents\bolzon\desktop\fichier\program files\emule\emule.exe
O87 - FAEL: "UDP Query User{26EFC76C-BCF1-49F5-BF33-6283E63BCDE5}C:\users\gold\documents\bolzon\desktop\fichier\program files\emule\emule.exe" | In - Public - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\users\gold\documents\bolzon\desktop\fichier\program files\emule\emule.exe
O87 - FAEL: "{62E5B17E-2CF2-4751-8752-13874910EFAE}" | In - Public - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe
O87 - FAEL: "{FF10FC70-15E2-4B59-BEBC-B9EDE7FF665B}" | In - Public - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe
~ Firewall: 248 Scanned in 00mn 03s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "000021090200C0400000000000F01FEC" . (.Module de compatibilité pour Microsoft Office System 2007.) -- C:\Windows\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe
O90 - PUC: "00002159FA00C0400000000000F01FEC" . (.Microsoft Office PowerPoint Viewer 2007 (French).) -- C:\Windows\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe,0 =>.Microsoft Corporation
O90 - PUC: "098990BCF5D15D11E99A0005AB3E711E" . (.PowerDirector.) -- c:\Windows\Installer\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\ARPPRODUCTICON.exe
O90 - PUC: "098CCE33084C42149BB5AB630E521B02" . (.FrameFox Extensions 1.0.7.0.) -- C:\Windows\Installer\{33ECC890-C480-4124-B95B-BA36E025B120}\FrameFox.ico =>PUP.FrameFox
O90 - PUC: "168061B30527E1545BEEB829FB037A01" . (.Microsoft Works.) -- C:\Windows\Installer\{3B160861-7250-451E-B5EE-8B92BF30A710}\MSWorks.exe
O90 - PUC: "24E34A3785639DD45815AFDC3A365283" . (.HP Advisor.) -- c:\Windows\Installer\{73A43E42-3658-4DD9-8551-FACDA3632538}\ARPPRODUCTICON.exe
O90 - PUC: "2B0163E6D0340BE4183EB2758E9BEDD8" . (.Bonjour.) -- C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\Bonjour.ico
O90 - PUC: "2CE0460AE79B1CF4DA4122C7E983B64B" . (.HP Recovery Manager RSS.) -- C:\Windows\Installer\{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}\ARPPRODUCTICON.exe
O90 - PUC: "345F8E2DA32D83A4FACFB4EDFBABF6AD" . (.HP MediaSmart SmartMenu.) -- c:\Windows\Installer\{D2E8F543-D23A-4A38-AFFC-4BDEBFBA6FDA}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "38E1FB04BE028D11795C00905C206085" . (.Power2Go.) -- c:\Windows\Installer\{40BF1E83-20EB-11D8-97C5-0009C5020658}\ARPPRODUCTICON.exe
O90 - PUC: "3DF3FD4D7644FE74D8A4FAE196E1435F" . (.Logitech Webcam Software.) -- C:\Windows\Installer\{D4DF3FD3-4467-47EF-8D4A-AF1E691E34F5}\ARPPRODUCTICON.exe =>.Logitech Inc
O90 - PUC: "42C6FBF1DF1C10144AB2C065F4E9E897" . (.PowerStarter.) -- c:\Windows\Installer\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\ARPPRODUCTICON.exe
O90 - PUC: "482AA67AD25E6E74E9F48BD5FBE8533C" . (.IMinent Toolbar.) -- C:\Documents and Settings\CATA\My Documents\My Received Files\icon.ico =>Adware.IMBooster
O90 - PUC: "5529FA197D10C8F469B0ACF2C4E8C799" . (.Logitech QuickCapture Gadget.) -- C:\Windows\Installer\{91AF9255-01D7-4F8C-960B-CA2F4C8E7C99}\ARPPRODUCTICON.exe
O90 - PUC: "56A9756CEAC913B4B8B633600E36A066" . (.Apple Software Update.) -- C:\Windows\Installer\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}\Installer.ico =>.Apple Inc
O90 - PUC: "5A440F64B8EC691489E4B56D25E563D1" . (.Apple Application Support.) -- C:\Windows\Installer\{46F044A5-CE8B-4196-984E-5BD6525E361D}\WinInstall.ico
O90 - PUC: "68AB67CA7DA746454382090000000040" . (.Spelling Dictionaries Support For Adobe Reader 9.) -- C:\Windows\Installer\{AC76BA86-7AD7-5464-3428-900000000004}\ARPPRODUCTICON.exe
O90 - PUC: "68AB67CA7DA76301B744AA0100000010" . (.Adobe Reader X (10.1.9) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O90 - PUC: "6EA72AD506440834ABCBBB971E1D908D" . (.Ma-Config.com (64 bits).) -- C:\Windows\Installer\{5DA27AE6-4460-4380-BABC-BB79E1D109D8}\maconfico
O90 - PUC: "7692FC6BE18C0C0489510C7547EF1F02" . (.Skype Click to Call.) -- C:\Windows\Installer\{B6CF2967-C81E-40C0-9815-C05774FEF120}\IconUninstallIco
O90 - PUC: "7E31197DC472B074DB64101B2091FDA6" . (.HPPhotosmartEssential.) -- C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\ARPPRODUCTICON.exe
O90 - PUC: "86DA14F42F9826243AC2F2070BF1ECE9" . (.Photorécit 3 pour Windows.) -- C:\Windows\Installer\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}\PhotoStory3_ICON
