cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.5.17.49 - Nicolas Coolman (17/05/2015)
~ Lancé par Pierre (21/05/2015 16:24:21)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 38.0.1 (Defaut)
GCIE: Google Chrome v42.0.2311.152

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows Operating System - Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : WQD8Q
Windows License : OK
Windows Automatic Updates : OK
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 2.0.3.1025
Microsoft Security Client v4.8.0204.0
McAfee Security Scan Plus v3.8.141.11

---\\ Logiciels d'optimisation du système
CCleaner v4.14

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI
Adobe Reader X
Java 7 Update 17

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 11, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3070 MB (33% free)
System Restore: Activé (Enable)
System drive C: has 49 GB (16%) free of 287 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-PIERRE
~ User Name: Pierre
~ All Users Names: Pierre, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Pierre\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Pierre\AppData\Roaming\
~ %Desktop% : C:\Users\Pierre\Desktop\
~ %Favorites% : C:\Users\Pierre\Favorites\
~ %LocalAppData% : C:\Users\Pierre\AppData\Local\
~ %StartMenu% : C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 49 Go of 287 Go)
D: Hard drive, Flash drive, Thumb drive (Free 0 Go of 11 Go)
E: CD-ROM drive (Not Inserted)
F: Hard drive, Flash drive, Thumb drive (Free 152 Go of 932 Go)
G: CD-ROM drive (Free 0 Go of 1 Go)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Free 0 Go of 7 Go)
L: Hard drive, Flash drive, Thumb drive (Free 207 Go of 465 Go)
M: Floppy drive, Flash card reader, USB Key (Not Inserted)
N: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: Modified
~ Security Center: 50 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\WINDOWS\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\WINDOWS\System32\Wininit.exe [96768]
[MD5.E38E89A0939A42F5EE4292DFC48772DF] - (.Microsoft Corporation - Internet Extensions for Win32.) (.10/04/2015 - 16:20:33.) -- C:\WINDOWS\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\WINDOWS\System32\Winlogon.exe [314368]
[MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:53:22.) -- C:\WINDOWS\system32\Drivers\AFD.sys [273408]
[MD5.2D9C903DC76A66813D350A562DE40ED9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.21/01/2008 - 03:23:00.) -- C:\WINDOWS\system32\Drivers\atapi.sys [21560]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\WINDOWS\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\WINDOWS\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\WINDOWS\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\WINDOWS\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\WINDOWS\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 0/0
~ Mes musiques (My Musics) : 0/0
~ Mes Favoris (My Favorites) : 1/418
~ Mes Documents (My Documents) : 20/9629
~ Mon Bureau (My Desktop) : 1/1139
~ Menu demarrer (Programs) : 1/34
~ Hidden Files: Scanned in 00mn 02s



---\\ Processus lancés
[MD5.9A4322EE420D6FACD4D4B1FF6CB856B1] - (.Hewlett-Packard Company - hpsysdrv.) -- C:\hp\support\hpsysdrv.exe [65536] [PID.2576]
[MD5.731F68141C806BD2359FD878CD05C929] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [182808] [PID.2584]
[MD5.3E04F1E482357B1FC8B088197C3D9FF8] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152] [PID.2640]
[MD5.16AFB34618E1286FF856DC600AC49C79] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968] [PID.2668]
[MD5.845A4F50702714950804D6BD428083C1] - (.Western Digital Technologies, Inc. - WD Drive Utilities Helper.) -- C:\Program Files\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264] [PID.2680]
[MD5.D5EF7200A3A5ABEC815D0D612C473DD7] - (.Western Digital Technologies, Inc. - WD Drive Auto Unlock.) -- C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694048] [PID.2780]
[MD5.E84F189BE4353A47EBF063D8EA3C4B63] - (.Western Digital Technologies, Inc. - WD Quick View.) -- C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe [5562736] [PID.3008]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\WINDOWS\ehome\ehtray.exe [125952] [PID.3196]
[MD5.DFB13D3470844B6770FFB87DFC9FD340] - (.Orange - MailNotifier.) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe [884744] [PID.3400]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.3976]
[MD5.EB768C5F74F2C5CC7B1405D4289FA9E0] - (.Pas de propriétaire - lludluud.) -- C:\ProgramData\Irpioooa\1.0.1.0\lludluud.exe [156160] [PID.1352]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.5844]
[MD5.C1DCF54DA67BA34970C1F9A139F7302B] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [812872] [PID.5688]
[MD5.51CFFD7BBFEA2F7316C560DCC4479759] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8209408] [PID.4784]
[MD5.CC09BB7FDEFC5763CCB3CF7DAE2D76CF] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216] [PID.904]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1232]
[MD5.2486C8E3F14496341E90CF2AB8BC82ED] - (...) -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe [102400] [PID.432]
[MD5.4C72FDD915D62EAEF149BD9C73AB9CF4] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.480]
[MD5.F518545E5B7623AD49ABE7F8776EFA46] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.992]
[MD5.9C0FF1D605A676B24B092B833C003763] - (...) -- C:\Users\Pierre\AppData\Roaming\1714517C-1432043086-11DD-8439-4567760555A6\hnsl1644.tmp [193024] [PID.2204]
[MD5.1117AF8C53AA278A4C5B7EF1B00E08F4] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [354840] [PID.2328]
[MD5.8715A0D10CFFC8DEE923957F07DAA042] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe [244040] [PID.2836]
[MD5.5366FC5FAD5DFEFC8432BA148DEC9275] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [484888] [PID.2936]
[MD5.5628367FD57DA2153FD0A6CEF3B6211D] - (...) -- C:\Users\Pierre\AppData\Roaming\1714517C-1432043086-11DD-8439-4567760555A6\jnsqFA0B.tmp [245760] [PID.3148]
[MD5.2E742EAD7E1B290CED554E30F69F5C1E] - (.Western Digital Technologies, Inc. - WD Drive Service.) -- C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe [296312] [PID.3208]
[MD5.522C225D243F3B2B440B6F1A0CE8EF36] - (.Useful Technology - BreakingNewsAlert Service.) -- C:\ProgramData\YlprdGkQbM\aOtCjxCcX.exe [2731488] [PID.3624] =>PUP.BreakingNewsAlert
