~ Rapport de ZHPDiag v2014.1.25.26 - Nicolas Coolman  (25/01/2014)
~ Lancé par Teloü (06/02/2014 11:11:08)
~ Adresse du Site Web  http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version : 
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16476
MFIE: Mozilla Firefox v3.6.28 (fr)
GCIE: Google Chrome v32.0.1700.107 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v7.0.1474.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v4.03 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 10 Plugin
Adobe Reader 9.2 MUI
Java 7 Update 9

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4090 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 167 GB (58%) free of 285 GB

---\\ Mode de connexion au système
~ Computer Name: TELOÜ-PC
~ User Name: Teloü
~ All Users Names: Teloü, HomeGroupUser$, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Teloü\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Teloü\AppData\Roaming\
~ %Desktop% : C:\Users\Teloü\Desktop\
~ %Favorites% : C:\Users\Teloü\Favorites\
~ %LocalAppData% : C:\Users\Teloü\AppData\Local\
~ %StartMenu% : C:\Users\Teloü\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 167 Go of 285 Go)
D: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 49 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/11/2013 - 08:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/2236
~ Mes musiques (My Musics) : 1/102
~ Mes Videos (My Videos) : 2/6
~ Mes Favoris (My Favorites) : 1/2
~ Mes Documents (My Documents) : 1/8
~ Mon Bureau (My Desktop) : 1/8075
~ Menu demarrer (Programs) : 1/27
~ Hidden Files:  Scanned in 00mn 08s



---\\ Processus lancés
[MD5.44E5B5DC6A27EA109B8A234E640BB5FD] - (...) -- C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe   [3780064] [PID.1896]  =>PUP.BitGuard
[MD5.5AF1E9600E3FF841E522703A4993ED0C] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe   [186904] [PID.632]
[MD5.EAEB34D06AC35097031B0F11595012D7] - (.Egis Technology Inc. - MyWinLocker.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe   [349480] [PID.3216]
[MD5.2F2DF068BED6E62E4C007DF7446B4F19] - (.Pas de propriétaire - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe   [200704] [PID.3564]
[MD5.31EBC020D9B2D6239E2AF90BD48B6E60] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe   [20587680] [PID.4232]
[MD5.EA5B870671079786F335AC7C10846C4F] - (.Adobe Systems Incorporated - AAM Updates Notifier Application.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe   [295584] [PID.4392]
[MD5.90D787A2DF45B1E82C276DFD1A91AE61] - (...) -- C:\Users\Teloü\AppData\Roaming\cacaoweb\cacaoweb.exe   [471552] [PID.4400]  =>PUP.CacaoWeb
[MD5.82BB994BBF6147E543D3534C7C99A72B] - (.Nikon Corporation - Nikon Transfer Monitor.) -- C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe   [479232] [PID.4444]
[MD5.4EDB929F6875F60B95FD475016FF2228] - (.NewTech Infosystems, Inc. - Acer Backup Manager.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe   [261888] [PID.4560]
[MD5.EF533F9D1E4F51C783D4349A7C3F518F] - (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe   [199464] [PID.4604]
[MD5.ABC2C67DFD48930F846934B907C3D606] - (.OpenOffice.org - OpenOffice.org 3.2.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe   [7424000] [PID.4620]
[MD5.15D982E21248E9BE337D9B40247AF30E] - (.OpenOffice.org - OpenOffice.org 3.2.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin   [7418368] [PID.4732]
[MD5.5640B4C10682FBC39C86C8C7A8392B5E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [866632] [PID.5404]
[MD5.C7A9C4FDCEA704A34A5997FE0A8A0A38] - (.Dritek System Inc. - Launch Manager Keyboard Application.) -- C:\Program Files (x86)\Launch Manager\LManager.exe   [1194504] [PID.5680]
[MD5.68A553BDFA855C4F1074696682FCDEB6] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe   [141600] [PID.5672]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe   [932288] [PID.5852]
[MD5.63E7360560644692AEAE515AF834CF83] - (.Ulead Systems, Inc. - AutoDetector.) -- C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe   [90112] [PID.4444]
[MD5.083649EF692A066880C9326020915AFE] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe   [4297136] [PID.3716]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [252848] [PID.1696]
[MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8339968] [PID.5644]
[MD5.8FA553E9AE69808D99C164733A0F9590] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe   [44808] [PID.1424]
[MD5.4B5AE15E5C73EB4DC8DBEC2788230D41] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe   [144672] [PID.1780]
[MD5.3F56903E124E820AEECE6D471583C6C1] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe   [238888] [PID.1936]
[MD5.CA52AB39FC6EB75C519C77CE07104C6F] - (.Pas de propriétaire - Updater.) -- C:\ProgramData\Premium\ContinueToSave\ContinueToSave.exe   [233472] [PID.1348]  =>PUP.Offerware
[MD5.465680BDE344CE4FF6646626AA3A9125] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe   [223112] [PID.2208]
[MD5.816FD5A6F3C2F3D600900096632FC60E] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe   [1150496] [PID.2328]
[MD5.0F5FAAC852DB4C340B7A2F187E3358B8] - (.Egis Technology Inc. - MyWinLocker Service.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe   [311592] [PID.2528]
[MD5.70E3EB0CEF795D348F05E5A9B115F491] - (.NewTech Infosystems, Inc. - Backup Manager Module.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe   [62720] [PID.2824]
[MD5.3F6268A2EC33CD38CF75C880AF8DED42] - (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe   [144640] [PID.2900]
[MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe   [3064000] [PID.3020]
[MD5.70DDE3A86DBEB1D6C3C30AD687B1877A] - (.Acer - Acer Update Service.) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe   [240160] [PID.1740]
[MD5.7548066DF68A8A1A56B043359F915F37] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe   [354840] [PID.2688]
~ Processes Running:  Scanned in 00mn 03s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [dlnembnfbcpjnepmfjmngjenhhajpdfd] Web Assistant v.2.0.0.572, (Activé) =>Adware.IncrediBar
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [icmlaeflemplmjndnaapfdbbnpncnbda] avast! WebRep v.7.0.1474, (Désactivé)
G2 - GCE: Preference [User Data\Default] [jpmbfleldcgkldadpdinhjjopdfpjfjp] Wajam v.1.34 (Désactivé) =>PUP.Wajam
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call v.6.3.0.11079 (Désactivé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.0 (Activé)
G2 - GCE: Preference [User Data\Default] [ogccgbmabaphcakpiclgcnmcnimhokcj] SweetPacks Chrome Extension v.1.4.0.4 (Désactivé) =>PUP.SweetIM
G2 - GCE: Preference [User Data\Default] [panidppaghojieggpioojcdhmcfdhcdg] continuetosave v.3.9 (Désactivé) =>PUP.OfferWare
~ Google Browser: 15 Scanned in 00mn 02s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\Teloü\AppData\Roaming\Mozilla\Firefox\Profiles\njwswb7h.default\prefs.js
C:\Users\Teloü\AppData\Roaming\Mozilla\Firefox\Profiles\njwswb7h.default\user.js
M3 - MFPP: Plugins - [Teloü] -- C:\Users\Teloü\AppData\Roaming\Mozilla\Firefox\Profiles\njwswb7h.default\searchplugins\babylon1.xml =>PUP.Babylon
M3 - MFPP: Plugins - [Teloü] -- C:\Users\Teloü\AppData\Roaming\Mozilla\Firefox\Profiles\njwswb7h.default\searchplugins\durable.xml
M3 - MFPP: Plugins - [Teloü] -- C:\Users\Teloü\AppData\Roaming\Mozilla\Firefox\Profiles\njwswb7h.default\searchplugins\MyStart Search.xml =>Spyware.VMNToolbar
M3 - MFPP: Plugins - [Teloü] -- C:\Users\Teloü\AppData\Roaming\Mozilla\Firefox\Profiles\njwswb7h.default\searchplugins\WebSearch.xml
M3 - MFPP: Plugins - [Teloü] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Teloü] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>PUP.Babylon
M3 - MFPP: Plugins - [Teloü] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Teloü] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml =>Toolbar.eBay
M3 - MFPP: Plugins - [Teloü] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Teloü] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Teloü] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Teloü - njwswb7h.default] http://websearch.soft-quick.info =>Hijacker.SoftQuick
M2 - MFEP: prefs.js [Teloü - njwswb7h.default\50584f0b80f32@50584f0b80f69.com] [] ADDICT-THING v3.2 (..) =>Adware.JustPlugIt
M2 - MFEP: prefs.js [Teloü - njwswb7h.default\50e594fd435cd@50e594fd435f9.com] [] continuetosave v3.9 (..) =>PUP.OfferWare
M2 - MFEP: prefs.js [Teloü - njwswb7h.default\cacaoweb@cacaoweb.org] [] cacaoweb v1.0.33 (..) =>PUP.CacaoWeb
M2 - MFEP: prefs.js [Teloü - njwswb7h.default\ffxtlbr@delta.com] [] Delta Toolbar v1.5.0 (..) =>Toolbar.DeltaSearch
M2 - MFEP: prefs.js [Teloü - njwswb7h.default\toolbar@waltershop.com] [] WalterShop v1.0 (..)
M2 - MFEP: prefs.js [Teloü - njwswb7h.default\{f9d03c26-0575-497e-821d-f7956d23e0ca}] [] BonanzaDeals v3.0 (..) =>Adware.BonanzaDeals
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com # win64 # 6.5.0.3.) -- C:\Program Files\ma-config.com\x64\nphardwaredetection.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
P2 - FPN: [HKCU] [@facebook.com/FBPlugin,version=1.0.3] - (.Pas de propriétaire - Provides additional functionality on Facebook. See <a href="http://www.) -- C:\Users\Teloü\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll  =>.Facebook
~ Firefox Browser: 37 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.durable.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.durable.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.durable.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.durable.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.durable.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.16428 (winblue_gdr.131013-1700)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 22 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Web Assistant Helper [64Bits] - {336D0C35-8A85-403a-B9D2-65C292C39087} . (...) -- C:\Program Files\Web Assistant\Extension32.dll =>Adware.IncrediBar
O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll =>Trojan.FindFDSearch
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: continuetosave [64Bits] - {EB6C84A6-CEC2-8A8C-D4EE-8E5D09D1375E} . (...) -- C:\ProgramData\continuetosave\50e594fd43750.dll =>PUP.OfferWare
O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
~ BHO: 15 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.)  -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe 
O4 - GS\Program [Public]: Acrobat.com.lnk . (...)  -- C:\Program Files (x86)\Adobe\Acrobat.com\Acrobat.com.exe
O4 - GS\Program [Public]: Adobe Bridge CS5.1.lnk . (.Adobe Systems, Inc. - Adobe Bridge CS5.1.)  -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe  =>.Adobe Systems Incorporated
O4 - GS\Program [Public]: Adobe Bridge CS6 (64bit).lnk . (.Adobe Systems, Inc. - Adobe Bridge CS6.)  -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe  =>.Adobe Systems Incorporated
O4 - GS\Program [Public]: Adobe Device Central CS5.5.lnk . (.Adobe Systems Inc. - Adobe Device Central CS5.5.)  -- C:\Program Files (x86)\Adobe\Adobe Device Central CS5.5\DeviceCentral.exe  =>.Adobe Systems Incorporated
O4 - GS\Program [Public]: Adobe ExtendScript Toolkit CS5.5.lnk . (.Adobe Systems Incorporated - ExtendScript Toolkit CS5.5 and Debugger (32.)  -- C:\Program Files (x86)\Adobe\Adobe Utilities - CS5.5\ExtendScript Toolkit CS5.5\ExtendScript Toolkit.exe  =>.Adobe Systems Incorporated
O4 - GS\Program [Public]: Adobe ExtendScript Toolkit CS6.lnk . (.Adobe Systems Incorporated - ExtendScript Toolkit CS6 and Debugger (32 b.)  -- C:\Program Files (x86)\Adobe\Adobe Utilities - CS6\ExtendScript Toolkit CS6\ExtendScript Toolkit.exe  =>.Adobe Systems Incorporated
O4 - GS\Program [Public]: Adobe Extension Manager CS5.5.lnk . (.Adobe Systems Incorporated - Adobe Extension Manager CS5.5.)  -- C:\Program Files (x86)\Adobe\Adobe Extension Manager CS5.5\Adobe Extension Manager CS5.5.exe 
O4 - GS\Program [Public]: Adobe Extension Manager CS6.lnk . (.Adobe Systems Incorporated - Adobe Extension Manager CS6.)  -- C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Adobe Extension Manager CS6.exe 
O4 - GS\Program [Public]: Adobe Help.lnk . (...)  -- C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe
O4 - GS\Program [Public]: Adobe Illustrator CS5.1.lnk . (.Adobe Systems Inc. - Adobe Illustrator CS5.1.)  -- C:\Program Files (x86)\Adobe\Adobe Illustrator CS5.1\Support Files\Contents\Windows\Illustrator.exe  =>.Adobe Systems Incorporated
O4 - GS\Program [Public]: Adobe Photoshop CS6 (64 Bit).lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS6.)  -- C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe  =>.Adobe Systems Incorporated
O4 - GS\Program [Public]: Adobe Reader 9.lnk . (...)  -- C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\SC_Reader.ico 
O4 - GS\Program [Public]: Apple Software Update.lnk . (...)  -- C:\Windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe  =>.Apple Inc
O4 - GS\Program [Public]: Lanceur de tâches Microsoft Works.lnk . (.Microsoft® Corporation - Microsoft® Works.)  -- C:\Program Files (x86)\Microsoft Works\MSWorks.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.)  -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets du Bureau Windows.)  -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Visionneuse Microsoft Office PowerPoint 2007.lnk . (...)  -- c:\Windows\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Interface utilisateur de Mise à niveau expr.)  -- C:\Windows\system32\WindowsAnytimeUpgradeUI.exe 
O4 - GS\Program [Public]: Windows DVD Maker.lnk . (...)  -- C:\Program Files (x86)\DVD Maker\DVDMaker.exe (.not file.)