O90 - PUC: "970DACCDC29FAD442B8526F46C15A7A5" . (.MediaSmart DVD.) -- c:\Windows\Installer\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\ARPPRODUCTICON.exe
O90 - PUC: "9B52EE2B00B5FCA4490F2934C3823CE9" . (.HP.) -- c:\Windows\Installer\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\ARPPRODUCTICON.exe
O90 - PUC: "9F2FDFE0D6387BE43AD230B83D1FBFA2" . (.Security Update for CAPICOM (KB931906).) -- C:\Windows\Installer\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}\folder.ico
O90 - PUC: "A28B4D68DEBAA244EB686953B7074FEF" . (.Ask Toolbar.) -- C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe =>Toolbar.Ask
O90 - PUC: "ABFAB76BF9C4AF84496939E3B3520544" . (.QuickTime.) -- C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\Installer.ico
O90 - PUC: "ADA8B8ABF48097F40AACE6850A087849" . (.FlashPlayer.) -- C:\Windows\Installer\{BA8B8ADA-084F-4F79-A0CA-6E58A0808794}\_112D608FD02CD87FDC7735.exe
O90 - PUC: "B1C4F5CE838F7BC45816F808296924B8" . (.TomTom HOME.) -- C:\Windows\Installer\{EC5F4C1B-F838-4CB7-8561-8F809296428B}\ARPPRODUCTICON.exe
O90 - PUC: "B506D6D57B4EB0947A492948CBD3A2B8" . (.Driver Detective.) -- C:\Windows\Installer\{5D6D605B-E4B7-490B-A794-9284BC3D2A8B}\ARPPRODUCTICON.exe
O90 - PUC: "B846977CE014ABB47BB58551CBFE7ED1" . (.Safari.) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\Installer.ico
O90 - PUC: "B9B0B7844DCDD044980A6ADE1E5A543A" . (.HPSSupply.) -- C:\Windows\Installer\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}\ARPPRODUCTICON.exe
O90 - PUC: "C971C95CD8669A946BAE1012CCCF2134" . (.LabelPrint.) -- c:\Windows\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe
O90 - PUC: "CDD2E27F8BD309142AD13688D359F57E" . (.PSSWCORE.) -- C:\Windows\Installer\{F72E2DDC-3DB8-4190-A21D-63883D955FE7}\ARPPRODUCTICON.exe
O90 - PUC: "D366E3D3E7E477545A06E7DCDD5445A8" . (.PVSonyDll.) -- C:\Windows\Installer\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "DAEC106DF4E2BBB458CC2CA9C46E3A0C" . (.iTunes.) -- C:\Windows\Installer\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}\Installer.ico
O90 - PUC: "DCBDCDC5A9111EA4C9558B61BDEB2454" . (.Iminent.) -- C:\Windows\Installer\{5CDCDBCD-119A-4AE1-9C55-B816DBBE4245}\imbooster.ico =>Adware.IMBooster
O90 - PUC: "E6EBDF634866B264EA89A9931A2B00CC" . (.HP Product Assistant.) -- C:\Windows\Installer\{36FDBE6E-6684-462B-AE98-9A39A1B200CC}\ARPPRODUCTICON.exe
O90 - PUC: "E78D5FE2DB7BF85448824E0D8B4B6EC5" . (.Apple Mobile Device Support.) -- C:\Windows\Installer\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}\Installer.ico
O90 - PUC: "E7FF67E4ABEA78C47B88DC745E24B5D9" . (.Skype™ 6.11.) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O90 - PUC: "F097867CBF400E11B9C200A10A730BE1" . (.Google Earth.) -- C:\Windows\Installer\{C768790F-04FB-11E0-9B2C-001AA037B01E}\ARPPRODUCTICON.exe
O90 - PUC: "F4015DDD44C1BE94E9B692CED57256B8" . (.HP Update.) -- C:\Windows\Installer\{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}\ARPPRODUCTICON.exe
O90 - PUC: "F6071111A6667304777712318267D401" . (.JavaFX 2.1.1.) -- C:\Windows\Installer\{1111706F-666A-4037-7777-211328764D10}\javaIcon.ico
O90 - PUC: "F98F5920896F1014A9D7944F70CED228" . (.HP Active Support Library.) -- c:\Windows\Installer\{0295F89F-F698-4101-9A7D-49F407EC2D82}\ARPPRODUCTICON.exe
~ Update Products: 169 Scanned in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.FDEA8EE9849DCCBC27C96AA655D85278] [WIS][05/12/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\179b106.msi [1634304]
[MD5.C51BFAADA67ADD8DC4DF95300365A67A] [WIS][16/01/2013] (.Ask.com - Blank Project Template.) -- C:\Windows\Installer\1b7b245.msi [2291712]
[MD5.539DB74B672269281D1BE7EFA50B2506] [WIS][07/08/2013] (.PC Drivers HeadQuarters - Driver Detective.) -- C:\Windows\Installer\28afd04.msi [5957632]
[MD5.219888F1443B8B35DB6D98FD5769F443] [WIS][03/02/2012] (.Edilingua - Progetto Italiano 2.) -- C:\Windows\Installer\29b10a.msi [1166848]
[MD5.57C30F4E1F2C169CF2E17E6E12EF29E6] [WIS][02/03/2013] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\3a433.msi [24576] =>Adware.Boxore