[MD5.2F0339FCE51257F5930357F1DEE2D39E] - (.Western Digital Technologies, Inc. - WD Backup Engine.) -- C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808] [PID.3744]
[MD5.C108DC20ACE05072350DBB6934E277FB] - (.Microsoft Corporation - wpffontcache_v0400.exe.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [772296] [PID.4792]
[MD5.CB383AB0B8BA871D893B86D3C9A3ED9F] - (.Hewlett-Packard - HP Health Check Service.) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208] [PID.3060]
[MD5.446382E9398D97B2161A91253C9CC075] - (...) -- C:\Users\Pierre\AppData\Roaming\1714517C-1432043086-11DD-8439-4567760555A6\nseC36B.tmp [188416] [PID.4584]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 11 Legitimates Filtered in 00mn 06s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
~ Firefox Browser: 45 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
~ IE Browser: 18 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (20)
~ Hosts File: Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: barre d'outils Orange - [HKLM]{c9a6357b-25cc-4bcf-96c1-78736985d412} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\System32\mscoree.dll =>.Microsoft Corporation
O3 - Toolbar: (no name) - [HKLM]{b9f21ea9-63b9-4054-bbb7-2501e8661019} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D3028143-6145-4318-99D3-3EDCE54A95A9} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{A8F9752D-E2B8-4E7A-86B5-499F4330E2FE} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Pierre]: Continue Live Installation.lnk . (...) -- C:\Users\Pierre\AppData\Local\Temp\ICReinstall_nso6ED5.tmp \RR (.not file.) =>PUP.ContinueLiveInstallation
~ Global Startup: 1 Legitimates Filtered in 00mn 01s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard Company - hpsysdrv.) -- c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [DivXMediaServer] . (.DivX, LLC - DivX Media Server Launcher.) -- C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Run: [DriveUtilitiesHelper] . (.Western Digital Technologies, Inc. - WD Drive Utilities Helper.) -- C:\Program Files\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
O4 - HKLM\..\Run: [WD Drive Unlocker] . (.Western Digital Technologies, Inc. - WD Drive Auto Unlock.) -- C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe =>.Western Digital Technologies
O4 - HKLM\..\Run: [WD Quick View] . (.Western Digital Technologies, Inc. - WD Quick View.) -- C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe =>.Western Digital Technologies
O4 - HKLM\..\Run: [Onboard] . (.Western Digital Technologies, Inc. - WD Backup Task.) -- C:\Program Files\Western Digital\WD SmartWare\BackupTask.exe
O4 - HKLM\..\RunOnce: [Update] C:\Users\Pierre\AppData\Roaming\VOPackage\VOPackage.exe (.not file.) =>Adware.Downware
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_1B6BDCC85720E2E938097F32AEDD4177] C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (.not file.) =>PUP.CrossBrowser
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-21-3184505713-2099723619-839545839-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3184505713-2099723619-839545839-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-3184505713-2099723619-839545839-1000\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe
O4 - HKUS\S-1-5-21-3184505713-2099723619-839545839-1000\..\Run: [GoogleChromeAutoLaunch_1B6BDCC85720E2E938097F32AEDD4177] C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (.not file.) =>PUP.CrossBrowser
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: Garmin Communicator Plug-In (Garmin Communicator Plug-In) - https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{39B65FEB-9836-41DC-9E6B-77ED0EB01F21}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{39B65FEB-9836-41DC-9E6B-77ED0EB01F21}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{39B65FEB-9836-41DC-9E6B-77ED0EB01F21}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: aOtCjxCcX (aOtCjxCcX) . (.Useful Technology - BreakingNewsAlert Service.) - C:\ProgramData\YlprdGkQbM\aOtCjxCcX.exe =>PUP.BreakingNewsAlert
O23 - Service: Prescan Format (cycyvysu) . (...) - C:\Users\Pierre\AppData\Roaming\1714517C-1432043086-11DD-8439-4567760555A6\nseC36B.tmp
O23 - Service: Mathematical Calculation Alt Key (hodufije) . (...) - C:\Users\Pierre\AppData\Roaming\1714517C-1432043086-11DD-8439-4567760555A6\hnsl1644.tmp
O23 - Service: Infonaut 1.10.0.14 Client Service (insvc_1.10.0.14) . (...) - C:\Program Files\Infonaut_1.10.0.14\Service\insvc.exe (.not file.) =>PUP.Infonaut
O23 - Service: Dial Licence (tuleniwe) . (...) - C:\Users\Pierre\AppData\Roaming\1714517C-1432043086-11DD-8439-4567760555A6\jnsqFA0B.tmp
~ Services: 13 Legitimates Filtered in 00mn 03s



---\\ Tâches planifiées en automatique (O39)
[MD5.3A1D89B89C9D62951957F0839578DD9B] [APT] [aQtI0HQ] (...) -- C:\Users\Pierre\AppData\Roaming\aQtI0HQ.exe [1579520]
[MD5.BECA142589B94EC77D04A423FC0F6BDE] [APT] [c3zQ317u8xo501U] (...) -- C:\Users\Pierre\AppData\Roaming\jrIsVLd\6W0uqax.exe [18432]
[MD5.4CD39A29337BA54227475254A54E215E] [APT] [GarminUpdaterTask] (...) -- C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe [24920]
[MD5.EB768C5F74F2C5CC7B1405D4289FA9E0] [APT] [Irpioooa] (...) -- C:\ProgramData\Irpioooa\1.0.1.0\lludluud.exe [156160]
[MD5.AB6818A7FF17230A6E5119F6CDD1F85B] [APT] [NGjOOGP5GJj79ZSX15OZ7n] (...) -- C:\Users\Pierre\AppData\Roaming\NGjOOGP5GJj79ZSX15OZ7n.exe [1246720]
[MD5.00000000000000000000000000000000] [APT] [Periodic Synchronize Task] (...) -- c:\programdata\{4a1fffd9-c6fa-9bb6-4a1f-fffd9c6fff67}\hqghumeaylnlf.exe (.not file.) [0]
[MD5.7F80234141850FB181A3DC6D3582425C] [APT] [StPrsSW] (...) -- C:\Users\Pierre\AppData\Roaming\StPrsSW\stprss.exe [14336]
[MD5.00000000000000000000000000000000] [APT] [WIN-fdfEfEfAfC] (...) -- C:\Users\Pierre\AppData\Roaming\~iquhchk.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [WIN-fIGbfFfEGCfFGEGbfCfE] (...) -- C:\Users\Pierre\AppData\Roaming\~eiimdah.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [WIN-GGfIfEGCfEGbGffIfCfEGC] (...) -- C:\Users\Pierre\AppData\Roaming\~rsdqrjr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6FC43EEF-6F64-438C-BDF5-E02716F64B8E}] (...) -- E:\Autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Browser Updater] (...) -- C:\Program Files\HomeTab\WSystemUpdate.exe (.not file.) [0] =>PUP.CertifiedToolbar