O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft  Windows Fax and Scan.)  -- C:\Windows\system32\WFS.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.)  -- C:\Program Files (x86)\Windows Live\Mail\wlmail.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Movie Maker.lnk . (.Microsoft Corporation - Windows Live Movie Maker.)  -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Photo Gallery.lnk . (.Microsoft Corporation - Windows Live Photo Gallery.)  -- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.)  -- C:\Windows\system32\xpsrchvw.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.)  -- C:\Windows\system32\calc.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.)  -- C:\Windows\system32\displayswitch.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Accessoire du panneau de saisie mathématiqu.)  -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.)  -- C:\Windows\system32\mblctr.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.)  -- C:\Windows\system32\mspaint.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.)  -- C:\Windows\system32\mstsc.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.)  -- C:\Windows\system32\SnippingTool.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.)  -- C:\Windows\system32\SoundRecorder.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.)  -- C:\Windows\system32\StikyNot.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.)  -- C:\Windows\System32\mobsync.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Mise en route.)  -- C:\Windows\system32\OobeFldr.dll  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.)  -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.)  -- C:\Windows\system32\charmap.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.)  -- C:\Windows\system32\dfrgui.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.)  -- C:\Windows\system32\cleanmgr.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.)  -- C:\Windows\system32\perfmon.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.)  -- C:\Windows\system32\msinfo32.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.)  -- C:\Windows\system32\rstrui.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...)  -- C:\Windows\system32\taskschd.msc
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.)  -- C:\Windows\system32\migwiz\postmig.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et paramè.)  -- C:\Windows\system32\migwiz\migwiz.exe  =>.Microsoft Corporation
O4 - GS\QuickLaunch [Teloü]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
O4 - GS\QuickLaunch [Teloü]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\QuickLaunch [Teloü]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
O4 - GS\TaskBar [Teloü]: Adobe Illustrator CS5.1.lnk . (.Adobe Systems Inc. - Adobe Illustrator CS5.1.)  -- C:\Program Files (x86)\Adobe\Adobe Illustrator CS5.1\Support Files\Contents\Windows\Illustrator.exe  =>.Adobe Systems Incorporated
O4 - GS\TaskBar [Teloü]: Adobe Photoshop CS6 (64 Bit) (2).lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS6.)  -- C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe  =>.Adobe Systems Incorporated
O4 - GS\TaskBar [Teloü]: Adobe Photoshop CS6 (64 Bit).lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS6.)  -- C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe  =>.Adobe Systems Incorporated
O4 - GS\TaskBar [Teloü]: Adobe Reader 9.lnk . (...)  -- C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\SC_Reader.ico 
O4 - GS\TaskBar [Teloü]: avast! Free Antivirus.lnk . (.AVAST Software - avast! Antivirus.)  -- C:\Program Files\AVAST Software\Avast\AvastUI.exe 
O4 - GS\TaskBar [Teloü]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
O4 - GS\TaskBar [Teloü]: Google Earth.lnk . (.Google - Google Earth.)  -- C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe  =>.Google Inc
O4 - GS\TaskBar [Teloü]: PhotoImpact 12.lnk . (.Ulead Systems, Inc. - PhotoImpact Launcher.)  -- C:\Program Files (x86)\Ulead Systems\Ulead PhotoImpact 12\Iedit.exe 
O4 - GS\TaskBar [Teloü]: quake3 - Raccourci.lnk . (...)  -- C:\Program Files (x86)\Quake 3\Quake3\quake3.exe
O4 - GS\TaskBar [Teloü]: VLC media player.lnk . (.VideoLAN - VLC media player 2.0.5.)  -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe  =>.VideoLAN
O4 - GS\TaskBar [Teloü]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O4 - GS\Program [Teloü]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\Program [Teloü]: Spotify.lnk . (.Spotify Ltd - Spotify.)  -- C:\Program Files (x86)\Spotify\spotify.exe 
O4 - GS\Accessories [Teloü]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.)  -- C:\Windows\system32\cmd.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Teloü]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.)  -- C:\Windows\system32\notepad.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Teloü]: Run.lnk - Clé orpheline
O4 - GS\Accessories [Teloü]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Teloü]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\SystemTools [Teloü]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.)  -- C:\Windows\system32\eudcedit.exe  =>.Microsoft Corporation
O4 - GS\SendTo [Teloü]: Skype.lnk . (.Skype Technologies S.A. - Skype.)  -- C:\Program Files (x86)\Skype\Phone\Skype.exe  =>.Skype Technologies S.A.
O4 - GS\Desktop [Teloü]: E-Anim.lnk . (...)  -- C:\Program Files (x86)\e-anim-edidget\!run.bat 
O4 - GS\Desktop [Teloü]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.)  -- C:\Windows\system32\notepad.exe  =>.Microsoft Corporation
O4 - GS\Desktop [Teloü]: UsbFix.lnk . (...)  -- C:\UsbFix\UsbFix.exe
O4 - GS\Desktop [Teloü]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.)  -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe  =>.Nicolas Coolman
O4 - GS\Desktop [Teloü]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.)  -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe  =>.Nicolas Coolman
~ Global Startup: 77 Scanned in 00mn 03s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: Nikon Monitor.lnk . (.Nikon Corporation - Nikon Transfer Monitor.)  -- C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe 
O4 - GS\Startup [Teloü]: OpenOffice.org 3.2.lnk . (...)  -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe 
O4 - HKLM\..\Run: [mwlDaemon] . (.Egis Technology Inc. - MyWinLocker.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe 
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) 
O4 - HKLM\..\Run: [PLFSetI] . (.Pas de propriétaire - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe 
O4 - HKLM\..\Run: [Acer ePower Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe 
O4 - HKLM\..\Run: [MacroKeyManager] . (.Pas de propriétaire - Macro Key Manager MFC Application.) -- C:\Windows\System32\WTMKM.exe 
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe  =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe  =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe  =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [cacaoweb] . (...) -- C:\Users\Teloü\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O4 - HKCU\..\Run: [AdobeBridge] Clé orpheline 
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe 
O4 - HKLM\..\Wow6432Node\Run: [NortonOnlineBackupReminder] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe  =>.Symantec Corporation
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NewTech Infosystems, Inc. - Acer Backup Manager.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe 
O4 - HKLM\..\Wow6432Node\Run: [EgisTecLiveUpdate] . (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe 
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe  =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager Keyboard Application.) -- C:\Program Files (x86)\Launch Manager\LManager.exe 
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe 
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe 
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe  =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Ulead AutoDetector v2] . (.Ulead Systems, Inc. - AutoDetector.) -- C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe 
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe 
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe 
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe  =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5.5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5.5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe 
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3257031791-4191643407-3681858138-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-3257031791-4191643407-3681858138-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe  =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-3257031791-4191643407-3681858138-1000\..\Run: [cacaoweb] . (...) -- C:\Users\Teloü\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O4 - HKUS\S-1-5-21-3257031791-4191643407-3681858138-1000\..\Run: [AdobeBridge] Clé orpheline 
~ Application:  Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 8 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{28423985-57F0-4E53-9CF0-5590080A1F4D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{28423985-57F0-4E53-9CF0-5590080A1F4D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{28423985-57F0-4E53-9CF0-5590080A1F4D}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- 
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll (.not file.) =>PUP.BitGuard
~ AppInit DLL:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.LSI Corporation - LSI Soft Modem Call Progress Service.) - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service:  (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BitGuard (BitGuard) . (...) - C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe =>PUP.BitGuard
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Acer ePower Service (ePowerSvc) . (.Acer Incorporated - ePowerSvc.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: GRegService (Greg_Service) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  =>.Google Inc
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: MyWinLocker Service (MWLService) . (.Egis Technology Inc. - MyWinLocker Service.) - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
O23 - Service: NTI IScheduleSvc (NTI IScheduleSvc) . (.NewTech Infosystems, Inc. - Backup Manager Module.) - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) . (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Skype C2C Service (Skype C2C Service) . (.Skype Technologies S.A. - Skype C2C Service.) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Updater Service (Updater Service) . (.Acer - Acer Update Service.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Web Assistant Updater (Web Assistant Updater) . (...) - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe (.not file.) =>Adware.IncrediBar
O23 - Service: WTService (WTService) . (.Pas de propriétaire - User Mode Tablet Driver.) - C:\Windows\System32\atwtusb.exe
~ Services: 17 Scanned in 00mn 50s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\AffiliatedUpdate.job   [294]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\ContinueToSaveUpdaterTask{6A1B1C8B-60C4-4A79-B4E2-34EBEB088A76}.job   [418] =>PUP.Offerware
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job   [1066]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1070]
[MD5.1315C5C5C54CE2AA37A155F97027DB59] [APT] [AdobeAAMUpdater-1.0-Telo-PC-Telo] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe   [446392]
[MD5.AD87889DEB640F16F30029CD6A632BBF] [APT] [AffiliatedUpdate] (...) -- C:\Users\Teloü\AppData\Roaming\AFFILI~1\UPDATE~1\UPDATE~1.exe   [100864]
[MD5.7F19838AC317C34FCED020BE529AF71E] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe   [247224]
[MD5.00000000000000000000000000000000] [APT] [BonanzaDealsUpdate] (...) -- C:\Program Files (x86)\BonanzaDeals\BonanzaDealsUpdate.exe (.not file.)   [0]  =>Adware.BonanzaDeals
[MD5.4999625054FFA2AFFCAFD085C1218307] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe   [3611416]  =>Piriform Ltd
[MD5.CA52AB39FC6EB75C519C77CE07104C6F] [APT] [ContinueToSaveUpdaterTask{6A1B1C8B-60C4-4A79-B4E2-34EBEB088A76}] (...) -- C:\ProgramData\Premium\ContinueToSave\ContinueToSave.exe   [233472]  =>PUP.Offerware
[MD5.F64487396AB10165DC80BC15CF854D31] [APT] [EPUpdater] (...) -- C:\Users\Teloü\AppData\Roaming\BabSolution\Shared\BabMaint.exe   [10320]  =>Hijacker.BabSolution
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [135664]