[MD5.47A7F162CCFA08DEABFA38D0B25565AA] [WIS][29/01/2011] (.Edilingua - Progetto Italiano 1.) -- C:\Windows\Installer\3c821e.msi [870400]
[MD5.DB250E4C3C3D13512789FA1EA8BA2C42] [WIS][16/11/2013] (.QwertyBox Team - FrameFox Extensions 1.0.7.0 Setup.) -- C:\Windows\Installer\4ec52d.msi [219136] =>PUP.FrameFox
[MD5.0D79C6746473B730DA75A0EEBABD348D] [WIS][18/08/2009] (.Kodak EasyShare software - Kodak EasyShare software.) -- C:\Windows\Installer\6b285.msi [291840]
[MD5.CA11EB174D715B78602B6C5B73CC8321] [WIS][07/08/2013] (.Iminent - Iminent.) -- C:\Windows\Installer\8627b.msi [1791488] =>Adware.IMBooster
[MD5.4F00B281961BE89E2C2A718961F42C83] [WIS][05/10/2012] (.Skype Technologies S.A. - Skype Click to Call.) -- C:\Windows\Installer\927946.msi [1188352]
[MD5.0790C56747FAE657C0FD83E50F5312F8] [WIS][05/04/2011] (.IMinent - IMinent Toolbar.) -- C:\Windows\Installer\d41434.msi [206336] =>Adware.IMBooster
[MD5.0C436759EF9A5ACD95FEACC37BF7DAC8] [WIS][18/08/2009] (.eSupportQFolder - eSupportQFolder.) -- C:\Windows\Installer\ee20f.msi [121344]
[MD5.87DAE880F4BF29A60F1D7DC2E82966DA] [WIS][18/08/2009] (.DeviceManagementQFolder - DeviceManagementQFolder.) -- C:\Windows\Installer\ee229.msi [121344]
[MD5.763351CD1D5486161EBC1C9FE87FAF96] [WIS][18/08/2009] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\ee23b.msi [646656]
[MD5.5818E8653444717C96A2DB678507977E] [WIS][18/08/2009] (.CustomerResearchQFolder - CustomerResearchQFolder.) -- C:\Windows\Installer\ee261.msi [121344]
[MD5.3A9797EF337CDF8617CD28EEAD541A49] [WIS][18/08/2009] (.DocumentViewerQFolder - DocumentViewerQFolder.) -- C:\Windows\Installer\ee271.msi [121344]
~ WIS: 173 Scanned in 00mn 06s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 15/01/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 17/07/2009 250616 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
SS - | Auto 04/12/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/12/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 22/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 03/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 02/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Auto 25/02/2013 1260320 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SS - | Demand 02/02/2009 23536 | (PCDSRVC{F36B3A4C-F95654BD-06000000}_0) . (.PC-Doctor, Inc..) - c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 21/01/2008 27648 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 21/01/2008 27648 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SR - | Auto 04/12/2008 94208 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Demand 21/01/2008 27648 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 27648 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 17/12/2013 46904 | (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
SR - | Auto 30/04/2009 190488 | (LVPrcS64) . (.Logitech Inc..) - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
SR - | Auto 08/01/2014 2768720 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 23/10/2013 23808 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 21/01/2008 27648 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 01/10/2012 69640 | (nlsX86cc) . (.Nalpeiron Ltd..) - C:\Windows\SysWOW64\NLSSRV32.exe
SR - | Auto 01/05/2009 381984 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 21/01/2008 27648 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2009 247152 | (RichVideo) . (...) - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
SR - | Auto 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SR - | Auto 12/02/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SR - | Auto 21/01/2008 27648 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 08s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by gold at 23/01/2014 23:17:15
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by gold at 23/01/2014 23:17:17
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 13024 - (17/01/2014)
Clés trouvées (Keys found) : 45
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 6
Fichiers trouvés (Files found) : 11