[MD5.00000000000000000000000000000000] [APT] [Protected Search] (...) -- C:\Program Files\HomeTab\WSearchKeeper.exe (.not file.) [0] =>PUP.CertifiedToolbar
[MD5.00000000000000000000000000000000] [APT] [SystemSockets] (...) -- C:\Program Files\HomeTab\WConnectorHandler.exe (.not file.) [0] =>PUP.CertifiedToolbar
O39 - APT: - (..) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: aQtI0HQ - (...) -- C:\WINDOWS\Tasks\aQtI0HQ.job [990]
O39 - APT: aQtI0HQ - (...) -- C:\WINDOWS\System32\Tasks\aQtI0HQ [990]
O39 - APT: - (..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [1052]
O39 - APT: - (..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [1056]
O39 - APT: NGjOOGP5GJj79ZSX15OZ7n - (...) -- C:\WINDOWS\Tasks\NGjOOGP5GJj79ZSX15OZ7n.job [1020]
O39 - APT: NGjOOGP5GJj79ZSX15OZ7n - (...) -- C:\WINDOWS\System32\Tasks\NGjOOGP5GJj79ZSX15OZ7n [1020]
O39 - APT: Periodic Synchronize Task - (...) -- C:\WINDOWS\Tasks\Periodic Synchronize Task.job [342]
O39 - APT: Periodic Synchronize Task - (...) -- C:\WINDOWS\System32\Tasks\Periodic Synchronize Task [342]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\WinThruster_DEFAULT.job [264]
O39 - APT: - (..) -- C:\WINDOWS\System32\Tasks\WinThruster_DEFAULT [264]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\WinThruster_UPDATES.job [272]
O39 - APT: - (..) -- C:\WINDOWS\System32\Tasks\WinThruster_UPDATES [272]
~ Scheduled Task: 44 Legitimates Filtered in 00mn 02s



---\\ Logiciels installés (O42)
O42 - Logiciel: Infonaut 1.10.0.14 - (.Infonaut.) [HKLM] -- Infonaut_1.10.0.14 =>PUP.Infonaut
O42 - Logiciel: ResidentEvil3 - (...) [HKLM] -- {DE15F0C0-108D-11D4-AF73-0000E21444C5}
O42 - Logiciel: ping version 1 - (...) [HKLM] -- {AF0A2DEF-898C-4FB5-82D2-3AFE8147C81B}_is1
~ Logic: 14 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\BIBLIOMEDIAS SAS]
[HKCU\Software\BearShare] =>PUP.BearShare
[HKCU\Software\Reg]
[HKCU\Software\aQtI0HQ]
[HKCU\Software\winservice86-nv-ie] =>PUP.CrossRider
[HKCU\Software\ƒAƒvƒŠƒP[ƒVƒ‡ƒ“ ƒEƒBƒU[ƒh‚Ő¶¬‚³‚ꂽƒ[ƒJƒ‹ ƒAƒvƒŠƒP[ƒVƒ‡ƒ“]
[HKLM\Software\Reg]
[HKLM\Software\WinU]
[HKLM\Software\troll]
~ Key Software: 338 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 19/05/2015 - 15:55:37 - [] ----D C:\Program Files\782bb45d-1e3c-4c17-8726-662f388225a3
O43 - CFD: 27/10/2012 - 14:48:57 - [] ----D C:\Program Files\BWorks
O43 - CFD: 21/05/2015 - 15:09:27 - [] ----D C:\Program Files\WinThruster
O43 - CFD: 16/03/2014 - 09:03:58 - [] ----D C:\ProgramData\3A32
O43 - CFD: 22/11/2014 - 09:08:07 - [] ----D C:\ProgramData\atjs
O43 - CFD: 12/01/2014 - 15:18:41 - [] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 21/05/2015 - 00:56:40 - [] ----D C:\ProgramData\Irpioooa
O43 - CFD: 19/05/2015 - 15:46:32 - [] ----D C:\ProgramData\YlprdGkQbM
O43 - CFD: 25/03/2014 - 18:51:58 - [0] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 03/12/2009 - 10:34:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les manuels de l'utilisateur
O43 - CFD: 03/12/2009 - 10:34:51 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils et Aide
O43 - CFD: 07/10/2012 - 19:42:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SILKYPIX Developer Studio 3.1 SE
O43 - CFD: 02/11/2006 - 14:37:34 - [] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 21/05/2015 - 15:09:27 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster
O43 - CFD: 04/01/2015 - 17:57:45 - [] ----D C:\Users\Pierre\AppData\Roaming\0cC4kt4
O43 - CFD: 18/03/2015 - 09:31:42 - [] ----D C:\Users\Pierre\AppData\Roaming\13alZgR
O43 - CFD: 21/05/2015 - 14:43:39 - [] ----D C:\Users\Pierre\AppData\Roaming\1714517C-1432043086-11DD-8439-4567760555A6
O43 - CFD: 19/05/2015 - 15:45:03 - [] ----D C:\Users\Pierre\AppData\Roaming\1714517C-1432043103-11DD-8439-4567760555A6
O43 - CFD: 06/03/2015 - 13:29:44 - [] ----D C:\Users\Pierre\AppData\Roaming\1BVnhLf
O43 - CFD: 11/02/2015 - 12:50:38 - [] ----D C:\Users\Pierre\AppData\Roaming\1YHWtuS
O43 - CFD: 27/03/2015 - 11:40:30 - [] ----D C:\Users\Pierre\AppData\Roaming\2AN6HLU
O43 - CFD: 27/01/2015 - 09:55:21 - [] ----D C:\Users\Pierre\AppData\Roaming\2geYJQV
O43 - CFD: 26/03/2015 - 09:32:04 - [] ----D C:\Users\Pierre\AppData\Roaming\2lUyt41
O43 - CFD: 17/03/2015 - 13:54:46 - [] ----D C:\Users\Pierre\AppData\Roaming\2qbwoHa
O43 - CFD: 22/03/2015 - 16:02:13 - [] ----D C:\Users\Pierre\AppData\Roaming\3d3ZAae
O43 - CFD: 22/01/2015 - 10:19:15 - [] ----D C:\Users\Pierre\AppData\Roaming\3NOXBpd
O43 - CFD: 03/01/2015 - 10:56:23 - [] ----D C:\Users\Pierre\AppData\Roaming\3p3FbVM
O43 - CFD: 24/12/2014 - 09:48:12 - [] ----D C:\Users\Pierre\AppData\Roaming\3WkA507
O43 - CFD: 15/03/2015 - 18:08:32 - [] ----D C:\Users\Pierre\AppData\Roaming\3wYXCpC
O43 - CFD: 30/12/2014 - 11:58:34 - [] ----D C:\Users\Pierre\AppData\Roaming\3Y8jFG3
O43 - CFD: 04/03/2015 - 15:04:41 - [] ----D C:\Users\Pierre\AppData\Roaming\4T7MDUO
O43 - CFD: 18/02/2015 - 09:45:10 - [] ----D C:\Users\Pierre\AppData\Roaming\4UTOsjM
O43 - CFD: 22/02/2015 - 09:18:58 - [] ----D C:\Users\Pierre\AppData\Roaming\4xqAY9i
O43 - CFD: 25/03/2015 - 10:00:38 - [] ----D C:\Users\Pierre\AppData\Roaming\51gzrQV
O43 - CFD: 08/03/2015 - 11:51:45 - [] ----D C:\Users\Pierre\AppData\Roaming\5LPMLkh
O43 - CFD: 26/02/2015 - 13:42:19 - [] ----D C:\Users\Pierre\AppData\Roaming\5SipviD
O43 - CFD: 15/04/2015 - 09:12:00 - [] ----D C:\Users\Pierre\AppData\Roaming\5ubMZMU
O43 - CFD: 02/03/2015 - 11:39:41 - [] ----D C:\Users\Pierre\AppData\Roaming\5xaOD0I
O43 - CFD: 29/03/2015 - 12:18:49 - [] ----D C:\Users\Pierre\AppData\Roaming\6H0x5Ot
O43 - CFD: 25/01/2015 - 12:59:32 - [] ----D C:\Users\Pierre\AppData\Roaming\6Ov7UjT
O43 - CFD: 23/04/2015 - 11:52:53 - [] ----D C:\Users\Pierre\AppData\Roaming\6SXv7TE
O43 - CFD: 16/03/2015 - 13:50:05 - [] ----D C:\Users\Pierre\AppData\Roaming\736JeGD
O43 - CFD: 27/02/2015 - 11:23:04 - [] ----D C:\Users\Pierre\AppData\Roaming\7CLMJlU
O43 - CFD: 05/03/2015 - 13:53:18 - [] ----D C:\Users\Pierre\AppData\Roaming\7j3FyPo
O43 - CFD: 27/02/2015 - 10:05:44 - [] ----D C:\Users\Pierre\AppData\Roaming\7NoL6to
O43 - CFD: 13/02/2015 - 09:18:01 - [] ----D C:\Users\Pierre\AppData\Roaming\7S72kFL
O43 - CFD: 15/03/2015 - 11:27:57 - [] ----D C:\Users\Pierre\AppData\Roaming\7vWVq8v