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [135664]
[MD5.00000000000000000000000000000000] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe (.not file.)   [0]  =>Toolbar.Ask
[MD5.FDE12AEFA1F42D8465B6E161AA08540D] [APT] [SpyHunter4Startup] (.Enigma Software Group USA, LLC..) -- C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe   [7357888]  =>Crapware.SpyHunter
[MD5.00000000000000000000000000000000] [APT] [{C4CA6B2D-A45F-4FDE-9A80-3F290C30C7E4}] (...) -- C:\Users\Teloü\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{D6099E94-9098-4580-877A-CFE2A363AA26}] (...) -- C:\Users\Teloü\Downloads\Fable The Lost Chapters\directx9\DXSETUP.exe (.not file.)   [0]
[MD5.7B43567B4C32AD7ADED537CD3B1342B9] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe   [566592]
[MD5.7F59E4F51DA9C9C6B29B881D8DD92400] [APT] [Burn Notification] (.Acer.) -- C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe   [675840]
~ Scheduled Task: 22 Scanned in 00mn 06s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll  =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe  =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe  =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\Drivers\aswrdr2.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver:  (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver:  (mwlPSDFilter) . (.Egis Technology Inc. - PSD Filter Driver.) - C:\Windows\System32\DRIVERS\mwlPSDFilter.sys
O41 - Driver:  (mwlPSDNServ) . (.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) - C:\Windows\System32\DRIVERS\mwlPSDNServ.sys
O41 - Driver:  (mwlPSDVDisk) . (.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) - C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver:  (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver:  (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 72 Scanned in 00mn 01s



---\\ Logiciels installés (O42)
O42 - Logiciel: ATI AVIVO64 Codecs - (.ATI Technologies Inc..) [HKLM][64Bits] -- {43239902-03DF-A165-7EF6-6A49DE4F8EF1}
O42 - Logiciel: Acer Backup Manager - (.NewTech Infosystems.) [HKLM][64Bits] -- InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}
O42 - Logiciel: Acer Crystal Eye Webcam - (.Suyin Optronics Corp.) [HKLM][64Bits] -- {7760D94E-B1B5-40A0-9AA0-ABF942108755}
O42 - Logiciel: Acer GameZone Console - (.Oberon Media, Inc..) [HKLM][64Bits] -- {8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1
O42 - Logiciel: Acer GridVista - (.Acer Inc..) [HKLM][64Bits] -- GridVista
O42 - Logiciel: Acer Registration - (.Acer Incorporated.) [HKLM][64Bits] -- Acer Registration
O42 - Logiciel: Acer ScreenSaver - (.Acer Incorporated.) [HKLM][64Bits] -- Acer Screensaver
O42 - Logiciel: Acer Updater - (.Acer Incorporated.) [HKLM][64Bits] -- {EE171732-BEB4-4576-887D-CB62727F01CA}
O42 - Logiciel: Acer ePower Management - (.Acer Incorporated.) [HKLM][64Bits] -- {3DB0448D-AD82-4923-B305-D001E521A964}
O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM][64Bits] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated..) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated..) [HKLM][64Bits] -- {3521BDBD-D453-5D9F-AA55-44B75D214629}
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Illustrator CS5.1 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {23767F5D-A80C-4264-B8EA-ED4085FC332A}  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Photoshop CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Reader 9.2 MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-A91000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {3FA365DF-2D68-45ED-8F83-8C8A33E65143}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {9EFC40E3-5F31-4F75-8445-286273F74D8E}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}  =>.Apple Inc
O42 - Logiciel: ArcSoft Panorama Maker 4 - (.ArcSoft.) [HKLM][64Bits] -- {D45E8C45-B601-4A80-AFD8-E16338744DE1}
O42 - Logiciel: Backup Manager Basic - (.NewTech Infosystems.) [HKLM][64Bits] -- {72B776E5-4530-4C4B-9453-751DF87D9D93}
O42 - Logiciel: BitGuard - (.MediaTechSoft Inc..) [HKLM][64Bits] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} =>PUP.BitGuard
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}
O42 - Logiciel: Broadcom Gigabit NetLink Controller - (.Broadcom Corporation.) [HKLM][64Bits] -- {96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>Piriform Ltd
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM][64Bits] -- {34A0D249-747E-4D6C-803D-329C120C6B79}
O42 - Logiciel: ContinueToSave - (...) [HKLM][64Bits] -- {84747EAB-1AB8-4640-A4AB-529A5F975C5D} =>PUP.OfferWare
O42 - Logiciel: CoolYou Gadget - (.CoolYou Gadget.) [HKLM][64Bits] -- {55E8A9F6-9C59-4427-AE52-3A1A7C44414D} =>Adware.JustPlugIt
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Dairy Dash - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}
O42 - Logiciel: Delta Chrome Toolbar - (.Visual Tools.) [HKLM][64Bits] -- Delta Chrome Toolbar =>Toolbar.DeltaSearch
O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}
O42 - Logiciel: E-anim+Edidget 10.02.086 - (...) [HKCU][64Bits] -- E-anim+Edidget 10.02.086
O42 - Logiciel: Extended Update - (...) [HKCU][64Bits] -- AffiliatedUpdate =>PUP.Dealply
O42 - Logiciel: Fable - The Lost Chapters - (.Microsoft Game Studios.) [HKLM][64Bits] -- InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}
O42 - Logiciel: Facebook Plug-In - (.Facebook, Inc..) [HKCU][64Bits] -- Facebook Plug-In
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>Toolbar.Google
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}
O42 - Logiciel: Identity Card - (.Acer Incorporated.) [HKLM][64Bits] -- Identity Card
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM][64Bits] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java 7 Update 9 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217009FF}
O42 - Logiciel: Java(TM) 6 Update 18 - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216018FF}
O42 - Logiciel: JavaFX 2.1.1 - (.Oracle Corporation.) [HKLM][64Bits] -- {1111706F-666A-4037-7777-211328764D10}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: LSI HDA Modem - (.LSI Corporation.) [HKLM][64Bits] -- LSI Soft Modem
O42 - Logiciel: Launch Manager - (.Acer Inc..) [HKLM][64Bits] -- LManager
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Ma-Config.com (64 bits) - (.Cybelsoft.) [HKLM][64Bits] -- {602C9E30-F838-4AD2-8DC2-265C192D4AAC}
O42 - Logiciel: MacroKey Manager - (...) [HKLM][64Bits] -- InstallShield_{66A4349A-AA55-43E5-A781-62867A701A90}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Merriam Websters Spell Jam - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}
O42 - Logiciel: Mozilla Firefox (3.6.28) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox (3.6.28)
O42 - Logiciel: MyWinLocker - (.Egis Technology Inc..) [HKLM][64Bits] -- {68301905-2DEA-41CE-A4D4-E8B443B099BA}
O42 - Logiciel: NTI Backup Now 5 - (.NewTech Infosystems.) [HKLM][64Bits] -- InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}
O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM][64Bits] -- InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}
O42 - Logiciel: Nikon Message Center - (.Nikon.) [HKLM][64Bits] -- {D2FCC1AE-6311-47C5-8130-C6C66D77DD71}
O42 - Logiciel: Nikon Transfer - (.Nikon.) [HKLM][64Bits] -- {E9757890-7EC5-46C8-99AB-B00F07B6525C}
O42 - Logiciel: Norton Online Backup - (.Symantec.) [HKLM][64Bits] -- {C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}  =>.Symantec Corporation
O42 - Logiciel: OpenOffice.org 3.2 - (.OpenOffice.org.) [HKLM][64Bits] -- {6ADD0603-16EF-400D-9F9E-486432835002}
O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392}
O42 - Logiciel: PDF Settings CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: Search Assistant SoftQuick 1.66 - (...) [HKLM][64Bits] -- SP_a8235b05 =>Hijacker.SoftQuick
O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM][64Bits] -- {B6CF2967-C81E-40C0-9815-C05774FEF120}
O42 - Logiciel: Skype™ 6.11 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: Spotify - (...) [HKLM][64Bits] -- Spotify
O42 - Logiciel: SpyHunter - (.Enigma Software Group USA, LLC.) [HKLM][64Bits] -- {83B952C7-F8F3-4CA3-B4C5-33C85B24E478} =>Crapware.SpyHunter
O42 - Logiciel: Star Defender 4 - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: Ulead PhotoImpact 12 - (.Ulead System.) [HKLM][64Bits] -- {11AFE21E-B193-430D-B57A-DFF7815BB962}
O42 - Logiciel: VLC media player 2.0.5 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player  =>.VideoLAN
O42 - Logiciel: WalterShop - (.Durable.com.) [HKLM][64Bits] -- WalterShop
O42 - Logiciel: Web Assistant 2.0.0.572 - (.IncrediBar.) [HKLM][64Bits] -- {336D0C35-8A85-403a-B9D2-65C292C39087}_is1 =>Adware.IncrediBar
O42 - Logiciel: WebPlayerV2 - (.Kreapixel.) [HKLM][64Bits] -- {77236F9C-987C-40EC-832B-5BD6181E4846} =>Adware.SocialSkinz
O42 - Logiciel: Welcome Center - (.Acer Incorporated.) [HKLM][64Bits] -- Acer Welcome Center
O42 - Logiciel: avast! Free Antivirus v7.0.1474.0 - (.AVAST Software.) [HKLM][64Bits] -- avast
O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM][64Bits] -- {AAF89271-2594-468D-B578-96B2E30C41C4} =>Toolbar.eBay
O42 - Logiciel: eSobi v2 - (.esobi Inc..) [HKLM][64Bits] -- InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {C9C243B9-03BD-44BA-A592-AB09630AE2D2}
O42 - Logiciel: metaCrawler - (.metaCrawler.) [HKLM][64Bits] -- metaCrawler
~ Logic: 59 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ATI]
[HKCU\Software\AVAST Software]
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\CDDB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\Database]
[HKCU\Software\Delta]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\IM]
[HKCU\Software\ImInstaller]
[HKCU\Software\IncrediMail]
[HKCU\Software\JavaSoft]
[HKCU\Software\Licenses]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\NewTech Infosystems]
[HKCU\Software\Nikon]
[HKCU\Software\ODBC]
[HKCU\Software\OEM]
[HKCU\Software\Oberon Media]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RtkPCEE3sMsg]
[HKCU\Software\Skype]
[HKCU\Software\Sonix]
[HKCU\Software\Spotify]
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\Synaptics]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\Ulead Systems]
[HKCU\Software\Usbfix]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\Wistron]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKCU\Software\cybelsoft]
[HKCU\Software\f0dfdeb239e413]  =>PUP.BitGuard
[HKCU\Software\metacrawler]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Acer]
[HKLM\Software\Adobe]
[HKLM\Software\Agere]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\EgisTec]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\IB Updater] =>Adware.InstallBrain
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Knowles]
[HKLM\Software\LSI]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\OemSetup]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\Waves Audio]
[HKLM\Software\Web Assistant] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Acer Incorporated]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\America Online]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\ArcSoft]
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Bunndle]
[HKLM\Software\Wow6432Node\Canon]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Debug]
[HKLM\Software\Wow6432Node\Delta]
[HKLM\Software\Wow6432Node\Digital River]
[HKLM\Software\Wow6432Node\Documentation]
[HKLM\Software\Wow6432Node\EgisTec Egis Software Update]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfeeInstaller]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\NewTech Infosystems]
[HKLM\Software\Wow6432Node\Nikon]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\Oberon Media]
[HKLM\Software\Wow6432Node\OpenOffice.org]
[HKLM\Software\Wow6432Node\Oracle]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\SP Global] =>PUP.AdvancedSystemProtector
[HKLM\Software\Wow6432Node\SProtector] =>PUP.Mocaflix
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\Sun Microsystems]
[HKLM\Software\Wow6432Node\Suyin Optronics Corp]
[HKLM\Software\Wow6432Node\Systweak]
[HKLM\Software\Wow6432Node\Ulead Systems]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\Web Assistant] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Wistron]
[HKLM\Software\Wow6432Node\cybelsoft]
[HKLM\Software\Wow6432Node\f0dfdeb239e413]  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\mcafeeupdater]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node\nSplitter]
[HKLM\Software\Wow6432Node]
[HKLM\Software\cybelsoft]