[HKLM\Software\Google\Chrome\Extensions\kbjlipmgfoamgjaogmbihaffnpkpjajp] =>PUP.BubbleDock^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilvazdg] =>Adware.Favorit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BA8B8ADA-084F-4F79-A0CA-6E58A0808794}] =>PUP.VAFPlayer^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\VuuPC Packages] =>PUP.VuuPC^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A3B277D2-6D43-4E78-8D73-6DA4370D689D}_is1] =>Adware.SocialSkinz^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\PC Cleaner] =>USP.PCCleaner^
[HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Classes\Installer\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKCU\Software\DM] =>PUP.BearShare
[HKLM\Software\Wow6432Node\VBMZ] =>Toolbar.Conduit
[HKLM\Software\Classes\Installer\Features\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Classes\Installer\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate] =>PUP.DealPly
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKCU\Software\Classes\MF] =>PUP.MediaFinder
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask
[HKLM\Software\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}] =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:fst_fr_9 =>PUA.FSTfr9^
C:\Users\gold\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbjlipmgfoamgjaogmbihaffnpkpjajp =>PUP.BubbleDock^
C:\Users\gold\AppData\Roaming\Mozilla\Firefox\Profiles\oboqkui3.default\extensions\crossriderapp2258@crossrider.com =>PUP.CrossRider^
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\Users\gold\AppData\Roaming\PC Cleaner =>USP.PCCleaner^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaner =>USP.PCCleaner
C:\Users\gold\AppData\Local\Software =>Adware.Boxore
[HKCU\Software\AppDataLow\Software\Softonic.fr] =>Toolbar.Conduit^
[HKCU\Software\AppDataLow\Software\electroLyrics] =>Adware.AddLyrics^
[HKCU\Software\PC Cleaner] =>USP.PCCleaner^
[HKLM\Software\Wow6432Node\MajEoRezo] =>PUP.Eorezo^
C:\Windows\Installer\3a433.msi =>Adware.Boxore^
C:\Windows\Installer\4ec52d.msi =>PUP.FrameFox^
C:\Windows\Installer\8627b.msi =>Adware.IMBooster^
C:\Windows\Installer\d41434.msi =>Adware.IMBooster^
C:\Users\gold\Downloads\flvmplayer.exe =>PUP.Offerware
C:\Users\gold\Downloads\SaveAs.exe =>PUP.Offerware
C:\Windows\Reimage.ini =>Rogue.ReimageRepair
~ Additionnel Scan: 490231 Items scanned in 00mn 26s
---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/31746142-toolbar-bubbledock =>Toolbar.BubbleDock
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/26631242-hijacker-qvo6 =>Hijacker.Qvo6
~ http://nicolascoolman.webs.com/apps/blog/show/34014358-pua-fstfr9 =>PUA.FSTfr9
~ http://nicolascoolman.webs.com/apps/blog/show/27469224-pup-eorezo =>PUP.EoRezo
~ http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop =>Adware.Lollipop
~ http://nicolascoolman.webs.com/apps/blog/show/29439557-adware-favorit =>Adware.Favorit
~ http://nicolascoolman.webs.com/apps/blog/show/30392620-pup-vafplayer =>PUP.VAFPlayer
~ http://nicolascoolman.webs.com/apps/blog/show/33388048-pup-vuupc =>PUP.VuuPC
~ http://nicolascoolman.webs.com/apps/blog/show/27480243-adware-socialskinz =>Adware.SocialSkinz
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics =>Adware.AddLyrics
~ http://nicolascoolman.webs.com/apps/blog/show/29956939-usp-pccleaner =>USP.PCCleaner
~ http://nicolascoolman.webs.com/apps/blog/show/37752731-pup-duuqu =>PUP.Duuqu
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/26753274-adware-expressfiles =>Adware.ExpressFiles
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/27588628-pup-esafesecurity =>PUP.eSafeSecurity
~ http://nicolascoolman.webs.com/apps/blog/show/32789922-pup-framefox =>PUP.FrameFox
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ http://nicolascoolman.webs.com/apps/blog/show/26705717-pup-bearshare =>PUP.BearShare
~ http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply =>PUP.DealPly
~ http://nicolascoolman.webs.com/apps/blog/show/28445531-pup-mediafinder =>PUP.MediaFinder
~ http://nicolascoolman.webs.com/apps/blog/show/27332348-pup-offerware =>PUP.Offerware
~ http://nicolascoolman.webs.com/apps/blog/show/26633218-rogue-reimagerepair =>Rogue.ReimageRepair
~ MSI: 29 link(s) detected in 00mn 27s
End of the scan (2268 lines in 07mn 16s)(0)