O43 - CFD: 14/01/2015 - 10:03:37 - [] ----D C:\Users\Pierre\AppData\Roaming\8iQsjkg
O43 - CFD: 12/03/2015 - 09:53:44 - [] ----D C:\Users\Pierre\AppData\Roaming\8Jt31DM
O43 - CFD: 31/12/2014 - 15:00:03 - [] ----D C:\Users\Pierre\AppData\Roaming\8TXpy2F
O43 - CFD: 17/02/2015 - 09:46:58 - [] ----D C:\Users\Pierre\AppData\Roaming\97v5QH5
O43 - CFD: 23/02/2015 - 14:12:20 - [] ----D C:\Users\Pierre\AppData\Roaming\9BTldLO
O43 - CFD: 19/03/2015 - 13:41:26 - [] ----D C:\Users\Pierre\AppData\Roaming\9IaS5yT
O43 - CFD: 07/03/2015 - 13:40:46 - [] ----D C:\Users\Pierre\AppData\Roaming\9jSU0Ht
O43 - CFD: 23/11/2014 - 10:42:52 - [] ----D C:\Users\Pierre\AppData\Roaming\9WH0Kow
O43 - CFD: 18/04/2015 - 12:58:03 - [] ----D C:\Users\Pierre\AppData\Roaming\a7fdsNn
O43 - CFD: 05/04/2015 - 11:51:27 - [] ----D C:\Users\Pierre\AppData\Roaming\ACByWoU
O43 - CFD: 26/01/2015 - 13:20:52 - [] ----D C:\Users\Pierre\AppData\Roaming\aEJawm0
O43 - CFD: 06/01/2015 - 10:09:31 - [] ----D C:\Users\Pierre\AppData\Roaming\agicYnx
O43 - CFD: 06/03/2015 - 10:07:32 - [] ----D C:\Users\Pierre\AppData\Roaming\agwyUPW
O43 - CFD: 12/01/2015 - 09:46:16 - [] ----D C:\Users\Pierre\AppData\Roaming\AIqiZvH
O43 - CFD: 31/03/2015 - 12:53:07 - [] ----D C:\Users\Pierre\AppData\Roaming\akNauoG
O43 - CFD: 08/01/2015 - 11:18:13 - [] ----D C:\Users\Pierre\AppData\Roaming\aogggN9
O43 - CFD: 09/03/2015 - 13:40:53 - [] ----D C:\Users\Pierre\AppData\Roaming\aqAyGWB
O43 - CFD: 18/02/2015 - 15:30:13 - [] ----D C:\Users\Pierre\AppData\Roaming\aRAMFQa
O43 - CFD: 17/01/2015 - 09:21:45 - [] ----D C:\Users\Pierre\AppData\Roaming\Atejr68
O43 - CFD: 18/03/2015 - 15:01:28 - [] ----D C:\Users\Pierre\AppData\Roaming\AYu6iz6
O43 - CFD: 05/02/2015 - 11:28:28 - [] ----D C:\Users\Pierre\AppData\Roaming\B3hRUwU
O43 - CFD: 01/01/2015 - 17:03:22 - [] ----D C:\Users\Pierre\AppData\Roaming\b6Axmum
O43 - CFD: 22/11/2014 - 09:08:06 - [] ----D C:\Users\Pierre\AppData\Roaming\BJgiGkl
O43 - CFD: 16/05/2015 - 12:50:37 - [] ----D C:\Users\Pierre\AppData\Roaming\boskKWq
O43 - CFD: 04/02/2015 - 13:45:59 - [] ----D C:\Users\Pierre\AppData\Roaming\C3cZaF3
O43 - CFD: 07/01/2015 - 10:06:23 - [] ----D C:\Users\Pierre\AppData\Roaming\CbP389O
O43 - CFD: 28/04/2015 - 19:59:40 - [] ----D C:\Users\Pierre\AppData\Roaming\CkYrq5h
O43 - CFD: 22/02/2015 - 07:35:34 - [] ----D C:\Users\Pierre\AppData\Roaming\CLr4Wx9
O43 - CFD: 01/02/2015 - 20:12:57 - [] ----D C:\Users\Pierre\AppData\Roaming\cpNkOMq
O43 - CFD: 15/05/2015 - 12:45:22 - [] ----D C:\Users\Pierre\AppData\Roaming\CsmCmP8
O43 - CFD: 26/12/2014 - 09:45:25 - [] ----D C:\Users\Pierre\AppData\Roaming\cU7gE4A
O43 - CFD: 11/02/2015 - 09:54:39 - [] ----D C:\Users\Pierre\AppData\Roaming\CytXFbY
O43 - CFD: 25/01/2015 - 14:05:49 - [] ----D C:\Users\Pierre\AppData\Roaming\cz5MRsh
O43 - CFD: 18/01/2015 - 12:05:59 - [] ----D C:\Users\Pierre\AppData\Roaming\CzZ92G5
O43 - CFD: 08/03/2015 - 12:51:29 - [] ----D C:\Users\Pierre\AppData\Roaming\dBRj1B2
O43 - CFD: 10/05/2015 - 11:40:04 - [] ----D C:\Users\Pierre\AppData\Roaming\DIwHgL8
O43 - CFD: 10/03/2015 - 12:21:24 - [] ----D C:\Users\Pierre\AppData\Roaming\dnkqCTw
O43 - CFD: 13/03/2015 - 09:10:45 - [] ----D C:\Users\Pierre\AppData\Roaming\DoivoNS
O43 - CFD: 03/03/2015 - 09:24:23 - [] ----D C:\Users\Pierre\AppData\Roaming\dQWCiWy
O43 - CFD: 11/04/2015 - 14:01:18 - [] ----D C:\Users\Pierre\AppData\Roaming\E3CTmE7
O43 - CFD: 10/04/2015 - 08:56:02 - [] ----D C:\Users\Pierre\AppData\Roaming\E46B5Sv
O43 - CFD: 16/02/2015 - 09:26:03 - [] ----D C:\Users\Pierre\AppData\Roaming\EBccVxi
O43 - CFD: 22/11/2014 - 09:08:07 - [] ----D C:\Users\Pierre\AppData\Roaming\EC2MdMd
O43 - CFD: 13/02/2015 - 12:22:14 - [] ----D C:\Users\Pierre\AppData\Roaming\eDEm8wG
O43 - CFD: 25/04/2015 - 09:22:48 - [] ----D C:\Users\Pierre\AppData\Roaming\EEpKsCA
O43 - CFD: 19/05/2015 - 15:55:44 - [] ----D C:\Users\Pierre\AppData\Roaming\eJch7jy
O43 - CFD: 20/02/2015 - 09:42:57 - [] ----D C:\Users\Pierre\AppData\Roaming\EKRLBYQ
O43 - CFD: 03/04/2015 - 11:41:31 - [] ----D C:\Users\Pierre\AppData\Roaming\EL8NbWs
O43 - CFD: 22/04/2015 - 08:33:17 - [] ----D C:\Users\Pierre\AppData\Roaming\Epe5Eb8
O43 - CFD: 01/03/2015 - 14:12:03 - [] ----D C:\Users\Pierre\AppData\Roaming\eUdNOyT
O43 - CFD: 03/03/2015 - 13:26:02 - [] ----D C:\Users\Pierre\AppData\Roaming\eyFOL6s
O43 - CFD: 19/02/2015 - 09:51:04 - [] ----D C:\Users\Pierre\AppData\Roaming\f07xWG2
O43 - CFD: 21/02/2015 - 10:06:13 - [] ----D C:\Users\Pierre\AppData\Roaming\f1e5qUV
O43 - CFD: 20/02/2015 - 11:57:44 - [] ----D C:\Users\Pierre\AppData\Roaming\f2vUpmY
O43 - CFD: 18/05/2015 - 09:03:51 - [] ----D C:\Users\Pierre\AppData\Roaming\F3Xdfrq
O43 - CFD: 31/01/2015 - 10:03:00 - [] ----D C:\Users\Pierre\AppData\Roaming\Fc7ByoS
O43 - CFD: 02/01/2015 - 10:04:14 - [] ----D C:\Users\Pierre\AppData\Roaming\fC8pfZq
O43 - CFD: 12/05/2015 - 13:44:51 - [] ----D C:\Users\Pierre\AppData\Roaming\fHGvqDx
O43 - CFD: 07/04/2015 - 08:41:58 - [] ----D C:\Users\Pierre\AppData\Roaming\FI1GQYs
O43 - CFD: 19/01/2010 - 20:23:35 - [] ----D C:\Users\Pierre\AppData\Roaming\Fip
O43 - CFD: 10/04/2015 - 12:46:56 - [] ----D C:\Users\Pierre\AppData\Roaming\FpqFrOT
O43 - CFD: 18/05/2015 - 12:46:46 - [] ----D C:\Users\Pierre\AppData\Roaming\fpv7L4J
O43 - CFD: 26/02/2015 - 22:57:31 - [] ----D C:\Users\Pierre\AppData\Roaming\FrjglPl
O43 - CFD: 13/03/2015 - 11:30:46 - [] ----D C:\Users\Pierre\AppData\Roaming\fxgLLLm
O43 - CFD: 05/04/2015 - 17:34:32 - [] ----D C:\Users\Pierre\AppData\Roaming\gd4NRQ1
O43 - CFD: 23/03/2015 - 13:54:04 - [] ----D C:\Users\Pierre\AppData\Roaming\ghafA9H
O43 - CFD: 06/02/2015 - 11:32:00 - [] ----D C:\Users\Pierre\AppData\Roaming\GKDOMLm
O43 - CFD: 20/04/2015 - 13:02:32 - [] ----D C:\Users\Pierre\AppData\Roaming\GLgUEQb
O43 - CFD: 02/01/2015 - 10:19:23 - [] ----D C:\Users\Pierre\AppData\Roaming\Gljmzkw
O43 - CFD: 29/01/2015 - 12:04:18 - [] ----D C:\Users\Pierre\AppData\Roaming\gMS0mPc
O43 - CFD: 22/12/2014 - 08:42:27 - [] ----D C:\Users\Pierre\AppData\Roaming\gqtGL5v
O43 - CFD: 26/04/2015 - 07:30:49 - [] ----D C:\Users\Pierre\AppData\Roaming\gRKk06X
O43 - CFD: 19/04/2015 - 18:41:19 - [] ----D C:\Users\Pierre\AppData\Roaming\gV2QF0L
O43 - CFD: 14/04/2015 - 09:04:38 - [] ----D C:\Users\Pierre\AppData\Roaming\Gx952fB
O43 - CFD: 15/01/2015 - 13:39:47 - [] ----D C:\Users\Pierre\AppData\Roaming\H89PIhb