[HKLM\Software\nSplitter]
~ Key Software: 319 Scanned in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/10/2009 - 05:18:59 - [30,374] ----D C:\Program Files (x86)\Acer
O43 - CFD: 16/07/2013 - 21:24:28 - [653,525] ----D C:\Program Files (x86)\Acer GameZone
O43 - CFD: 22/08/2009 - 06:40:05 - [4,377] ----D C:\Program Files (x86)\Acer Inc
O43 - CFD: 09/12/2013 - 15:13:49 - [1571,896] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 25/12/2009 - 12:46:30 - [2,118] ----D C:\Program Files (x86)\Apple Software Update  =>.Apple Inc
O43 - CFD: 29/05/2010 - 17:17:01 - [14,502] ----D C:\Program Files (x86)\ArcSoft
O43 - CFD: 24/10/2009 - 05:16:33 - [76,849] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 25/12/2009 - 12:47:07 - [0,234] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 09/12/2013 - 12:28:05 - [1107,061] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 28/02/2013 - 13:41:47 - [0,373] ----D C:\Program Files (x86)\ContinueToSave =>PUP.OfferWare
O43 - CFD: 29/09/2013 - 09:57:44 - [0] ----D C:\Program Files (x86)\Delta
O43 - CFD: 18/12/2013 - 14:51:28 - [953,621] ----D C:\Program Files (x86)\e-anim-edidget
O43 - CFD: 22/08/2009 - 09:56:32 - [44,513] ----D C:\Program Files (x86)\EgisTec
O43 - CFD: 22/08/2009 - 09:56:41 - [1,605] ----D C:\Program Files (x86)\EgisTec Egis Software Update
O43 - CFD: 22/08/2009 - 06:24:13 - [20,905] ----D C:\Program Files (x86)\eSobi
O43 - CFD: 06/02/2014 - 10:54:58 - [0] ----D C:\Program Files (x86)\FLV Player
O43 - CFD: 11/12/2013 - 21:08:02 - [698,520] ----D C:\Program Files (x86)\Google
O43 - CFD: 12/07/2013 - 14:19:49 - [89,594] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 22/08/2009 - 06:15:50 - [10,568] ----D C:\Program Files (x86)\Intel
O43 - CFD: 11/12/2013 - 16:45:57 - [10,749] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 25/12/2009 - 12:48:11 - [105,713] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 12/12/2012 - 19:09:41 - [207,303] ----D C:\Program Files (x86)\Java
O43 - CFD: 26/02/2010 - 22:57:54 - [15,502] ----D C:\Program Files (x86)\JRE
O43 - CFD: 24/10/2009 - 05:18:48 - [4,499] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 03/01/2013 - 16:05:31 - [0,001] ----D C:\Program Files (x86)\ma-config.com
O43 - CFD: 06/02/2014 - 08:41:03 - [13,265] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 09/11/2013 - 16:26:54 - [1,182] ----D C:\Program Files (x86)\metaCrawler
O43 - CFD: 05/09/2012 - 23:16:55 - [-1352,030] ----D C:\Program Files (x86)\Microsoft Games
O43 - CFD: 18/04/2012 - 13:52:41 - [787,248] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 22/08/2009 - 09:40:13 - [7,431] ----D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 09/10/2013 - 21:45:59 - [40,851] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 24/10/2009 - 05:36:35 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 18/04/2012 - 13:52:57 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 24/10/2009 - 05:29:24 - [1,577] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 11/10/2012 - 18:49:45 - [139,669] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 05/02/2011 - 00:11:08 - [7,789] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 18/05/2013 - 17:29:21 - [34,646] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 18/04/2012 - 13:53:18 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 09/01/2010 - 19:29:34 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 09/11/2013 - 16:46:08 - [0,015] ----D C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 22/08/2009 - 09:56:05 - [1171,310] ----D C:\Program Files (x86)\NewTech Infosystems
O43 - CFD: 29/05/2010 - 17:22:04 - [18,504] ----D C:\Program Files (x86)\Nikon
O43 - CFD: 25/12/2009 - 17:53:10 - [0,102] ----D C:\Program Files (x86)\OEM
O43 - CFD: 26/02/2010 - 22:57:53 - [358,814] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 21/07/2012 - 17:10:53 - [33,207] ----D C:\Program Files (x86)\Oracle
O43 - CFD: 18/08/2011 - 12:28:44 - [877,596] ----D C:\Program Files (x86)\Quake 3
O43 - CFD: 25/12/2009 - 12:47:01 - [76,378] ----D C:\Program Files (x86)\QuickTime
O43 - CFD: 03/01/2013 - 16:24:17 - [11,369] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 06:32:38 - [37,357] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 28/12/2013 - 07:39:05 - [50,944] R---D C:\Program Files (x86)\Skype
O43 - CFD: 19/01/2014 - 16:35:29 - [0,817] ----D C:\Program Files (x86)\SoftQuick =>Hijacker.SoftQuick
O43 - CFD: 20/03/2010 - 19:43:16 - [5,097] ----D C:\Program Files (x86)\Spotify
O43 - CFD: 22/08/2009 - 06:23:57 - [2,100] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 03/01/2013 - 16:34:01 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 27/12/2010 - 21:52:36 - [372,158] ----D C:\Program Files (x86)\Ulead Systems
O43 - CFD: 14/07/2009 - 05:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 18/09/2012 - 12:24:35 - [94,419] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 12/07/2013 - 13:55:48 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 11/07/2013 - 17:20:36 - [113,827] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 24/04/2013 - 21:57:40 - [5,895] ----D C:\Program Files (x86)\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 11/12/2013 - 16:45:59 - [4,791] ----D C:\Program Files (x86)\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 06:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 24/04/2013 - 21:57:40 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 24/04/2013 - 21:57:40 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 24/04/2013 - 21:57:40 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 25/12/2009 - 13:09:16 - [2,849] ----D C:\Program Files (x86)\WindSolutions
O43 - CFD: 06/02/2014 - 11:09:48 - [17,260] ----D C:\Program Files (x86)\ZHPDiag  =>.Nicolas Coolman
O43 - CFD: 09/12/2013 - 15:11:03 - [570,097] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 09/12/2013 - 13:35:05 - [20,800] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 25/12/2009 - 12:47:46 - [86,605] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 22/08/2009 - 09:37:10 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 22/08/2009 - 09:56:42 - [0,097] ----D C:\Program Files (x86)\Common Files\EgisTec
O43 - CFD: 27/12/2010 - 21:52:35 - [12,234] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 12/12/2012 - 19:10:43 - [1,184] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 23/06/2012 - 10:29:15 - [285,795] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 29/05/2010 - 17:22:14 - [3,984] ----D C:\Program Files (x86)\Common Files\muvee Technologies
O43 - CFD: 29/05/2010 - 17:23:08 - [7,605] ----D C:\Program Files (x86)\Common Files\Nikon
O43 - CFD: 22/08/2009 - 09:43:42 - [0,338] ----D C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 22/08/2009 - 11:25:40 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 11/07/2013 - 17:20:26 - [1,904] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/07/2009 - 04:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 24/04/2013 - 21:57:38 - [42,841] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 27/12/2010 - 21:52:36 - [2,929] ----D C:\Program Files (x86)\Common Files\Ulead Systems
O43 - CFD: 24/10/2009 - 05:32:23 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 29/10/2012 - 18:12:45 - [31,174] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 22/08/2009 - 06:41:17 - [2,371] ----D C:\ProgramData\Acer
O43 - CFD: 10/12/2013 - 17:10:19 - [409,776] ----D C:\ProgramData\Adobe
O43 - CFD: 09/12/2013 - 13:40:00 - [0] ----D C:\ProgramData\ALM
O43 - CFD: 24/08/2011 - 12:45:54 - [31,155] ----D C:\ProgramData\Apple
O43 - CFD: 25/12/2009 - 12:47:46 - [73,755] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 07/06/2011 - 16:24:44 - [0,971] ----D C:\ProgramData\Arcade Lab
O43 - CFD: 24/10/2009 - 05:17:15 - [0] ----D C:\ProgramData\ATI
O43 - CFD: 08/02/2011 - 16:13:55 - [21,572] ----D C:\ProgramData\AVAST Software
O43 - CFD: 03/01/2013 - 15:11:13 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 22/08/2009 - 09:56:16 - [0,156] ----D C:\ProgramData\BackupManager
O43 - CFD: 22/11/2013 - 13:00:46 - [14,320] ----D C:\ProgramData\BitGuard =>PUP.BitGuard
O43 - CFD: 25/12/2009 - 17:50:21 - [0] -SH-D C:\ProgramData\Bureau
O43 - CFD: 27/09/2012 - 20:45:11 - [19,027] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 06/02/2014 - 10:54:59 - [0,223] ----D C:\ProgramData\continuetosave =>PUP.OfferWare
O43 - CFD: 28/02/2010 - 16:44:50 - [0,118] ----D C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 06/02/2014 - 10:54:59 - [0] ----D C:\ProgramData\DSearchLink =>Toolbar.DeltaSearch
O43 - CFD: 24/10/2009 - 05:16:44 - [0] ----D C:\ProgramData\EgisTec
O43 - CFD: 29/05/2010 - 17:20:41 - [0] ----D C:\ProgramData\EnterNHelp
O43 - CFD: 22/08/2009 - 11:30:37 - [0] ----D C:\ProgramData\eSobi
O43 - CFD: 25/12/2009 - 17:50:21 - [0] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Favorites
O43 - CFD: 29/05/2010 - 17:20:41 - [0] ----D C:\ProgramData\Flags
O43 - CFD: 22/08/2009 - 06:41:04 - [0,515] ----D C:\ProgramData\Google
O43 - CFD: 03/01/2013 - 15:23:42 - [2,390] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 27/12/2010 - 21:56:33 - [0] ----D C:\ProgramData\InstallShield
O43 - CFD: 03/01/2013 - 16:07:00 - [1,260] ----D C:\ProgramData\ma-config.com
O43 - CFD: 06/02/2014 - 08:40:43 - [7,882] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 20/12/2011 - 23:34:37 - [0,042] ----D C:\ProgramData\McAfee
O43 - CFD: 25/12/2009 - 17:50:21 - [0] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 23/06/2012 - 10:30:31 - [405,442] -S--D C:\ProgramData\Microsoft
O43 - CFD: 19/01/2014 - 19:28:02 - [0,118] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 25/12/2009 - 17:50:21 - [0] -SH-D C:\ProgramData\Modèles
O43 - CFD: 29/05/2010 - 17:22:10 - [6,674] ----D C:\ProgramData\Nikon
O43 - CFD: 24/10/2009 - 05:27:21 - [0,001] ----D C:\ProgramData\OEM
O43 - CFD: 03/01/2013 - 15:23:33 - [0,566] ----D C:\ProgramData\Premium
O43 - CFD: 25/12/2013 - 23:56:42 - [0,005] ----D C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 05/09/2012 - 15:32:12 - [0,319] ----D C:\ProgramData\Sandlot Games
O43 - CFD: 22/08/2009 - 11:30:46 - [0] ----D C:\ProgramData\SiteAdvisor
O43 - CFD: 28/12/2013 - 07:39:13 - [57,037] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 26/02/2010 - 22:56:46 - [0] ----D C:\ProgramData\Sun
O43 - CFD: 22/08/2009 - 06:23:57 - [0,001] ----D C:\ProgramData\Symantec
O43 - CFD: 13/12/2012 - 03:05:16 - [0,033] ----D C:\ProgramData\Tablet
O43 - CFD: 05/09/2012 - 15:49:11 - [0,086] ---AD C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Templates
O43 - CFD: 27/12/2010 - 21:53:07 - [0,089] ----D C:\ProgramData\Ulead Systems
O43 - CFD: 29/05/2010 - 17:20:41 - [0] ----D C:\ProgramData\Ultima_T15
O43 - CFD: 25/12/2009 - 19:26:21 - [0] ----D C:\ProgramData\WindSolutions
O43 - CFD: 03/01/2013 - 15:23:41 - [0] ----D C:\ProgramData\WoW Worldwide Software LTD
O43 - CFD: 25/12/2009 - 12:48:11 - [0,853] ----D C:\ProgramData\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3}
O43 - CFD: 24/01/2014 - 16:31:10 - [9,103] ----D C:\Users\Teloü\AppData\Roaming\Adobe
O43 - CFD: 09/11/2013 - 16:26:35 - [0,096] ----D C:\Users\Teloü\AppData\Roaming\AffiliatedUpdate
O43 - CFD: 25/12/2009 - 12:49:14 - [86,668] ----D C:\Users\Teloü\AppData\Roaming\Apple Computer
O43 - CFD: 25/12/2009 - 17:52:18 - [0] ----D C:\Users\Teloü\AppData\Roaming\ATI
O43 - CFD: 29/09/2013 - 09:57:29 - [1,265] ----D C:\Users\Teloü\AppData\Roaming\BabSolution =>Hijacker.BabSolution
O43 - CFD: 03/01/2013 - 15:11:13 - [0,007] ----D C:\Users\Teloü\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 06/02/2014 - 10:50:43 - [0,450] ----D C:\Users\Teloü\AppData\Roaming\cacaoweb =>PUP.CacaoWeb
O43 - CFD: 06/01/2014 - 15:45:04 - [0] ----D C:\Users\Teloü\AppData\Roaming\com.adobe.DC3Module.AdobeADC
O43 - CFD: 28/02/2010 - 16:44:48 - [0] ----D C:\Users\Teloü\AppData\Roaming\CyberLink
O43 - CFD: 09/01/2010 - 18:33:45 - [0] ----D C:\Users\Teloü\AppData\Roaming\dvdcss
O43 - CFD: 29/05/2010 - 22:18:38 - [6,255] ----D C:\Users\Teloü\AppData\Roaming\Facebook
O43 - CFD: 20/08/2011 - 16:48:21 - [0,076] ----D C:\Users\Teloü\AppData\Roaming\GameRanger
O43 - CFD: 25/12/2009 - 17:57:06 - [0] ----D C:\Users\Teloü\AppData\Roaming\Google
O43 - CFD: 25/12/2009 - 17:50:59 - [0] ----D C:\Users\Teloü\AppData\Roaming\Identities
O43 - CFD: 25/12/2009 - 17:51:35 - [0,001] ----D C:\Users\Teloü\AppData\Roaming\Macromedia
O43 - CFD: 06/02/2014 - 08:41:53 - [46,432] ----D C:\Users\Teloü\AppData\Roaming\Malwarebytes
O43 - CFD: 22/08/2009 - 07:06:24 - [0] ----D C:\Users\Teloü\AppData\Roaming\Media Center Programs
O43 - CFD: 29/10/2013 - 21:45:50 - [3,634] -S--D C:\Users\Teloü\AppData\Roaming\Microsoft
O43 - CFD: 25/12/2009 - 12:24:22 - [37,839] ----D C:\Users\Teloü\AppData\Roaming\Mozilla
O43 - CFD: 29/05/2010 - 17:36:05 - [0,164] ----D C:\Users\Teloü\AppData\Roaming\Nikon
O43 - CFD: 26/02/2010 - 23:00:42 - [2,215] ----D C:\Users\Teloü\AppData\Roaming\OpenOffice.org
O43 - CFD: 06/02/2014 - 10:59:53 - [10,413] ----D C:\Users\Teloü\AppData\Roaming\Skype
O43 - CFD: 28/02/2010 - 16:45:11 - [0,006] ----D C:\Users\Teloü\AppData\Roaming\SoftDMA
O43 - CFD: 07/08/2012 - 17:17:00 - [2,243] ----D C:\Users\Teloü\AppData\Roaming\Spotify
O43 - CFD: 24/01/2014 - 16:31:09 - [0] ----D C:\Users\Teloü\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 09/11/2013 - 16:46:43 - [0] ----D C:\Users\Teloü\AppData\Roaming\Systweak
O43 - CFD: 27/02/2010 - 18:14:28 - [0,013] ----D C:\Users\Teloü\AppData\Roaming\Template
O43 - CFD: 27/12/2010 - 22:02:03 - [13,422] ----D C:\Users\Teloü\AppData\Roaming\Ulead Systems
O43 - CFD: 26/11/2013 - 23:52:51 - [0,466] ----D C:\Users\Teloü\AppData\Roaming\vlc
O43 - CFD: 04/07/2012 - 18:16:04 - [0,039] ----D C:\Users\Teloü\AppData\Roaming\WebPlayerBdd =>Adware.SocialSkinz
O43 - CFD: 25/12/2009 - 13:10:01 - [0,045] ----D C:\Users\Teloü\AppData\Roaming\WindSolutions
O43 - CFD: 06/02/2014 - 11:12:50 - [0,019] ----D C:\Users\Teloü\AppData\Roaming\ZHP  =>.Nicolas Coolman
O43 - CFD: 06/02/2014 - 10:59:55 - [4,132] ----D C:\Users\Teloü\AppData\Local\Adobe
O43 - CFD: 25/12/2009 - 12:46:32 - [0] ----D C:\Users\Teloü\AppData\Local\Apple
O43 - CFD: 09/01/2010 - 16:38:20 - [2,563] ----D C:\Users\Teloü\AppData\Local\Apple Computer
O43 - CFD: 25/12/2009 - 17:50:30 - [0] -SH-D C:\Users\Teloü\AppData\Local\Application Data
O43 - CFD: 25/12/2009 - 17:52:18 - [0,058] ----D C:\Users\Teloü\AppData\Local\ATI
O43 - CFD: 29/09/2013 - 09:57:59 - [0,056] ----D C:\Users\Teloü\AppData\Local\avgchrome
O43 - CFD: 05/09/2012 - 13:02:14 - [1,614] ----D C:\Users\Teloü\AppData\Local\CRE
O43 - CFD: 28/02/2010 - 16:45:09 - [0,033] ----D C:\Users\Teloü\AppData\Local\CyberLink
O43 - CFD: 19/01/2014 - 16:36:34 - [0] ----D C:\Users\Teloü\AppData\Local\Diagnostics
O43 - CFD: 25/12/2009 - 17:51:36 - [0] ----D C:\Users\Teloü\AppData\Local\EgisTec
O43 - CFD: 22/09/2012 - 10:40:40 - [0] ----D C:\Users\Teloü\AppData\Local\ElevatedDiagnostics
O43 - CFD: 26/12/2013 - 19:41:33 - [522,298] ----D C:\Users\Teloü\AppData\Local\Google
O43 - CFD: 25/12/2009 - 17:50:30 - [0] -SH-D C:\Users\Teloü\AppData\Local\Historique
O43 - CFD: 04/07/2012 - 21:43:53 - [0] ----D C:\Users\Teloü\AppData\Local\Kreapixel =>Adware.SocialSkinz
O43 - CFD: 06/12/2013 - 13:11:24 - [647,014] ----D C:\Users\Teloü\AppData\Local\Microsoft
O43 - CFD: 18/05/2013 - 22:28:35 - [0,681] ----D C:\Users\Teloü\AppData\Local\Microsoft Games
O43 - CFD: 18/04/2012 - 14:00:47 - [0,296] ----D C:\Users\Teloü\AppData\Local\Microsoft Help
O43 - CFD: 25/12/2009 - 12:24:07 - [50,164] ----D C:\Users\Teloü\AppData\Local\Mozilla
O43 - CFD: 09/11/2013 - 16:27:09 - [0] ----D C:\Users\Teloü\AppData\Local\Programs
O43 - CFD: 07/08/2012 - 17:15:37 - [1903,686] ----D C:\Users\Teloü\AppData\Local\Spotify
O43 - CFD: 06/02/2014 - 11:10:12 - [0,612] ----D C:\Users\Teloü\AppData\Local\Temp
O43 - CFD: 25/12/2009 - 17:50:30 - [0] -SH-D C:\Users\Teloü\AppData\Local\Temporary Internet Files
O43 - CFD: 29/10/2012 - 19:00:21 - [1,474] ----D C:\Users\Teloü\AppData\Local\VirtualStore
O43 - CFD: 29/09/2013 - 09:57:14 - [0,054] ----D C:\Users\Teloü\AppData\Local\Wajam =>PUP.Wajam
O43 - CFD: 28/11/2013 - 09:37:15 - [0,066] ----D C:\Users\Teloü\AppData\Local\Windows Live
O43 - CFD: 22/08/2009 - 11:30:51 - [0,014] R---D C:\Users\Teloü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/09/2013 - 11:41:24 - [0] R---D C:\Users\Teloü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 21/11/2013 - 18:32:42 - [0,001] ----D C:\Users\Teloü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard =>PUP.BitGuard
O43 - CFD: 05/09/2012 - 23:20:26 - [0] ----D C:\Users\Teloü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 22/08/2009 - 11:30:51 - [0,001] R---D C:\Users\Teloü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 29/10/2012 - 18:35:12 - [0] ----D C:\Users\Teloü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter
O43 - CFD: 06/02/2014 - 08:34:57 - [0,001] R---D C:\Users\Teloü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ 283 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 485 Scanned in 01mn 11s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.158AAA5B1DB1CB44D82C29F6E2A79F0A] - 05/02/2014 - 22:57:50 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1562690]
O44 - LFC:[MD5.E8771EEC2821CF79FB0B437934C3A794] - 05/02/2014 - 22:57:50 ---A- . (...) -- C:\Windows\System32\perfc009.dat   [108566]
O44 - LFC:[MD5.1ED9A7A5A3777D2F3DCB59CECCD93659] - 05/02/2014 - 22:57:50 ---A- . (...) -- C:\Windows\System32\perfc00C.dat   [133068]
O44 - LFC:[MD5.F16FB231F11248A41F80880913E02DE3] - 05/02/2014 - 22:57:50 ---A- . (...) -- C:\Windows\System32\perfh009.dat   [620384]
O44 - LFC:[MD5.0561AE29254E0C755500D3DBAED225F9] - 05/02/2014 - 22:57:50 ---A- . (...) -- C:\Windows\System32\perfh00C.dat   [709086]
O44 - LFC:[MD5.4915D1BCD12D2DE306CEAD1BC7F7CE23] - 05/02/2014 - 23:06:39 ----- . (...) -- C:\UsbFix [Scan 1] TELOÜ-PC.txt   [15877]
O44 - LFC:[MD5.AB18DBADE3CEB6CFCABF51C023B7634D] - 06/02/2014 - 07:44:40 ----- . (...) -- C:\UsbFix [Scan 2] TELOÜ-PC.txt   [15037]
O44 - LFC:[MD5.554C37162B9E6E73E94038A7E8BB0B87] - 06/02/2014 - 08:35:44 ---A- . (...) -- C:\UsbFix [Clean 2] TELOÜ-PC.txt   [22126]
O44 - LFC:[MD5.0BB97D43299910CBFBA59C461B99B910] - 06/02/2014 - 08:40:41 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys   [25928]
O44 - LFC:[MD5.11F927F00251F4F4B62580711A030FE0] - 06/02/2014 - 10:56:41 ---A- . (...) -- C:\Windows\PFRO.log   [48562]
O44 - LFC:[MD5.1C03CD6A53E3F1943B3FEBF5A5AABE81] - 06/02/2014 - 10:56:51 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.40F043B9677528345428BC2B908FFC6D] - 06/02/2014 - 10:56:52 ---A- . (...) -- C:\Windows\setupact.log   [1676]
O44 - LFC:[MD5.43CC5540B4253F5B89F5DD86E5450034] - 06/02/2014 - 10:58:16 ---A- . (...) -- C:\Windows\win.ini   [625]
O44 - LFC:[MD5.4BAF68F22EA0CF817BFE426F1744892F] - 06/02/2014 - 11:03:42 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1613197]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/01/2014 - 21:20:03 ---A- . (...) -- C:\Windows\setuperr.log   [0]
~ Files: 15 Scanned in 00mn 29s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.81887CF21803509CDCF9421D3F629D4F] - 03/02/2014 - 23:56:32 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.34845E8A4B648E666291B752915A5B71] - 03/02/2014 - 23:57:32 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.125454F4C50CFBEA0D4C9ADB29A1A093] - 06/02/2014 - 09:08:44 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.E2A440F9A208BAF4A1602E5596944E1E] - 06/02/2014 - 09:08:45 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.77998EB51E43D6869B6C459E39EC8083] - 06/02/2014 - 09:08:47 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.8D3A8169B416300317AC0844BC65D4E8] - 06/02/2014 - 09:08:48 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.D6842C2387DDC589B3282AB24456C470] - 06/02/2014 - 10:51:16 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-3257031791-4191643407-3681858138-1000.db
O45 - LFCP:[MD5.2F52846EF7CAE66247605F1E35CA253C] - 06/02/2014 - 10:51:17 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-3257031791-4191643407-3681858138-1000.db
O45 - LFCP:[MD5.49C0736BB2792F4A879EE56ADD0748BC] - 06/02/2014 - 10:56:13 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.AF4273E577A7C6569BF2158E445110A9] - 06/02/2014 - 10:58:37 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:[MD5.DE8B95A50897D9FBCB8B463C4E65E484] - 06/02/2014 - 10:59:02 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-69C456C3.pf
O45 - LFCP:[MD5.D5E55D8A2F66DA6A318724D404FEA633] - 06/02/2014 - 10:59:05 ---A- - C:\Windows\Prefetch\IAANOTIF.EXE-349C2DDA.pf
O45 - LFCP:[MD5.37F4844D6269BDB243A92A8DA3B31B19] - 06/02/2014 - 10:59:06 ---A- - C:\Windows\Prefetch\MWLDAEMON.EXE-C69CAB9F.pf
O45 - LFCP:[MD5.E61E7DF659E33F03364F23B7A2E790E0] - 06/02/2014 - 10:59:07 ---A- - C:\Windows\Prefetch\SYNTPENH.EXE-8A564A20.pf
O45 - LFCP:[MD5.C22371AF6AC3188AB6C7E69BB3B55FC6] - 06/02/2014 - 10:59:08 ---A- - C:\Windows\Prefetch\PLFSETI.EXE-D9D6FD5A.pf
O45 - LFCP:[MD5.844195330B6DB354B67C19742AF70116] - 06/02/2014 - 10:59:09 ---A- - C:\Windows\Prefetch\EPOWERTRAY.EXE-77937FD2.pf
O45 - LFCP:[MD5.5906E28A00B741328994AB7B8E15E349] - 06/02/2014 - 10:59:12 ---A- - C:\Windows\Prefetch\WTMKM.EXE-7A0E380D.pf
O45 - LFCP:[MD5.EC56926305B88DAAFCCD2BD4579B8A2A] - 06/02/2014 - 10:59:14 ---A- - C:\Windows\Prefetch\RAVCPL64.EXE-4BB80510.pf
O45 - LFCP:[MD5.72835ED902697F85C177F4E1766B65D6] - 06/02/2014 - 10:59:14 ---A- - C:\Windows\Prefetch\UNSECAPP.EXE-72B9DDB3.pf
O45 - LFCP:[MD5.98B99C8D9ACC8E4F57EB12466083F04F] - 06/02/2014 - 10:59:16 ---A- - C:\Windows\Prefetch\GOOGLETOOLBARNOTIFIER.EXE-969E73DB.pf  =>Toolbar.Google
O45 - LFCP:[MD5.91F67D826E0712414A94BA584A791FF9] - 06/02/2014 - 10:59:18 ---A- - C:\Windows\Prefetch\SKYPE.EXE-A716A034.pf
O45 - LFCP:[MD5.71F7462082FB0508D002C49E3D6A5BCC] - 06/02/2014 - 10:59:19 ---A- - C:\Windows\Prefetch\EPOWEREVENT.EXE-08C01CA4.pf
O45 - LFCP:[MD5.C7B143ACDF150E700211956E2F9EF74A] - 06/02/2014 - 10:59:22 ---A- - C:\Windows\Prefetch\NKMONITOR.EXE-FA096A8A.pf
O45 - LFCP:[MD5.BD1650637F0FC9165D7041C5F0889A53] - 06/02/2014 - 10:59:24 ---A- - C:\Windows\Prefetch\EGISUPDATE.EXE-DC408107.pf
O45 - LFCP:[MD5.B1B3F790AB9D26AB6F493B3CAFDAEA05] - 06/02/2014 - 10:59:25 ---A- - C:\Windows\Prefetch\CLISTART.EXE-091A18CD.pf
O45 - LFCP:[MD5.CB9E99538BC2991C24C915DCCFFA362C] - 06/02/2014 - 10:59:26 ---A- - C:\Windows\Prefetch\SOFFICE.BIN-F938F4DB.pf
O45 - LFCP:[MD5.37BB42FA3BC9490E959734295DCB7243] - 06/02/2014 - 10:59:45 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-8CE1A322.pf
O45 - LFCP:[MD5.2AF1822D30CDF7ED23F329FB56F87B38] - 06/02/2014 - 10:59:46 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-16B291C4.pf
O45 - LFCP:[MD5.F77F66FBC14FB035BB2417920951812D] - 06/02/2014 - 11:00:08 ---A- - C:\Windows\Prefetch\MOM.EXE-F911D5BC.pf
O45 - LFCP:[MD5.F2C628C6986668AF0B9527CAE37D12E0] - 06/02/2014 - 11:00:09 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-F6E20E14.pf
O45 - LFCP:[MD5.0DCB27B3E9FDE177AD9DC50EB74F6C9E] - 06/02/2014 - 11:00:11 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-B597A9D1.pf
O45 - LFCP:[MD5.4FD7866DE558DACB8EEB7CEDDE66A8D5] - 06/02/2014 - 11:00:16 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-18FC9E64.pf
O45 - LFCP:[MD5.D1BA8C78E976EEE40590DA37FF31469D] - 06/02/2014 - 11:00:50 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-2E02FDCA.pf
O45 - LFCP:[MD5.7403100821568D1118D691841A09F262] - 06/02/2014 - 11:01:12 ---A- - C:\Windows\Prefetch\QTTASK.EXE-64CB3CDA.pf
O45 - LFCP:[MD5.68AC05830C269DBED17D4531E1D4D0A3] - 06/02/2014 - 11:01:21 ---A- - C:\Windows\Prefetch\ITUNESHELPER.EXE-399B4696.pf
O45 - LFCP:[MD5.00FC2FAFE48A5391BFC09479E170C3DA] - 06/02/2014 - 11:01:21 ---A- - C:\Windows\Prefetch\LMANAGER.EXE-2C9803DF.pf
O45 - LFCP:[MD5.45A424435791E8A85234736FBE903A3E] - 06/02/2014 - 11:01:21 ---A- - C:\Windows\Prefetch\SYNTPHELPER.EXE-C8D211B9.pf
O45 - LFCP:[MD5.1E0C6E4FA6C2EE1DF30950345FB3992A] - 06/02/2014 - 11:01:22 ---A- - C:\Windows\Prefetch\ADOBEARM.EXE-F9223367.pf
O45 - LFCP:[MD5.3B5C70AE62430FE386F3D80EDFE8466C] - 06/02/2014 - 11:01:22 ---A- - C:\Windows\Prefetch\AVASTUI.EXE-19622E35.pf
O45 - LFCP:[MD5.E49C83C76D3803B9F1F27A7B7CDC815F] - 06/02/2014 - 11:01:22 ---A- - C:\Windows\Prefetch\MONITOR.EXE-C145B8C0.pf
O45 - LFCP:[MD5.DE4B7B9FDF09B9B8300DC1B17FE3544D] - 06/02/2014 - 11:01:27 ---A- - C:\Windows\Prefetch\CS6SERVICEMANAGER.EXE-ABBD2F91.pf
O45 - LFCP:[MD5.B9B61AE24BADD62667CBF6B2F8432A67] - 06/02/2014 - 11:01:44 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-BB21CD77.pf
O45 - LFCP:[MD5.DED78E83EB9D8F706F66B0BE2B9A9BE1] - 06/02/2014 - 11:01:46 ---A- - C:\Windows\Prefetch\IPODSERVICE.EXE-716E0AD1.pf
O45 - LFCP:[MD5.A457C7D3335BEB2962B002B687EB8B4B] - 06/02/2014 - 11:02:14 ---A- - C:\Windows\Prefetch\CHROME.EXE-5349D2D7.pf
O45 - LFCP:[MD5.23E85816FB52E7710D98E5CA06567ED2] - 06/02/2014 - 11:02:18 ---A- - C:\Windows\Prefetch\PREVHOST.EXE-7DD93B84.pf
O45 - LFCP:[MD5.0B9A97B73E0043FF2586FCF41DCA3CE2] - 06/02/2014 - 11:02:19 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-63B92852.pf