O43 - CFD: 02/02/2015 - 09:57:33 - [] ----D C:\Users\Pierre\AppData\Roaming\HaBHWrl
O43 - CFD: 15/02/2015 - 12:42:29 - [] ----D C:\Users\Pierre\AppData\Roaming\haGFzbE
O43 - CFD: 21/05/2015 - 10:48:15 - [] ----D C:\Users\Pierre\AppData\Roaming\hB2UyV2
O43 - CFD: 20/03/2015 - 12:28:53 - [] ----D C:\Users\Pierre\AppData\Roaming\HBzz9ER
O43 - CFD: 24/03/2015 - 13:42:57 - [] ----D C:\Users\Pierre\AppData\Roaming\HFovEBV
O43 - CFD: 22/01/2015 - 12:41:37 - [] ----D C:\Users\Pierre\AppData\Roaming\HgDfEmH
O43 - CFD: 05/01/2015 - 13:42:42 - [] ----D C:\Users\Pierre\AppData\Roaming\HGzb664
O43 - CFD: 13/01/2015 - 10:04:16 - [] ----D C:\Users\Pierre\AppData\Roaming\hh1XqRj
O43 - CFD: 10/02/2015 - 09:39:34 - [] ----D C:\Users\Pierre\AppData\Roaming\hqerHsp
O43 - CFD: 31/03/2015 - 08:48:24 - [] ----D C:\Users\Pierre\AppData\Roaming\ht3trPe
O43 - CFD: 24/03/2015 - 09:52:44 - [] ----D C:\Users\Pierre\AppData\Roaming\HuujgGz
O43 - CFD: 19/02/2015 - 12:53:24 - [] ----D C:\Users\Pierre\AppData\Roaming\hWLFSJn
O43 - CFD: 12/01/2015 - 13:45:34 - [] ----D C:\Users\Pierre\AppData\Roaming\hX4QIRD
O43 - CFD: 01/04/2015 - 07:54:51 - [] ----D C:\Users\Pierre\AppData\Roaming\HxIfbQr
O43 - CFD: 20/01/2015 - 10:47:04 - [] ----D C:\Users\Pierre\AppData\Roaming\HzSv8Lx
O43 - CFD: 04/03/2015 - 09:40:21 - [] ----D C:\Users\Pierre\AppData\Roaming\IDCEy1s
O43 - CFD: 21/04/2015 - 10:43:26 - [] ----D C:\Users\Pierre\AppData\Roaming\ihseXUM
O43 - CFD: 20/01/2015 - 10:12:33 - [] ----D C:\Users\Pierre\AppData\Roaming\ikb7dlP
O43 - CFD: 03/04/2015 - 09:03:06 - [] ----D C:\Users\Pierre\AppData\Roaming\IKqz642
O43 - CFD: 11/03/2015 - 09:44:58 - [] ----D C:\Users\Pierre\AppData\Roaming\iKy6oVv
O43 - CFD: 03/02/2015 - 09:59:18 - [] ----D C:\Users\Pierre\AppData\Roaming\IQLI1dh
O43 - CFD: 17/02/2015 - 13:43:11 - [] ----D C:\Users\Pierre\AppData\Roaming\iQO1FGP
O43 - CFD: 25/04/2015 - 08:26:27 - [] ----D C:\Users\Pierre\AppData\Roaming\jlNP24P
O43 - CFD: 05/04/2015 - 10:41:42 - [] ----D C:\Users\Pierre\AppData\Roaming\JN6Tf2E
O43 - CFD: 30/03/2015 - 12:52:20 - [] ----D C:\Users\Pierre\AppData\Roaming\JqNSc7c
O43 - CFD: 23/11/2014 - 10:42:52 - [] ----D C:\Users\Pierre\AppData\Roaming\jrIsVLd
O43 - CFD: 23/02/2015 - 12:47:11 - [] ----D C:\Users\Pierre\AppData\Roaming\JSBwLp4
O43 - CFD: 13/05/2015 - 08:28:46 - [] ----D C:\Users\Pierre\AppData\Roaming\Jy5cDrQ
O43 - CFD: 12/02/2015 - 13:54:21 - [] ----D C:\Users\Pierre\AppData\Roaming\jyadxyS
O43 - CFD: 21/01/2015 - 09:59:26 - [] ----D C:\Users\Pierre\AppData\Roaming\kbUfdlZ
O43 - CFD: 24/01/2015 - 12:03:36 - [] ----D C:\Users\Pierre\AppData\Roaming\KDw1xUy
O43 - CFD: 22/03/2015 - 10:43:14 - [] ----D C:\Users\Pierre\AppData\Roaming\kNh0TkH
O43 - CFD: 13/05/2015 - 12:44:29 - [] ----D C:\Users\Pierre\AppData\Roaming\kNnzyee
O43 - CFD: 19/03/2015 - 09:44:52 - [] ----D C:\Users\Pierre\AppData\Roaming\KO44RPt
O43 - CFD: 17/01/2015 - 13:39:35 - [] ----D C:\Users\Pierre\AppData\Roaming\kOsgTG1
O43 - CFD: 29/03/2015 - 11:14:04 - [] ----D C:\Users\Pierre\AppData\Roaming\kpAIDhm
O43 - CFD: 23/11/2014 - 10:42:52 - [] ----D C:\Users\Pierre\AppData\Roaming\KUexkPK
O43 - CFD: 26/03/2015 - 13:39:34 - [] ----D C:\Users\Pierre\AppData\Roaming\KUfPa1g
O43 - CFD: 10/01/2015 - 12:10:31 - [] ----D C:\Users\Pierre\AppData\Roaming\kw5cQCg
O43 - CFD: 14/03/2015 - 09:54:30 - [] ----D C:\Users\Pierre\AppData\Roaming\lIoDB3M
O43 - CFD: 07/03/2015 - 10:06:09 - [] ----D C:\Users\Pierre\AppData\Roaming\lRxH929
O43 - CFD: 10/02/2015 - 13:53:37 - [] ----D C:\Users\Pierre\AppData\Roaming\lvBeXQn
O43 - CFD: 14/02/2015 - 13:28:46 - [] ----D C:\Users\Pierre\AppData\Roaming\lw5mnqI
O43 - CFD: 27/01/2015 - 13:31:26 - [] ----D C:\Users\Pierre\AppData\Roaming\lxTfiab
O43 - CFD: 09/01/2015 - 10:01:52 - [] ----D C:\Users\Pierre\AppData\Roaming\lYARKHO
O43 - CFD: 09/02/2015 - 10:10:58 - [] ----D C:\Users\Pierre\AppData\Roaming\lyWWhra
O43 - CFD: 17/04/2015 - 08:43:22 - [] ----D C:\Users\Pierre\AppData\Roaming\Mcg1S9Q
O43 - CFD: 08/01/2015 - 10:01:43 - [] ----D C:\Users\Pierre\AppData\Roaming\mcoxb1k
O43 - CFD: 15/01/2015 - 10:01:13 - [] ----D C:\Users\Pierre\AppData\Roaming\Mgcklo2
O43 - CFD: 16/01/2015 - 10:03:22 - [] ----D C:\Users\Pierre\AppData\Roaming\MgQ6bJB
O43 - CFD: 02/03/2015 - 10:58:30 - [] ----D C:\Users\Pierre\AppData\Roaming\mH5izL3
O43 - CFD: 01/01/2015 - 13:31:36 - [] ----D C:\Users\Pierre\AppData\Roaming\mjcsJ4T
O43 - CFD: 19/05/2015 - 18:24:40 - [] ----D C:\Users\Pierre\AppData\Roaming\MpNtheO
O43 - CFD: 11/04/2015 - 12:48:19 - [] ----D C:\Users\Pierre\AppData\Roaming\NaDIOV1
O43 - CFD: 23/12/2014 - 12:08:05 - [] ----D C:\Users\Pierre\AppData\Roaming\niRuK8Y
O43 - CFD: 25/03/2015 - 09:10:23 - [] ----D C:\Users\Pierre\AppData\Roaming\NJnb7cd
O43 - CFD: 28/03/2015 - 13:56:42 - [] ----D C:\Users\Pierre\AppData\Roaming\NoXEk9v
O43 - CFD: 05/03/2015 - 09:54:15 - [] ----D C:\Users\Pierre\AppData\Roaming\NpxvXWg
O43 - CFD: 16/03/2015 - 09:39:10 - [] ----D C:\Users\Pierre\AppData\Roaming\nPYKA3x
O43 - CFD: 23/12/2014 - 09:17:54 - [] ----D C:\Users\Pierre\AppData\Roaming\NunvxdZ
O43 - CFD: 21/02/2015 - 13:54:08 - [] ----D C:\Users\Pierre\AppData\Roaming\nVaxSxE
O43 - CFD: 19/05/2015 - 18:01:40 - [] ----D C:\Users\Pierre\AppData\Roaming\NWC6PB4
O43 - CFD: 07/01/2015 - 15:05:31 - [] ----D C:\Users\Pierre\AppData\Roaming\nwrQOM2
O43 - CFD: 11/05/2015 - 08:51:25 - [] ----D C:\Users\Pierre\AppData\Roaming\nXEkfu5
O43 - CFD: 09/05/2015 - 23:03:23 - [] ----D C:\Users\Pierre\AppData\Roaming\NY3Yk7H
O43 - CFD: 21/05/2015 - 03:57:23 - [] ----D C:\Users\Pierre\AppData\Roaming\nyFeGI4
O43 - CFD: 23/01/2015 - 11:09:08 - [] ----D C:\Users\Pierre\AppData\Roaming\o88hNOp
O43 - CFD: 12/02/2015 - 15:03:24 - [] ----D C:\Users\Pierre\AppData\Roaming\OFbtJLI
O43 - CFD: 15/05/2015 - 08:23:42 - [] ----D C:\Users\Pierre\AppData\Roaming\Ohko9qV
O43 - CFD: 01/04/2015 - 06:50:57 - [] ----D C:\Users\Pierre\AppData\Roaming\OiBdAsB
O43 - CFD: 24/12/2014 - 11:15:57 - [] ----D C:\Users\Pierre\AppData\Roaming\ONEfLRU
O43 - CFD: 05/02/2015 - 10:00:19 - [] ----D C:\Users\Pierre\AppData\Roaming\oPlv6vX
O43 - CFD: 26/01/2015 - 09:37:55 - [] ----D C:\Users\Pierre\AppData\Roaming\Ot7xeVr
O43 - CFD: 29/01/2015 - 09:58:49 - [] ----D C:\Users\Pierre\AppData\Roaming\owPAsc6
O43 - CFD: 02/04/2015 - 09:21:44 - [] ----D C:\Users\Pierre\AppData\Roaming\OzF4MOw
O43 - CFD: 25/12/2014 - 01:30:53 - [] ----D C:\Users\Pierre\AppData\Roaming\P5D7j7r
O43 - CFD: 14/02/2015 - 09:40:37 - [] ----D C:\Users\Pierre\AppData\Roaming\P6sPliF
O43 - CFD: 12/03/2015 - 13:35:23 - [] ----D C:\Users\Pierre\AppData\Roaming\p9oCdJj
O43 - CFD: 22/04/2015 - 13:59:08 - [] ----D C:\Users\Pierre\AppData\Roaming\PdDlvOO
O43 - CFD: 12/03/2015 - 15:01:32 - [] ----D C:\Users\Pierre\AppData\Roaming\PG0S0YO
O43 - CFD: 02/04/2015 - 08:11:39 - [] ----D C:\Users\Pierre\AppData\Roaming\PIOUNfu
O43 - CFD: 19/05/2015 - 11:21:10 - [] ----D C:\Users\Pierre\AppData\Roaming\PKllKZ2
O43 - CFD: 13/01/2015 - 13:29:21 - [] ----D C:\Users\Pierre\AppData\Roaming\PNX8MeS
O43 - CFD: 19/05/2015 - 09:01:41 - [] ----D C:\Users\Pierre\AppData\Roaming\poxEqoE
O43 - CFD: 14/03/2015 - 13:26:07 - [] ----D C:\Users\Pierre\AppData\Roaming\pSdAXe6
O43 - CFD: 12/05/2015 - 08:49:04 - [] ----D C:\Users\Pierre\AppData\Roaming\pUepO9o
O43 - CFD: 07/02/2015 - 13:48:24 - [] ----D C:\Users\Pierre\AppData\Roaming\pwdNIAg
O43 - CFD: 09/03/2015 - 09:54:32 - [] ----D C:\Users\Pierre\AppData\Roaming\pwKrtWS
O43 - CFD: 17/03/2015 - 08:01:55 - [] ----D C:\Users\Pierre\AppData\Roaming\pY9FfMZ
O43 - CFD: 30/03/2015 - 00:10:10 - [] ----D C:\Users\Pierre\AppData\Roaming\pzD6AlQ
O43 - CFD: 10/05/2015 - 10:58:02 - [] ----D C:\Users\Pierre\AppData\Roaming\pZtnJkv
O43 - CFD: 20/05/2015 - 09:01:02 - [] ----D C:\Users\Pierre\AppData\Roaming\Q8ftlgJ
O43 - CFD: 06/01/2015 - 12:23:28 - [] ----D C:\Users\Pierre\AppData\Roaming\q9Gq1oq
O43 - CFD: 24/04/2015 - 11:52:09 - [] ----D C:\Users\Pierre\AppData\Roaming\QdOKMLq
O43 - CFD: 21/01/2015 - 14:05:54 - [] ----D C:\Users\Pierre\AppData\Roaming\qugHQRC
O43 - CFD: 14/04/2015 - 09:07:35 - [] ----D C:\Users\Pierre\AppData\Roaming\QYzTFOb
O43 - CFD: 05/01/2015 - 09:50:35 - [] ----D C:\Users\Pierre\AppData\Roaming\RknJtRX
O43 - CFD: 27/12/2014 - 13:45:37 - [] ----D C:\Users\Pierre\AppData\Roaming\rM46t9o
O43 - CFD: 03/01/2015 - 10:05:53 - [] ----D C:\Users\Pierre\AppData\Roaming\RRNSg9i
O43 - CFD: 08/02/2015 - 13:03:43 - [] ----D C:\Users\Pierre\AppData\Roaming\RrzQXEH
O43 - CFD: 08/02/2015 - 11:55:50 - [] ----D C:\Users\Pierre\AppData\Roaming\s48maBi
O43 - CFD: 27/03/2015 - 09:32:49 - [] ----D C:\Users\Pierre\AppData\Roaming\sdTtihK
O43 - CFD: 01/03/2015 - 13:04:45 - [] ----D C:\Users\Pierre\AppData\Roaming\sfklMMo
O43 - CFD: 04/04/2015 - 12:46:07 - [] ----D C:\Users\Pierre\AppData\Roaming\Sisq4tE
O43 - CFD: 16/01/2015 - 12:13:12 - [] ----D C:\Users\Pierre\AppData\Roaming\sKANCDq
O43 - CFD: 30/12/2014 - 10:06:31 - [] ----D C:\Users\Pierre\AppData\Roaming\smidxGC
O43 - CFD: 02/02/2015 - 13:38:26 - [] ----D C:\Users\Pierre\AppData\Roaming\SNjV4xu
O43 - CFD: 04/02/2015 - 10:05:43 - [] ----D C:\Users\Pierre\AppData\Roaming\SnldNQn
O43 - CFD: 10/03/2015 - 09:07:20 - [] ----D C:\Users\Pierre\AppData\Roaming\snZUsfV =>PUP.LuaRT
O43 - CFD: 07/02/2015 - 10:18:27 - [] ----D C:\Users\Pierre\AppData\Roaming\SOqJ1t8
O43 - CFD: 12/01/2015 - 13:40:51 - [] ----D C:\Users\Pierre\AppData\Roaming\StPrsSW
O43 - CFD: 08/04/2015 - 14:01:09 - [] ----D C:\Users\Pierre\AppData\Roaming\SyOfAi8
O43 - CFD: 31/12/2014 - 09:38:23 - [] ----D C:\Users\Pierre\AppData\Roaming\t1sxnqF
O43 - CFD: 24/02/2015 - 10:18:39 - [] ----D C:\Users\Pierre\AppData\Roaming\t2KLi9G
O43 - CFD: 30/01/2015 - 09:45:01 - [] ----D C:\Users\Pierre\AppData\Roaming\tBIl2az
O43 - CFD: 25/02/2015 - 21:33:44 - [] ----D C:\Users\Pierre\AppData\Roaming\tMaHAO5
O43 - CFD: 30/03/2015 - 08:52:17 - [] ----D C:\Users\Pierre\AppData\Roaming\TOWhUUP
O43 - CFD: 27/12/2014 - 10:07:37 - [] ----D C:\Users\Pierre\AppData\Roaming\TTprWHZ
O43 - CFD: 20/04/2015 - 08:30:13 - [] ----D C:\Users\Pierre\AppData\Roaming\TuEvmNr
O43 - CFD: 04/04/2015 - 08:41:55 - [] ----D C:\Users\Pierre\AppData\Roaming\uDMMtbk
O43 - CFD: 24/01/2015 - 09:57:31 - [] ----D C:\Users\Pierre\AppData\Roaming\UF0JVcI
O43 - CFD: 28/01/2015 - 11:08:08 - [] ----D C:\Users\Pierre\AppData\Roaming\UJLzsua
O43 - CFD: 16/05/2015 - 08:53:56 - [] ----D C:\Users\Pierre\AppData\Roaming\uNfc2qp
O43 - CFD: 14/01/2015 - 12:07:40 - [] ----D C:\Users\Pierre\AppData\Roaming\V1nQGFt
O43 - CFD: 07/04/2015 - 12:12:30 - [] ----D C:\Users\Pierre\AppData\Roaming\vCSw5uU
O43 - CFD: 11/01/2015 - 19:02:55 - [] ----D C:\Users\Pierre\AppData\Roaming\VFw8W6d
O43 - CFD: 19/04/2015 - 09:37:58 - [] ----D C:\Users\Pierre\AppData\Roaming\VH7XDsv
O43 - CFD: 23/01/2015 - 09:08:15 - [] ----D C:\Users\Pierre\AppData\Roaming\VIv7RkG
O43 - CFD: 23/04/2015 - 08:40:11 - [] ----D C:\Users\Pierre\AppData\Roaming\vIxMV19
O43 - CFD: 11/04/2015 - 09:11:09 - [] ----D C:\Users\Pierre\AppData\Roaming\vNoDD20
O43 - CFD: 29/12/2014 - 11:47:23 - [] ----D C:\Users\Pierre\AppData\Roaming\vQC5UAd
O43 - CFD: 03/02/2015 - 13:42:50 - [] ----D C:\Users\Pierre\AppData\Roaming\VZy2pVa
O43 - CFD: 29/12/2014 - 09:57:43 - [] ----D C:\Users\Pierre\AppData\Roaming\wAYBQyC
O43 - CFD: 18/01/2015 - 12:58:22 - [] ----D C:\Users\Pierre\AppData\Roaming\WH58dg9
O43 - CFD: 09/04/2015 - 08:49:02 - [] ----D C:\Users\Pierre\AppData\Roaming\wNjExdF
O43 - CFD: 15/04/2015 - 13:58:53 - [] ----D C:\Users\Pierre\AppData\Roaming\WNOQ7vo
O43 - CFD: 21/03/2015 - 10:04:13 - [] ----D C:\Users\Pierre\AppData\Roaming\X2tcGlb
O43 - CFD: 08/04/2015 - 08:41:42 - [] ----D C:\Users\Pierre\AppData\Roaming\x2tNJq4
O43 - CFD: 26/02/2015 - 10:06:36 - [] ----D C:\Users\Pierre\AppData\Roaming\XobvX07
O43 - CFD: 31/01/2015 - 09:45:03 - [] ----D C:\Users\Pierre\AppData\Roaming\xPGYqSF
O43 - CFD: 12/04/2015 - 18:07:31 - [] ----D C:\Users\Pierre\AppData\Roaming\xxlP5Yz
O43 - CFD: 21/05/2015 - 09:20:44 - [] ----D C:\Users\Pierre\AppData\Roaming\y3doMm5
O43 - CFD: 15/02/2015 - 11:41:18 - [] ----D C:\Users\Pierre\AppData\Roaming\yerrq9K
O43 - CFD: 19/05/2015 - 17:12:41 - [] ----D C:\Users\Pierre\AppData\Roaming\Yhawe4F
O43 - CFD: 01/02/2015 - 10:37:14 - [] ----D C:\Users\Pierre\AppData\Roaming\YJvQSw6
O43 - CFD: 20/05/2015 - 13:51:39 - [] ----D C:\Users\Pierre\AppData\Roaming\YUGUpm8
O43 - CFD: 21/04/2015 - 07:42:15 - [] ----D C:\Users\Pierre\AppData\Roaming\yVjVL5A
O43 - CFD: 22/12/2014 - 10:43:45 - [] ----D C:\Users\Pierre\AppData\Roaming\yXjbmk3
O43 - CFD: 18/04/2015 - 08:33:17 - [] ----D C:\Users\Pierre\AppData\Roaming\yyClJ48