O45 - LFCP:[MD5.E82666A9481824508CE9D9BB37A3A5E6] - 06/02/2014 - 11:02:58 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-E8B8DD29.pf
O45 - LFCP:[MD5.6C01FB8FF0E0005E45394251326718FD] - 06/02/2014 - 11:03:14 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-5D573F0E.pf
O45 - LFCP:[MD5.2F317E361620D1E79629D88DC5AF721A] - 06/02/2014 - 11:03:17 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-766EFF52.pf
O45 - LFCP:[MD5.3791ECAF376B3C7D97936B8ADAC74861] - 06/02/2014 - 11:05:46 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-9B951B76.pf
O45 - LFCP:[MD5.82E06C7441B64A9991BEB32776041806] - 06/02/2014 - 11:05:51 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-CE95038E.pf
O45 - LFCP:[MD5.5F88162349489E431D7ED2DA1F38FE5C] - 06/02/2014 - 11:05:53 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-0947A47F.pf
O45 - LFCP:[MD5.CDB7EE01AA2E953DDDDDBDA3FD88A603] - 06/02/2014 - 11:06:01 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-0E1E7B82.pf
O45 - LFCP:[MD5.EDCA274736092EADFEB81E120F07715E] - 06/02/2014 - 11:07:12 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-D9DCD0F3.pf
O45 - LFCP:[MD5.DB8302A936CF026B6F35548FA16DC7D8] - 06/02/2014 - 11:08:32 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-ACC74AE9.pf
O45 - LFCP:[MD5.AFDC4406C033085E201B1893BA061779] - 06/02/2014 - 11:08:49 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-0D53616E.pf
O45 - LFCP:[MD5.AAA9E8958DB152418ED4B2AD61A87861] - 06/02/2014 - 11:08:53 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-CF799042.pf
O45 - LFCP:[MD5.5A976CCC3729658BC35EE70A4E8FB8D9] - 06/02/2014 - 11:09:40 ---A- - C:\Windows\Prefetch\CONSENT.EXE-40419367.pf
O45 - LFCP:[MD5.6794728A58290F71BF3D5B5E41FBBDC5] - 06/02/2014 - 11:09:46 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-257D8644.pf
O45 - LFCP:[MD5.5A0815A538E31396335D001864595401] - 06/02/2014 - 11:09:49 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-4B6CB38A.pf
O45 - LFCP:[MD5.52A1BBF006BA352F2F340FD6F8919667] - 06/02/2014 - 11:09:49 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6389524F.pf
O45 - LFCP:[MD5.C0C79D42B6D4CDC99803C6C9FDB06326] - 06/02/2014 - 11:09:55 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-960426D8.pf
O45 - LFCP:[MD5.958A48201C2FEF7616F09CEAC38F2529] - 06/02/2014 - 11:09:56 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-6A1D0894.pf
O45 - LFCP:[MD5.39342722C7716CB21EA3BF6F0D84D3F0] - 06/02/2014 - 11:10:05 ---A- - C:\Windows\Prefetch\WERMGR.EXE-F439C551.pf
O45 - LFCP:[MD5.98AC84A9A9071CA1A2C82AF244DAB017] - 06/02/2014 - 11:10:15 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-31898C74.pf
O45 - LFCP:[MD5.8BD757DE3CBB01109DD6B48DD20FEBC5] - 06/02/2014 - 11:10:30 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-A0F5E092.pf
O45 - LFCP:[MD5.7975E1FF2A8C76D1DD156C982D12EF67] - 06/02/2014 - 11:10:33 ---A- - C:\Windows\Prefetch\DEVICEDISPLAYOBJECTPROVIDER.E-D37241ED.pf
O45 - LFCP:[MD5.BE77E22A05132EAA72B3C85E9749F71D] - 06/02/2014 - 11:10:41 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-8B8C0E9D.pf
O45 - LFCP:[MD5.F652310EDDEB1D2ED9C94C27EDD51A07] - 06/02/2014 - 11:11:20 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-FCD9ABA9.pf
O45 - LFCP:[MD5.E5500C70E56D3EB30966DD3D6C9586FD] - 06/02/2014 - 11:11:21 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-96070FE0.pf
O45 - LFCP:[MD5.D6DEB0AC18844A7A6339416F13F16184] - 06/02/2014 - 11:11:21 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-39F97B2D.pf
O45 - LFCP:[MD5.AE5FB4C97FD17EF3F9CC9C179021CC9D] - 06/02/2014 - 11:11:42 ---A- - C:\Windows\Prefetch\PV.EXE-0748338F.pf
O45 - LFCP:[MD5.BBA0267B6B8DFDA3CC0D2425C8A9C055] - 06/02/2014 - 11:11:44 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-6E1A6101.pf
O45 - LFCP:[MD5.85088A90B0EE34848DFDF4BD18A11246] - 06/02/2014 - 11:12:00 ---A- - C:\Windows\Prefetch\CMD.EXE-6D6290C5.pf
O45 - LFCP:[MD5.D5B0EAF40C1AADDA6C463A6D6E538372] - 06/02/2014 - 11:12:00 ---A- - C:\Windows\Prefetch\CONHOST.EXE-0C6456FB.pf
O45 - LFCP:[MD5.17E76A4D66A832BB594F5DF3F467CF8A] - 06/02/2014 - 11:12:02 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-3DCC0576.pf
O45 - LFCP:[MD5.79BDF561E656F0326AACAB3B088ABD8D] - 06/02/2014 - 11:12:09 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-D49D3641.pf
O45 - LFCP:[MD5.70BDDFC02F1A63356BBAD780FF9FE75F] - 06/02/2014 - 11:12:14 ---A- - C:\Windows\Prefetch\TASKENG.EXE-35FA9C06.pf
O45 - LFCP:[MD5.A319F67004D06C963E24655AC7FEE68F] - 06/02/2014 - 11:12:49 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-DC1676CD.pf
O45 - LFCP:[MD5.A080D2164FFD7C53FEB30E13DE1A764D] - 06/02/2014 - 11:14:06 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-44162447.pf
O45 - LFCP:[MD5.C1A7786B16419BB6DDC771F6B732074D] - 19/01/2014 - 17:13:12 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.4D9B23276102671D59FEF3D208AD92FB] - 19/01/2014 - 20:57:52 ---A- - C:\Windows\Prefetch\AgCx_SC4.db
O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 30/07/2251 - 23:22:27 ----D - C:\Windows\Prefetch\ReadyBoot
~ Prefetcher: 83 Scanned in 00mn 01s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ MWPE Keys: 3 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.64EDD3F59DB321947969FDF1DD747323] - 14/07/2009 - 01:06:38 ---A- . (.Microsoft Corporation - 1394 Bus Device Driver.) -- C:\Windows\System32\Drivers\1394bus.sys   [68096]
O58 - SDL:[MD5.A87D604AEA360176311474C87A63BB88] - 20/11/2010 - 11:44:56 ---A- . (.Microsoft Corporation - 1394 OpenHCI Driver.) -- C:\Windows\System32\Drivers\1394ohci.sys   [229888]
O58 - SDL:[MD5.D81D9E70B8A6DD14D42D7B4EFA65D5F2] - 20/11/2010 - 14:32:46 ---A- . (.Microsoft Corporation - Pilote ACPI pour NT.) -- C:\Windows\System32\Drivers\acpi.sys   [334208]
O58 - SDL:[MD5.99F8E788246D495CE3794D7E7821D2CA] - 20/11/2010 - 10:30:42 ---A- . (.Microsoft Corporation - ACPI Power Metering Driver.) -- C:\Windows\System32\Drivers\acpipmi.sys   [12800]
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [491088]
O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys   [339536]
O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys   [182864]
O58 - SDL:[MD5.79059559E89D06E8B80CE2944BE20228] - 28/09/2013 - 02:09:10 ---A- . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\Drivers\afd.sys   [497152]
O58 - SDL:[MD5.7ECFF9B22276B73F43A99A15A6094E90] - 14/07/2009 - 01:10:24 ---A- . (.Microsoft Corporation - RAS Agile Vpn Miniport Call Manager.) -- C:\Windows\System32\Drivers\agilevpn.sys   [60416]
O58 - SDL:[MD5.608C14DBA7299D8CB6ED035A68A15799] - 14/07/2009 - 02:52:21 ---A- . (.Microsoft Corporation - Filtre AGP 440 NT.) -- C:\Windows\System32\Drivers\AGP440.sys   [61008]
O58 - SDL:[MD5.AF4748EF93416159459769A24A0053AF] - 07/04/2009 - 02:31:08 ---A- . (.LSI Corporation - SoftModem Device Driver.) -- C:\Windows\System32\Drivers\agrsm64.sys   [1208320]
O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys   [15440]
O58 - SDL:[MD5.1FF8B4431C353CE385C875F194924C0C] - 14/07/2009 - 02:52:21 ---A- . (.Microsoft Corporation - Pilote IDE AMD.) -- C:\Windows\System32\Drivers\amdide.sys   [15440]
O58 - SDL:[MD5.7024F087CFF1833A806193EF9D22CDA9] - 14/07/2009 - 00:19:25 ---A- . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\Drivers\amdk8.sys   [64512]
O58 - SDL:[MD5.1E56388B3FE0D031C44144EB8C4D6217] - 14/07/2009 - 00:19:25 ---A- . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\Drivers\amdppm.sys   [60928]
O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys   [107904]
O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys   [194128]
O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys   [27008]
O58 - SDL:[MD5.89A69C3F2F319B43379399547526D952] - 20/11/2010 - 11:14:37 ---A- . (.Microsoft Corporation - AppID Driver.) -- C:\Windows\System32\Drivers\appid.sys   [61440]
O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys   [87632]
O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys   [97856]
O58 - SDL:[MD5.4FCAEF0C5BE7629AEB878998E0FE959B] - 30/10/2012 - 23:51:53 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\System32\Drivers\aswFsBlk.sys   [25232]
O58 - SDL:[MD5.7E4BEE2BDCA0F7AF5AF27D12AAF18627] - 23/10/2012 - 11:18:30 ---A- . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\aswKbd.sys   [21136]
O58 - SDL:[MD5.B50CDD87772D6A11CB90924AAD399DF8] - 30/10/2012 - 23:51:55 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys   [71600]
O58 - SDL:[MD5.44FB3542A6AAC49507C73D0812104CCD] - 01/02/2011 - 22:30:30 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\System32\Drivers\aswRdr.sys   [31064]
O58 - SDL:[MD5.57768C7DB4681F2510F247F82EF31D4F] - 15/10/2012 - 17:59:28 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys   [54072]
O58 - SDL:[MD5.E71D826A1F3CE9C9DE3E77F2D02AFFBF] - 30/10/2012 - 23:51:55 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys   [984144]
O58 - SDL:[MD5.538A32E2C99BF073D4CA76C30BEDAA60] - 30/10/2012 - 23:51:55 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswSP.sys   [370288]
O58 - SDL:[MD5.6EDC79D73745FD44C41B55B2D13D0B70] - 30/10/2012 - 23:51:56 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\System32\Drivers\aswTdi.sys   [59728]
O58 - SDL:[MD5.769765CE2CC62867468CEA93969B2242] - 14/07/2009 - 01:10:13 ---A- . (.Microsoft Corporation - MS Remote Access serial network driver.) -- C:\Windows\System32\Drivers\asyncmac.sys   [23040]
O58 - SDL:[MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - 02:52:21 ---A- . (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\Drivers\atapi.sys   [24128]
O58 - SDL:[MD5.059F00DEF82BF41E433B7ED465847726] - 05/08/2013 - 03:25:45 ---A- . (.Microsoft Corporation - ATAPI Driver Extension.) -- C:\Windows\System32\Drivers\ataport.sys   [155584]
O58 - SDL:[MD5.5D4529AC4156E16BEDB01441AE0CF984] - 09/07/2009 - 02:49:16 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athrx.sys   [1484800]
O58 - SDL:[MD5.C5758BF1DFD762A5B17041FF061B7750] - 02/07/2009 - 22:51:30 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\Drivers\atikmdag.sys   [6036480]
O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys   [270848]
O58 - SDL:[MD5.F4DE2AE7A9E1BADAC70BC71EA2C17612] - 14/07/2009 - 02:52:21 ---A- . (.Microsoft Corporation - Battery Class Driver.) -- C:\Windows\System32\Drivers\battc.sys   [28240]
O58 - SDL:[MD5.9E84A931DBEE0292E38ED672F6293A99] - 10/06/2009 - 21:34:38 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\System32\Drivers\BCMWL664.SYS   [1311232]
O58 - SDL:[MD5.16A47CE2DECC9B099349A5F840654746] - 14/07/2009 - 01:00:13 ---A- . (.Microsoft Corporation - BEEP Driver.) -- C:\Windows\System32\Drivers\beep.sys   [6656]
O58 - SDL:[MD5.61583EE3C3A17003C4ACD0475646B4D3] - 14/07/2009 - 00:35:59 ---A- . (.Microsoft Corporation - BLB Drive Driver.) -- C:\Windows\System32\Drivers\blbdrive.sys   [45056]
O58 - SDL:[MD5.6C02A83164F5CC0A262F4199F0871CF5] - 23/02/2011 - 05:55:04 ---A- . (.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) -- C:\Windows\System32\Drivers\bowser.sys   [90624]
O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys   [18432]
O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys   [8704]
O58 - SDL:[MD5.5C2F352A4E961D72518261257AAE204B] - 14/07/2009 - 02:01:48 ---A- . (.Microsoft Corporation - MAC Bridge Driver.) -- C:\Windows\System32\Drivers\bridge.sys   [95232]
O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys   [286720]
O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys   [47104]
O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys   [14976]
O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys   [14720]
O58 - SDL:[MD5.9DA669F11D1F894AB4EB69BF546A42E8] - 14/07/2009 - 01:06:52 ---A- . (.Microsoft Corporation - Bluetooth Communications Driver.) -- C:\Windows\System32\Drivers\bthmodem.sys   [72192]
O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys   [468480]
O58 - SDL:[MD5.B8BD2BB284668C84865658C77574381A] - 14/07/2009 - 00:19:47 ---A- . (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\Drivers\cdfs.sys   [92160]
O58 - SDL:[MD5.F036CE71586E93D94DAB220D7BDF4416] - 20/11/2010 - 10:19:21 ---A- . (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\Drivers\cdrom.sys   [147456]
O58 - SDL:[MD5.D7CD5C4E1B71FA62050515314CFB52CF] - 14/07/2009 - 01:06:34 ---A- . (.Microsoft Corporation - Consumer IR Class Driver for eHome.) -- C:\Windows\System32\Drivers\circlass.sys   [45568]
O58 - SDL:[MD5.ACFAD0B512226C7A83C7CB09FD55A9AD] - 20/11/2010 - 14:32:57 ---A- . (.Microsoft Corporation - SCSI Class System Dll.) -- C:\Windows\System32\Drivers\Classpnp.sys   [179072]
O58 - SDL:[MD5.0840155D0BDDF1190F84A663C284BD33] - 14/07/2009 - 00:31:03 ---A- . (.Microsoft Corporation - Control Method Battery Driver.) -- C:\Windows\System32\Drivers\CmBatt.sys   [17664]
O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys   [17488]
O58 - SDL:[MD5.EBF28856F69CF094A902F884CF989706] - 04/07/2013 - 13:18:29 ---A- . (.Microsoft Corporation - Kernel Cryptography, Next Generation.) -- C:\Windows\System32\Drivers\cng.sys   [458712]
O58 - SDL:[MD5.102DE219C3F61415F964C88E9085AD14] - 14/07/2009 - 02:52:31 ---A- . (.Microsoft Corporation - Composite Battery Driver.) -- C:\Windows\System32\Drivers\compbatt.sys   [21584]
O58 - SDL:[MD5.03EDB043586CCEBA243D689BDDA370A8] - 20/11/2010 - 11:33:17 ---A- . (.Microsoft Corporation - Multi-Transport Composite Bus Enumerator.) -- C:\Windows\System32\Drivers\CompositeBus.sys   [38912]
O58 - SDL:[MD5.3E588B60EC061686BA05D33574A344C6] - 14/07/2009 - 02:47:48 ---A- . (.Microsoft Corporation - Crash Dump Driver.) -- C:\Windows\System32\Drivers\crashdmp.sys   [39504]
O58 - SDL:[MD5.1C827878A998C18847245FE1F34EE597] - 14/07/2009 - 02:47:48 ---A- . (.Microsoft Corporation - Disk Block Verification Filter Driver.) -- C:\Windows\System32\Drivers\crcdisk.sys   [24144]
O58 - SDL:[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 20/11/2010 - 10:26:32 ---A- . (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\Drivers\dfsc.sys   [102400]
O58 - SDL:[MD5.13096B05847EC78F0977F2C0F79E9AB3] - 14/07/2009 - 00:37:18 ---A- . (.Microsoft Corporation - System Indexer/Cache Driver.) -- C:\Windows\System32\Drivers\discache.sys   [40448]
O58 - SDL:[MD5.9819EEE8B5EA3784EC4AF3B137A5244C] - 14/07/2009 - 02:47:48 ---A- . (.Microsoft Corporation - PnP Disk Driver.) -- C:\Windows\System32\Drivers\disk.sys   [73280]
O58 - SDL:[MD5.9BBD8B5855BC6578957F82341F9CDE5A] - 22/04/2011 - 23:15:29 ---A- . (.Microsoft Corporation - Crash Dump Disk Driver.) -- C:\Windows\System32\Drivers\Diskdump.sys   [27520]
O58 - SDL:[MD5.E0D3CD5841E5C7BE7B94BA946AF1E498] - 04/10/2013 - 03:16:30 ---A- . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) -- C:\Windows\System32\Drivers\drmk.sys   [116736]
O58 - SDL:[MD5.9B19F34400D24DF84C858A421C205754] - 14/07/2009 - 01:06:16 ---A- . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) -- C:\Windows\System32\Drivers\drmkaud.sys   [5632]
O58 - SDL:[MD5.839B5FE3D48E9F35B22C21A3D5103F6C] - 14/07/2009 - 02:47:48 ---A- . (.Microsoft Corporation - ATAPI Dump Driver.) -- C:\Windows\System32\Drivers\Dumpata.sys   [28736]
O58 - SDL:[MD5.814DB88F2641691575A455CF25354098] - 14/07/2009 - 02:43:14 ---A- . (.Microsoft Corporation - Bitlocker Drive Encryption Crashdump Filter.) -- C:\Windows\System32\Drivers\dumpfve.sys   [55128]
O58 - SDL:[MD5.BF24D6F2ED97FE830BFD52B246F98E67] - 14/07/2009 - 00:38:28 ---A- . (.Microsoft Corporation - DirectX API Driver.) -- C:\Windows\System32\Drivers\dxapi.sys   [16896]
O58 - SDL:[MD5.FEDE0629ECB23650D48989517D4914DA] - 14/07/2009 - 00:38:28 ---A- . (.Microsoft Corporation - DirectX Graphics Driver.) -- C:\Windows\System32\Drivers\dxg.sys   [98816]
O58 - SDL:[MD5.88612F1CE3BF42256913BF6E61C70D52] - 01/08/2013 - 13:09:36 ---A- . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys   [983488]
O58 - SDL:[MD5.1F04CFB79DD5FB7694468CE3FB3DCC31] - 10/04/2013 - 07:01:54 ---A- . (.Microsoft Corporation - DirectX Graphics MMS.) -- C:\Windows\System32\Drivers\dxgmms1.sys   [265064]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [530496]
O58 - SDL:[MD5.34A3C54752046E79A126E15C51DB409B] - 14/07/2009 - 00:31:04 ---A- . (.Microsoft Corporation - Error Device Driver.) -- C:\Windows\System32\Drivers\errdev.sys   [9728]
O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys   [3286016]
O58 - SDL:[MD5.A510C654EC00C1E9BDD91EEB3A59823B] - 14/07/2009 - 00:23:29 ---A- . (.Microsoft Corporation - Microsoft Extended FAT File System.) -- C:\Windows\System32\Drivers\exfat.sys   [195072]
O58 - SDL:[MD5.0ADC83218B66A6DB380C330836F3E36D] - 14/07/2009 - 00:23:29 ---A- . (.Microsoft Corporation - Fast FAT File System Driver.) -- C:\Windows\System32\Drivers\fastfat.sys   [204800]
O58 - SDL:[MD5.D765D19CD8EF61F650C384F62FAC00AB] - 14/07/2009 - 01:00:54 ---A- . (.Microsoft Corporation - Floppy Disk Controller Driver.) -- C:\Windows\System32\Drivers\fdc.sys   [29696]
O58 - SDL:[MD5.655661BE46B5F5F3FD454E2C3095B930] - 14/07/2009 - 02:47:48 ---A- . (.Microsoft Corporation - FileInfo Filter Driver.) -- C:\Windows\System32\Drivers\fileinfo.sys   [70224]
O58 - SDL:[MD5.5F671AB5BC87EEA04EC38A6CD5962A47] - 14/07/2009 - 00:25:40 ---A- . (.Microsoft Corporation - File Trace Filter Driver.) -- C:\Windows\System32\Drivers\filetrace.sys   [34304]
O58 - SDL:[MD5.C172A0F53008EAEB8EA33FE10E177AF5] - 14/07/2009 - 01:00:54 ---A- . (.Microsoft Corporation - Floppy Driver.) -- C:\Windows\System32\Drivers\flpydisk.sys   [24576]
O58 - SDL:[MD5.DA6B67270FD9DB3697B20FCE94950741] - 20/11/2010 - 14:33:34 ---A- . (.Microsoft Corporation - Gestionnaire de filtres de système de fichiers Microsoft.) -- C:\Windows\System32\Drivers\fltMgr.sys   [289664]
O58 - SDL:[MD5.D43703496149971890703B4B1B723EAC] - 14/07/2009 - 02:47:49 ---A- . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\fsdepends.sys   [55376]
O58 - SDL:[MD5.6BD9295CC032DD3077C671FCCF579A7B] - 01/03/2012 - 07:46:16 ---A- . (.Microsoft Corporation - File System Recognizer Driver.) -- C:\Windows\System32\Drivers\fs_rec.sys   [23408]
O58 - SDL:[MD5.8F6322049018354F45F05A2FD2D4E5E0] - 24/01/2013 - 07:01:01 ---A- . (.Microsoft Corporation - BitLocker Drive Encryption Driver.) -- C:\Windows\System32\Drivers\fvevol.sys   [223752]
O58 - SDL:[MD5.41C67E4205C606A103DEC8651D0B6FE6] - 03/01/2013 - 07:00:42 ---A- . (.Microsoft Corporation - FWP/IPsec Kernel-Mode API.) -- C:\Windows\System32\Drivers\FWPKCLNT.SYS   [288088]
O58 - SDL:[MD5.8C778D335C9D272CFD3298AB02ABE3B6] - 14/07/2009 - 02:47:48 ---A- . (.Microsoft Corporation - Filtre AGPv3.0 générique Microsoft pour plateformes de processe.) -- C:\Windows\System32\Drivers\GAGP30KX.SYS   [65088]
O58 - SDL:[MD5.E403AACF8C7BB11375122D2464560311] - 18/05/2009 - 14:17:08 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys   [34152]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [31232]
O58 - SDL:[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 20/11/2010 - 11:43:43 ---A- . (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\Drivers\hdaudbus.sys   [122368]
O58 - SDL:[MD5.975761C778E33CD22498059B91E7373A] - 20/11/2010 - 11:44:23 ---A- . (.Microsoft Corporation - High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\HdAudio.sys   [350208]
O58 - SDL:[MD5.78E86380454A7B10A5EB255DC44A355F] - 14/07/2009 - 00:31:06 ---A- . (.Microsoft Corporation - Hid Battery Driver.) -- C:\Windows\System32\Drivers\hidbatt.sys   [26624]
O58 - SDL:[MD5.7FD2A313F7AFE5C4DAB14798C48DD104] - 14/07/2009 - 01:06:52 ---A- . (.Microsoft Corporation - Pilote de miniport Bluetooth pour les périphériques HID.) -- C:\Windows\System32\Drivers\hidbth.sys   [100864]
O58 - SDL:[MD5.597C3699384E53CC59587ED50CCE5CA2] - 03/07/2013 - 05:05:05 ---A- . (.Microsoft Corporation - Hid Class Library.) -- C:\Windows\System32\Drivers\hidclass.sys   [76800]
O58 - SDL:[MD5.0A77D29F311B88CFAE3B13F9C1A73825] - 14/07/2009 - 01:06:23 ---A- . (.Microsoft Corporation - Infrared Miniport Driver for Input Devices.) -- C:\Windows\System32\Drivers\hidir.sys   [46592]
O58 - SDL:[MD5.856E76B3641746ABBC2946BED1372098] - 03/07/2013 - 05:05:04 ---A- . (.Microsoft Corporation - Hid Parsing Library.) -- C:\Windows\System32\Drivers\hidparse.sys   [32896]
O58 - SDL:[MD5.9592090A7E2B61CD582B612B6DF70536] - 20/11/2010 - 11:43:49 ---A- . (.Microsoft Corporation - USB Miniport Driver for Input Devices.) -- C:\Windows\System32\Drivers\hidusb.sys   [30208]
O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 20/11/2010 - 14:33:35 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys   [78720]
O58 - SDL:[MD5.0EA7DE1ACB728DD5A369FD742D6EEE28] - 20/11/2010 - 10:25:14 ---A- . (.Microsoft Corporation - HTTP Pile du protocole.) -- C:\Windows\System32\Drivers\http.sys   [753664]
O58 - SDL:[MD5.A5462BD6884960C9DC85ED49D34FF392] - 20/11/2010 - 14:33:36 ---A- . (.Microsoft Corporation - Hardware Policy Driver.) -- C:\Windows\System32\Drivers\hwpolicy.sys   [14720]
O58 - SDL:[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 14/07/2009 - 00:19:57 ---A- . (.Microsoft Corporation - Pilote de port i8042.) -- C:\Windows\System32\Drivers\i8042prt.sys   [105472]
O58 - SDL:[MD5.1D004CB1DA6323B1F55CAEF7F94B61D9] - 05/06/2009 - 02:54:36 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStor.sys   [408600]
O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 11/03/2011 - 07:41:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys   [410496]
O58 - SDL:[MD5.A87261EF1546325B559374F5689CF5BC] - 10/06/2009 - 21:37:05 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys   [6108416]
O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys   [44112]
O58 - SDL:[MD5.F00F20E70C6EC3AA366910083A0518AA] - 14/07/2009 - 02:48:04 ---A- . (.Microsoft Corporation - Intel PCI IDE Driver.) -- C:\Windows\System32\Drivers\intelide.sys   [16960]
O58 - SDL:[MD5.ADA036632C664CAA754079041CF1F8C1] - 14/07/2009 - 00:19:25 ---A- . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\Drivers\intelppm.sys   [62464]
O58 - SDL:[MD5.C9F0E1BD74365A8771590E9008D22AB6] - 20/11/2010 - 11:52:19 ---A- . (.Microsoft Corporation - IP FILTER DRIVER.) -- C:\Windows\System32\Drivers\ipfltdrv.sys   [82944]
O58 - SDL:[MD5.0FC1AEA580957AA8817B8F305D18CA3A] - 20/11/2010 - 11:04:53 ---A- . (.Microsoft Corporation - PILOT IPMI WMI.) -- C:\Windows\System32\Drivers\IPMIDrv.sys   [78848]
O58 - SDL:[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - 01:10:03 ---A- . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys   [116224]
O58 - SDL:[MD5.05360B1EA5A2ABF620D1D96EBD8BD8F1] - 14/07/2009 - 01:09:02 ---A- . (.Microsoft Corporation - IRDA Protocol Driver.) -- C:\Windows\System32\Drivers\irda.sys   [120320]
O58 - SDL:[MD5.3ABF5E7213EB28966D55D58B515D5CE9] - 14/07/2009 - 01:08:59 ---A- . (.Microsoft Corporation - Infra-Red Bus Enumerator.) -- C:\Windows\System32\Drivers\irenum.sys   [17920]
O58 - SDL:[MD5.2F7B28DC3E1183E5EB418DF55C204F38] - 14/07/2009 - 02:48:04 ---A- . (.Microsoft Corporation - Pilote de bus PNP ISA.) -- C:\Windows\System32\Drivers\isapnp.sys   [20544]
O58 - SDL:[MD5.249EE2D26CB1530F3BEDE0AC8B9E3099] - 20/06/2009 - 12:35:00 ---A- . (.Broadcom Corporation - Broadcom NetLink (TM) Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\k57nd60a.sys   [317480]
O58 - SDL:[MD5.BC02336F1CBA7DCC7D1213BB588A68A5] - 14/07/2009 - 02:48:04 ---A- . (.Microsoft Corporation - Pilote de la classe Clavier.) -- C:\Windows\System32\Drivers\kbdclass.sys   [50768]
O58 - SDL:[MD5.0705EFF5B42A9DB58548EEC3B26BB484] - 20/11/2010 - 11:33:25 ---A- . (.Microsoft Corporation - Pilote de filtre clavier HID.) -- C:\Windows\System32\Drivers\kbdhid.sys   [33280]
O58 - SDL:[MD5.24FBF5CC5C04150073C315A7C83521EE] - 20/11/2010 - 11:33:25 ---A- . (.Microsoft Corporation - Kernel CSA Library.) -- C:\Windows\System32\Drivers\ks.sys   [243712]
O58 - SDL:[MD5.8F489706472F7E9A06BAAA198703FA64] - 25/09/2013 - 03:26:40 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecdd.sys   [95680]
O58 - SDL:[MD5.868A2CAAB12EFC7A021682BCA0EEC54C] - 25/09/2013 - 03:26:40 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface Packages.) -- C:\Windows\System32\Drivers\ksecpkg.sys   [154560]
O58 - SDL:[MD5.6869281E78CB31A43E969F06B57347C4] - 14/07/2009 - 01:00:19 ---A- . (.Microsoft Corporation - Kernel Streaming WOW Thunk Service.) -- C:\Windows\System32\Drivers\ksthunk.sys   [20992]
O58 - SDL:[MD5.2AC603C3188C704CFCE353659AA7AD71] - 20/06/2009 - 03:09:57 ---A- . (.Atheros Communications, Inc. - Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20.) -- C:\Windows\System32\Drivers\L1E62x64.sys   [54272]
O58 - SDL:[MD5.1538831CF8AD2979A04C423779465827] - 14/07/2009 - 01:08:51 ---A- . (.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) -- C:\Windows\System32\Drivers\lltdio.sys   [60928]
O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys   [114752]
O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys   [106560]
O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys   [65600]
O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys   [115776]
O58 - SDL:[MD5.43D0F98E1D56CCDDB0D5254CFF7B356E] - 14/07/2009 - 00:26:13 ---A- . (.Microsoft Corporation - Pilote de filtre de virtualisation de fichier LUA.) -- C:\Windows\System32\Drivers\luafv.sys   [113152]