O43 - CFD: 16/04/2015 - 14:01:06 - [] ----D C:\Users\Pierre\AppData\Roaming\yYuONcA
O43 - CFD: 28/03/2015 - 09:42:20 - [] ----D C:\Users\Pierre\AppData\Roaming\zADqs4H
O43 - CFD: 10/01/2015 - 10:02:14 - [] ----D C:\Users\Pierre\AppData\Roaming\zEYkMYu
O43 - CFD: 30/01/2015 - 13:36:55 - [] ----D C:\Users\Pierre\AppData\Roaming\zKvJMoT
O43 - CFD: 12/02/2015 - 09:59:30 - [] ----D C:\Users\Pierre\AppData\Roaming\zpQKXbF
O43 - CFD: 15/05/2015 - 14:08:01 - [] ----D C:\Users\Pierre\AppData\Roaming\ZROFI5X
O43 - CFD: 24/04/2015 - 09:07:00 - [] ----D C:\Users\Pierre\AppData\Roaming\zsPWxOy
O43 - CFD: 21/05/2015 - 14:22:16 - [] ----D C:\Users\Pierre\AppData\Local\BreakingNewsAlert =>PUP.BreakingNewsAlert
~ 21 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 625 Legitimates Filtered in 00mn 02s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.8886A8AF3F99564270D941C10AFEFD8C] - 19/05/2015 - 14:59:52 ---A- . (...) -- C:\WINDOWS\win.ini [246]
O44 - LFC:[MD5.0065E911F966A71A115D9A52FF3DFC99] - 19/05/2015 - 15:00:29 ---A- . (...) -- C:\WINDOWS\System32\sasnative32.exe [17136]
O44 - LFC:[MD5.4C0CAFF76C899D421C114728144E9C47] - 19/05/2015 - 15:54:00 ---A- . (...) -- C:\WINDOWS\System32\029B560A371F4E00AB32838EBC01B9E7 [4]
O44 - LFC:[MD5.FD44FA80DA03EA144153A76DEBBB61B4] - 21/05/2015 - 09:33:08 ---A- . (...) -- C:\WINDOWS\System32\Drivers\TrueSight.sys [35064]
O44 - LFC:[MD5.F1363AD80A31787C89052A876C8D0B97] - 21/05/2015 - 09:46:30 ---A- . (...) -- C:\WINDOWS\System32\WDPABKP.dat [8192]
~ Files: 54 Legitimates Filtered in 00mn 01s



---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{3b7a0a57-7b84-11e3-ba4e-0022151944cc}\AutoRun\command. (...) -- G:\PMCsetup.exe (.not file.)
O51 - MPSK:{66ece8e0-dfe5-11de-87c7-0022151944cc}\AutoRun\command. (.Western Digital - Setup Application for WD SmartWare.) -- G:\WD SmartWare.exe
O51 - MPSK:{d1fcf7ce-4f1b-11df-9a89-0022151944cc}\AutoRun\command. (...) -- C:\Windows\system32\AdobeR.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\KBD [Key] . (...) -- C:\HP\KBD\KbdStub.exe
O53 - SMSR:HKLM\...\startupreg\Malwarebytes Anti-Malware (reboot) [Key] . (...) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (.not file.)
~ SMSR Keys: 15 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\WINDOWS\System32\Drivers\elxstor.sys [342584]
O58 - SDL:02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\WINDOWS\System32\Drivers\iteatapi.sys [35944]
O58 - SDL:02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\WINDOWS\System32\Drivers\iteraid.sys [35944]
O58 - SDL:28/07/2010 - 10:19:28 ---A- . (.Silicon Laboratories - Silicon Labs VCP Serial Enumerator.) -- C:\WINDOWS\System32\Drivers\silabenm.sys [47176]
O58 - SDL:24/10/2013 - 22:39:14 ---A- . (.Silicon Laboratories - Silicon Labs CP210x USB to UART Bridge Driver.) -- C:\WINDOWS\System32\Drivers\silabser.sys [63104]
O58 - SDL:21/05/2015 - 09:33:08 ---A- . (...) -- C:\WINDOWS\System32\Drivers\TrueSight.sys [35064]
O58 - SDL:21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\WINDOWS\System32\Drivers\uliahci.sys [238648]
O58 - SDL:02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\WINDOWS\System32\Drivers\ulsata.sys [98408]
O58 - SDL:21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\WINDOWS\System32\Drivers\ulsata2.sys [115816]
O58 - SDL:10/05/2011 - 07:06:08 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\System32\Drivers\usbaapl.sys [42496]
O58 - SDL:19/11/2008 - 09:41:08 ---A- . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\WINDOWS\System32\Drivers\WsAudioDevice_383.sys [16640]
O58 - SDL:02/11/2006 - 08:09:42 ---A- . (...) -- C:\WINDOWS\System32\ANSI.SYS [9029]
O58 - SDL:02/11/2006 - 08:09:45 ---A- . (...) -- C:\WINDOWS\System32\country.sys [27097]
O58 - SDL:02/11/2006 - 08:09:41 ---A- . (...) -- C:\WINDOWS\System32\HIMEM.SYS [4768]
O58 - SDL:02/11/2006 - 08:09:44 ---A- . (...) -- C:\WINDOWS\System32\KEY01.SYS [42809]
O58 - SDL:02/11/2006 - 08:09:44 ---A- . (...) -- C:\WINDOWS\System32\KEYBOARD.SYS [42537]
O58 - SDL:02/11/2006 - 08:09:29 ---A- . (...) -- C:\WINDOWS\System32\NTDOS.SYS [27866]
O58 - SDL:02/11/2006 - 08:09:35 ---A- . (...) -- C:\WINDOWS\System32\NTDOS404.SYS [29146]
O58 - SDL:02/11/2006 - 08:09:38 ---A- . (...) -- C:\WINDOWS\System32\NTDOS411.SYS [29370]
O58 - SDL:02/11/2006 - 08:09:40 ---A- . (...) -- C:\WINDOWS\System32\NTDOS412.SYS [29274]
O58 - SDL:02/11/2006 - 08:09:31 ---A- . (...) -- C:\WINDOWS\System32\NTDOS804.SYS [29146]
O58 - SDL:02/11/2006 - 08:09:20 ---A- . (...) -- C:\WINDOWS\System32\NTIO.SYS [33952]
O58 - SDL:02/11/2006 - 08:09:23 ---A- . (...) -- C:\WINDOWS\System32\NTIO404.SYS [34672]
O58 - SDL:02/11/2006 - 08:09:24 ---A- . (...) -- C:\WINDOWS\System32\NTIO411.SYS [35776]
O58 - SDL:02/11/2006 - 08:09:26 ---A- . (...) -- C:\WINDOWS\System32\NTIO412.SYS [35536]
O58 - SDL:02/11/2006 - 08:09:22 ---A- . (...) -- C:\WINDOWS\System32\NTIO804.SYS [34672]
~ Drivers: 78 Legitimates Filtered in 00mn 04s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr
O69 - SBI: SearchScopes [HKCR] {afdbddaa-5d3f-42ee-b79c-185a7020515b} [DefaultScope] - (Web Search) - http://search.certified-toolbar.com =>PUP.CertifiedToolbar
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.3A1D89B89C9D62951957F0839578DD9B] [SPRF][20/04/2015] (...) -- C:\Users\Pierre\AppData\Roaming\aQtI0HQ.exe [1579520]
[MD5.AB6818A7FF17230A6E5119F6CDD1F85B] [SPRF][20/04/2015] (...) -- C:\Users\Pierre\AppData\Roaming\NGjOOGP5GJj79ZSX15OZ7n.exe [1246720]
[MD5.EC8C0DAFC22617F5D134749DFB22FFC2] [SPRF][14/12/2012] (...) -- C:\Users\Pierre\AppData\Roaming\wklnhst.dat [1512]
[MD5.FA0C6CCCE5B1F836162881708C134DA4] [SPRF][19/05/2015] (...) -- C:\Users\Pierre\Desktop\Firefox%20Setup%2038.0(1).exe [39718272]
[MD5.FA0C6CCCE5B1F836162881708C134DA4] [SPRF][19/05/2015] (...) -- C:\Users\Pierre\Desktop\Firefox%20Setup%2038.0.exe [39718272]
~ Files: 8 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.387746D103590379A56CF8050BC011D5] [WIS][02/06/2014] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\24bbf81.msi [512512] =>Adware.Boxore
[MD5.AE3463233E61DE981673EAE21AF9F935] [WIS][19/05/2015] (.The Software Group - Software Update Helper.) -- C:\Windows\Installer\4c77a.msi [23552] =>Adware.Boxore
~ WIS: 2 Legitimates Filtered in 00mn 03s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{4CFDB3C6-B58E-416C-BF8C-972CDD560CF8}] (OmgMp4Parser Class) =>PUP.Sogou
[HKCR\CLSID\{8512875A-816B-4F4C-AD72-FA1C52B76ABD}] (OpcMp4Player Class) =>PUP.Sogou
~ BCK: 6171 Legitimates Filtered in 00mn 12s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 15/04/2015 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 27/08/2014 441176 | (Garmin Core Update Service) . (.Garmin Ltd or its subsidiaries.) - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
SS - | Auto 22/04/2015 107848 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 22/04/2015 107848 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 18/12/2009 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 14/11/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
SS - | Demand 13/04/2007 101528 | (IJPLMSVC) . (...) - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe
SS - | Auto 22/07/1658 0 | (insvc_1.10.0.14) . (...) - C:\Program Files\Infonaut_1.10.0.14\Service\insvc.exe =>PUP.Infonaut
SS - | Demand 16/01/2014 235696 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
SS - | Demand 14/05/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 14/12/2006 45056 | (MSCSPTISRV) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
SS - | Disabled 21/01/2014 699912 | (Orange update Core Service) . (.Orange SA.) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Demand 14/12/2006 57344 | (PACSPTISVR) . (...) - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
SS - | Demand 14/12/2006 69632 | (SPTISRV) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
SS - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\WINDOWS\System32\svchost.exe
SR - | Auto 09/09/2005 102400 | (AdobeActiveFileMonitor4.0) . (...) - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
SR - | Auto 03/12/2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 19/05/2015 2731488 | (aOtCjxCcX) . (.Useful Technology.) - C:\ProgramData\YlprdGkQbM\aOtCjxCcX.exe
SR - | Auto 07/01/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 21/05/2015 188416 | (cycyvysu) . (...) - C:\Users\Pierre\AppData\Roaming\1714517C-1432043086-11DD-8439-4567760555A6\nseC36B.tmp
SR - | Auto 21/01/2008 21504 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\WINDOWS\System32\svchost.exe
SR - | Auto 19/05/2015 193024 | (hodufije) . (...) - C:\Users\Pierre\AppData\Roaming\1714517C-1432043086-11DD-8439-4567760555A6\hnsl1644.tmp
SR - | Auto 14/03/2008 94208 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Auto 03/11/2008 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
SR - | Auto 30/04/2015 22216 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 03/09/2014 484888 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
SR - | Auto 19/05/2015 245760 | (tuleniwe) . (...) - C:\Users\Pierre\AppData\Roaming\1714517C-1432043086-11DD-8439-4567760555A6\jnsqFA0B.tmp
SR - | Auto 22/07/2014 1042808 | (WDBackup) . (.Western Digital Technologies, Inc..) - C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
SR - | Auto 23/05/2014 296312 | (WDDriveService) . (.Western Digital Technologies, Inc..) - C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
SR - | Auto 21/01/2008 21504 | C:\WINDOWS\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\WINDOWS\System32\svchost.exe
~ Services: Scanned in 00mn 13s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (17/05/2015)
Clés trouvées (Keys found) : 12
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 6
Fichiers trouvés (Files found) : 7

[HKLM\SYSTEM\CurrentControlSet\Services\aOtCjxCcX] =>PUP.BreakingNewsAlert^
[HKLM\SYSTEM\CurrentControlSet\Services\insvc_1.10.0.14] =>PUP.Infonaut^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Infonaut_1.10.0.14] =>PUP.Infonaut^
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5791B7D3-8B34-4218-9750-6A8E45D0AD32}] =>PUP.Dealio
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{7A387452-4D16-4EB9-9E74-76CA65534E45}] =>PUP.Dealio
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKLM\Software\Classes\CLSID\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKLM\SOFTWARE\SOFTWARE\UPDATE\CLIENTS\{5B54E9B6-D6C4-11E0-8E9D-92FB4824019B}] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]:Update =>Adware.Downware^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:GoogleChromeAutoLaunch_1B6BDCC85720E2E938097F32AEDD4177 =>PUP.CrossBrowser^
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\Users\Pierre\AppData\Roaming\snZUsfV =>PUP.LuaRT^
C:\Users\Pierre\AppData\Local\BreakingNewsAlert =>PUP.BreakingNewsAlert^
C:\Program Files\Software =>Adware.Boxore
C:\ProgramData\Software =>Adware.Boxore
C:\Users\Pierre\AppData\Local\Software =>Adware.Boxore
C:\ProgramData\YlprdGkQbM\aOtCjxCcX.exe =>PUP.BreakingNewsAlert^
[HKCU\Software\BearShare] =>PUP.BearShare^
[HKCU\Software\winservice86-nv-ie] =>PUP.CrossRider^
C:\Windows\Installer\24bbf81.msi =>Adware.Boxore^
C:\Windows\Installer\4c77a.msi =>Adware.Boxore^
[HKCR\CLSID\{4CFDB3C6-B58E-416C-BF8C-972CDD560CF8}] (OmgMp4Parser Class) =>PUP.Sogou^
[HKCR\CLSID\{8512875A-816B-4F4C-AD72-FA1C52B76ABD}] (OpcMp4Player Class) =>PUP.Sogou^
~ Additionnel Scan: 399032 Items scanned in 02mn 12s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 4 Legitimates Filtered in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://www.nicolascoolman.fr/blog/ =>PUP.BreakingNewsAlert
http://www.nicolascoolman.fr/blog/ =>PUP.ContinueLiveInstallation
http://nicolascoolman.fr/adware-downware =>Adware.Downware
http://www.nicolascoolman.fr/blog/ =>PUP.CrossBrowser
http://www.nicolascoolman.fr/blog/ =>PUP.Infonaut
http://nicolascoolman.fr/pup-certifiedtoolbar =>PUP.CertifiedToolbar
http://nicolascoolman.fr/pup-bearshare =>PUP.BearShare
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/pup-tarma =>PUP.Tarma
http://nicolascoolman.fr/pup-luart =>PUP.LuaRT
http://nicolascoolman.fr/adware-boxore =>Adware.Boxore
http://nicolascoolman.fr/pup-sogou =>PUP.Sogou
http://nicolascoolman.fr/pup-dealio =>PUP.Dealio
http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask
http://nicolascoolman.fr/pup-sweetim =>PUP.SweetIM
~ MSI: 15 link(s) detected in 00mn 00s



~ 1496 Legitimates filtered by white list
End of the scan (858 lines in 03mn 20s)(0.8)

Publicité


Signaler le contenu de ce document

Publicité