O58 - SDL:[MD5.0BB97D43299910CBFBA59C461B99B910] - 04/04/2013 - 14:50:32 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys   [25928]
O58 - SDL:[MD5.3C9F072F9DCA856B9FB7A20CBD4281AC] - 14/07/2009 - 01:01:06 ---A- . (.Microsoft Corporation - Medium changer class driver.) -- C:\Windows\System32\Drivers\mcd.sys   [22016]
O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys   [35392]
O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys   [284736]
O58 - SDL:[MD5.800BA92F7010378B09F9ED9270F07137] - 14/07/2009 - 01:10:48 ---A- . (.Microsoft Corporation - Pilote de périphérique modem.) -- C:\Windows\System32\Drivers\modem.sys   [40448]
O58 - SDL:[MD5.B03D591DC7DA45ECE20B3B467E6AADAA] - 14/07/2009 - 00:38:52 ---A- . (.Microsoft Corporation - Monitor Driver.) -- C:\Windows\System32\Drivers\monitor.sys   [30208]
O58 - SDL:[MD5.7D27EA49F3C1F687D357E77A470AEA99] - 14/07/2009 - 02:48:27 ---A- . (.Microsoft Corporation - Pilote de la classe Souris.) -- C:\Windows\System32\Drivers\mouclass.sys   [49216]
O58 - SDL:[MD5.21B7ACEA1BB49C3371DD5427BF309D6A] - 08/03/2009 - 12:16:14 ---A- . (.Windows (R) Codename Longhorn DDK provider - Mouse Filter Driver.) -- C:\Windows\System32\Drivers\moufiltr.sys   [7680]
O58 - SDL:[MD5.D3BF052C40B0C4166D9FD86A4288C1E6] - 14/07/2009 - 01:00:20 ---A- . (.Microsoft Corporation - Pilote de filtre souris HID.) -- C:\Windows\System32\Drivers\mouhid.sys   [31232]
O58 - SDL:[MD5.32E7A3D591D671A6DF2DB515A5CBE0FA] - 20/11/2010 - 14:33:43 ---A- . (.Microsoft Corporation - Gestionnaire des points de montage.) -- C:\Windows\System32\Drivers\mountmgr.sys   [94592]
O58 - SDL:[MD5.A44B420D30BD56E145D6A2BC8768EC58] - 20/11/2010 - 14:33:44 ---A- . (.Microsoft Corporation - Pilote du bus de prise en charge des chemins d’accès multiples.) -- C:\Windows\System32\Drivers\mpio.sys   [155008]
O58 - SDL:[MD5.6C38C9E45AE0EA2FA5E551F2ED5E978F] - 14/07/2009 - 01:08:25 ---A- . (.Microsoft Corporation - Microsoft Protection Service Driver.) -- C:\Windows\System32\Drivers\mpsdrv.sys   [77312]
O58 - SDL:[MD5.1A4F75E63C9FB84B85DFFC6B63FD5404] - 04/07/2013 - 11:11:35 ---A- . (.Microsoft Corporation - Windows NT WebDav Minirdr.) -- C:\Windows\System32\Drivers\mrxdav.sys   [140800]
O58 - SDL:[MD5.A5D9106A73DC88564C825D317CAC68AC] - 27/04/2011 - 03:40:40 ---A- . (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\Drivers\mrxsmb.sys   [158208]
O58 - SDL:[MD5.D711B3C1D5F42C0C2415687BE09FC163] - 09/07/2011 - 03:46:28 ---A- . (.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) -- C:\Windows\System32\Drivers\mrxsmb10.sys   [288768]
O58 - SDL:[MD5.9423E9D355C8D303E76B8CFBD8A5C30C] - 27/04/2011 - 03:39:37 ---A- . (.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) -- C:\Windows\System32\Drivers\mrxsmb20.sys   [128000]
O58 - SDL:[MD5.C25F0BAFA182CBCA2DD3C851C2E75796] - 20/11/2010 - 14:33:44 ---A- . (.Microsoft Corporation - MS AHCI 1.0 Standard Driver.) -- C:\Windows\System32\Drivers\msahci.sys   [31104]
O58 - SDL:[MD5.DB801A638D011B9633829EB6F663C900] - 20/11/2010 - 14:33:44 ---A- . (.Microsoft Corporation - Module spécifique de périphériques Microsoft.) -- C:\Windows\System32\Drivers\msdsm.sys   [140672]
O58 - SDL:[MD5.AA3FB40E17CE1388FA1BEDAB50EA8F96] - 14/07/2009 - 00:19:47 ---A- . (.Microsoft Corporation - Mailslot driver.) -- C:\Windows\System32\Drivers\msfs.sys   [26112]
O58 - SDL:[MD5.F9D215A46A8B9753F61767FA72A20326] - 14/07/2009 - 01:06:24 ---A- . (.Microsoft Corporation - Pass-through HID to KMDF Filter Driver.) -- C:\Windows\System32\Drivers\mshidkmdf.sys   [8192]
O58 - SDL:[MD5.D916874BBD4F8B07BFB7FA9B3CCAE29D] - 14/07/2009 - 02:48:27 ---A- . (.Microsoft Corporation - ISA Driver.) -- C:\Windows\System32\Drivers\msisadrv.sys   [15424]
O58 - SDL:[MD5.D931D7309DEB2317035B07C9F9E6B0BD] - 20/11/2010 - 14:33:45 ---A- . (.Microsoft Corporation - Microsoft iSCSI Initiator Driver.) -- C:\Windows\System32\Drivers\msiscsi.sys   [273792]
O58 - SDL:[MD5.49CCF2C4FEA34FFAD8B1B59D49439366] - 14/07/2009 - 01:00:18 ---A- . (.Microsoft Corporation - MS KS Server.) -- C:\Windows\System32\Drivers\mskssrv.sys   [11136]
O58 - SDL:[MD5.BDD71ACE35A232104DDD349EE70E1AB3] - 14/07/2009 - 01:00:17 ---A- . (.Microsoft Corporation - MS Proxy Clock.) -- C:\Windows\System32\Drivers\mspclock.sys   [7168]
O58 - SDL:[MD5.4ED981241DB27C3383D72092B618A1D0] - 14/07/2009 - 01:00:17 ---A- . (.Microsoft Corporation - MS Proxy Quality Manager.) -- C:\Windows\System32\Drivers\mspqm.sys   [6784]
O58 - SDL:[MD5.759A9EEB0FA9ED79DA1FB7D4EF78866D] - 20/11/2010 - 14:33:45 ---A- . (.Microsoft Corporation - Kernel Remote Procedure Call Provider.) -- C:\Windows\System32\Drivers\msrpc.sys   [366976]
O58 - SDL:[MD5.0EED230E37515A0EAEE3C2E1BC97B288] - 14/07/2009 - 02:48:27 ---A- . (.Microsoft Corporation - System Management BIOS Driver.) -- C:\Windows\System32\Drivers\mssmbios.sys   [32320]
O58 - SDL:[MD5.2E66F9ECB30B4221A318C92AC2250779] - 14/07/2009 - 01:00:17 ---A- . (.Microsoft Corporation - WDM Tee/Communication Transform Filter.) -- C:\Windows\System32\Drivers\mstee.sys   [8064]
O58 - SDL:[MD5.7EA404308934E675BFFDE8EDF0757BCD] - 14/07/2009 - 01:02:08 ---A- . (.Microsoft Corporation - Pilote HID multipoint Microsoft.) -- C:\Windows\System32\Drivers\MTConfig.sys   [15360]
O58 - SDL:[MD5.F9A18612FD3526FE473C1BDA678D61C8] - 14/07/2009 - 02:48:27 ---A- . (.Microsoft Corporation - Multiple UNC Provider Driver.) -- C:\Windows\System32\Drivers\mup.sys   [60496]
O58 - SDL:[MD5.6FFECC25B39DC7652A0CEC0ADA9DB589] - 03/06/2009 - 04:15:30 ---A- . (.Egis Technology Inc. - PSD Filter Driver.) -- C:\Windows\System32\Drivers\mwlPSDFilter.sys   [22576]
O58 - SDL:[MD5.0BEFE32CA56D6EE89D58175725596A85] - 03/06/2009 - 04:15:30 ---A- . (.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) -- C:\Windows\System32\Drivers\mwlPSDNserv.sys   [20016]
O58 - SDL:[MD5.D43BC633B8660463E446E28E14A51262] - 03/06/2009 - 04:15:30 ---A- . (.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) -- C:\Windows\System32\Drivers\mwlPSDVDisk.sys   [60464]
O58 - SDL:[MD5.760E38053BF56E501D562B70AD796B88] - 22/08/2012 - 19:12:40 ---A- . (.Microsoft Corporation - Pilote NDIS 6.20.) -- C:\Windows\System32\Drivers\ndis.sys   [950128]
O58 - SDL:[MD5.9F9A1F53AAD7DA4D6FEF5BB73AB811AC] - 14/07/2009 - 01:08:13 ---A- . (.Microsoft Corporation - NDIS Packet Capture Filter Driver.) -- C:\Windows\System32\Drivers\ndiscap.sys   [35328]
O58 - SDL:[MD5.30639C932D9FEF22B31268FE25A1B6E5] - 14/07/2009 - 01:10:00 ---A- . (.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) -- C:\Windows\System32\Drivers\ndistapi.sys   [24064]
O58 - SDL:[MD5.136185F9FB2CC61E573E676AA5402356] - 20/11/2010 - 11:50:08 ---A- . (.Microsoft Corporation - Pilote d’E/S du mode utilisateur NDIS.) -- C:\Windows\System32\Drivers\ndisuio.sys   [56832]
O58 - SDL:[MD5.53F7305169863F0A2BDDC49E116C2E11] - 20/11/2010 - 11:52:34 ---A- . (.Microsoft Corporation - MS PPP Framing Driver (Strong Encryption).) -- C:\Windows\System32\Drivers\ndiswan.sys   [164352]
O58 - SDL:[MD5.015C0D8E0E0421B4CFD48CFFE2825879] - 20/11/2010 - 11:52:20 ---A- . (.Microsoft Corporation - NDIS Proxy.) -- C:\Windows\System32\Drivers\ndproxy.sys   [57856]
O58 - SDL:[MD5.86743D9F5D2B1048062B14B1D84501C4] - 14/07/2009 - 01:09:26 ---A- . (.Microsoft Corporation - NetBIOS interface driver.) -- C:\Windows\System32\Drivers\netbios.sys   [44544]
O58 - SDL:[MD5.09594D1089C523423B32A4229263F068] - 20/11/2010 - 10:23:20 ---A- . (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\Drivers\netbt.sys   [261632]
O58 - SDL:[MD5.3555BA97171CD153118F73FDCCC8BFDE] - 26/11/2013 - 12:40:00 ---A- . (.Microsoft Corporation - Network I/O Subsystem.) -- C:\Windows\System32\Drivers\netio.sys   [376768]
O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys   [51264]
O58 - SDL:[MD5.1E4C4AB5C9B8DD13179BBDC75A2A01F7] - 14/07/2009 - 00:19:48 ---A- . (.Microsoft Corporation - NPFS Driver.) -- C:\Windows\System32\Drivers\npfs.sys   [44032]
O58 - SDL:[MD5.E7F5AE18AF4168178A642A9247C63001] - 14/07/2009 - 00:21:02 ---A- . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys   [24576]
O58 - SDL:[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - 12/04/2013 - 15:45:08 ---A- . (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\Drivers\ntfs.sys   [1656680]
O58 - SDL:[MD5.64DDD0DEE976302F4BD93E5EFCC2F013] - 06/05/2009 - 01:46:08 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\System32\Drivers\NTIDrvr.sys   [18432]
O58 - SDL:[MD5.9899284589F75FA8724FF3D16AED75C1] - 14/07/2009 - 00:19:38 ---A- . (.Microsoft Corporation - NULL Driver.) -- C:\Windows\System32\Drivers\null.sys   [6144]
O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys   [148352]
O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys   [166272]
O58 - SDL:[MD5.270D7CD42D6E3979F6DD0146650F0E05] - 14/07/2009 - 02:48:26 ---A- . (.Microsoft Corporation - Filtre AGP NForce NT.) -- C:\Windows\System32\Drivers\NV_AGP.SYS   [122960]
O58 - SDL:[MD5.1EA3749C4114DB3E3161156FFFFA6B33] - 14/07/2009 - 01:07:23 ---A- . (.Microsoft Corporation - Pilote de miniport WiFi natif.) -- C:\Windows\System32\Drivers\nwifi.sys   [318976]
O58 - SDL:[MD5.3589478E4B22CE21B41FA1BFC0B8B8A0] - 14/07/2009 - 01:06:45 ---A- . (.Microsoft Corporation - 1394 OpenHCI Port Driver.) -- C:\Windows\System32\Drivers\ohci1394.sys   [72832]
O58 - SDL:[MD5.0557CF5A2556BD58E26384169D72438D] - 20/11/2010 - 11:52:20 ---A- . (.Microsoft Corporation - Planificateur de paquets QoS.) -- C:\Windows\System32\Drivers\pacer.sys   [131584]
O58 - SDL:[MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - 01:00:41 ---A- . (.Microsoft Corporation - Pilote de port parallèle.) -- C:\Windows\System32\Drivers\parport.sys   [97280]
O58 - SDL:[MD5.E9766131EEADE40A27DC27D2D68FBA9C] - 17/03/2012 - 08:58:57 ---A- . (.Microsoft Corporation - Partition Management Driver.) -- C:\Windows\System32\Drivers\partmgr.sys   [75120]
O58 - SDL:[MD5.94575C0571D1462A0F70BDE6BD6EE6B3] - 20/11/2010 - 14:33:48 ---A- . (.Microsoft Corporation - Énumérateur Plug-and-Play PCI pour NT.) -- C:\Windows\System32\Drivers\pci.sys   [184704]
O58 - SDL:[MD5.B5B8B5EF2E5CB34DF8DCF8831E3534FA] - 14/07/2009 - 02:45:45 ---A- . (.Microsoft Corporation - Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\pciide.sys   [12352]
O58 - SDL:[MD5.144497DAA145BA0F7BE896064146C058] - 14/07/2009 - 02:45:46 ---A- . (.Microsoft Corporation - PCI IDE Bus Driver Extension.) -- C:\Windows\System32\Drivers\pciidex.sys   [48720]
O58 - SDL:[MD5.B2E81D4E87CE48589F98CB8C05B01F2F] - 14/07/2009 - 02:45:45 ---A- . (.Microsoft Corporation - Pilote de bus PCMCIA.) -- C:\Windows\System32\Drivers\pcmcia.sys   [220752]
O58 - SDL:[MD5.D6B9C2E1A11A3A4B26A182FFEF18F603] - 14/07/2009 - 02:45:45 ---A- . (.Microsoft Corporation - Performance Counters for Windows Driver.) -- C:\Windows\System32\Drivers\pcw.sys   [50768]
O58 - SDL:[MD5.68769C3356B3BE5D1C732C97B9A80D6E] - 14/07/2009 - 02:01:19 ---A- . (.Microsoft Corporation - Protected Environment Authentication and Authorization Export D.) -- C:\Windows\System32\Drivers\PEAuth.sys   [651264]
O58 - SDL:[MD5.1E0B4CBBA91C6B041A14ECC2186F7E24] - 04/10/2013 - 02:36:04 ---A- . (.Microsoft Corporation - Port Class (Class Driver for Port/Miniport Devices).) -- C:\Windows\System32\Drivers\portcls.sys   [230400]
O58 - SDL:[MD5.0D922E23C041EFB1C3FAC2A6F943C9BF] - 14/07/2009 - 00:19:25 ---A- . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\Drivers\processr.sys   [60416]
O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys   [1524816]
O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys   [128592]
O58 - SDL:[MD5.76707BB36430888D9CE9D705398ADB6C] - 14/07/2009 - 01:09:48 ---A- . (.Microsoft Corporation - Pilote du support de Microsoft Quality Windows Audio Video Expe.) -- C:\Windows\System32\Drivers\qwavedrv.sys   [46592]
O58 - SDL:[MD5.5A0DA8AD5762FA2D91678A8A01311704] - 14/07/2009 - 01:10:09 ---A- . (.Microsoft Corporation - RAS Automatic Connection Driver.) -- C:\Windows\System32\Drivers\rasacd.sys   [14848]
O58 - SDL:[MD5.471815800AE33E6F1C32FB1B97C490CA] - 20/11/2010 - 11:52:35 ---A- . (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\Drivers\rasl2tp.sys   [129536]
O58 - SDL:[MD5.855C9B1CD4756C5E9A2AA58A15F58C25] - 14/07/2009 - 01:10:17 ---A- . (.Microsoft Corporation - RAS PPPoE mini-port/call-manager driver.) -- C:\Windows\System32\Drivers\raspppoe.sys   [92672]
O58 - SDL:[MD5.F92A2C41117A11A00BE01CA01A7FCDE9] - 20/11/2010 - 11:52:32 ---A- . (.Microsoft Corporation - Peer-to-Peer Tunneling Protocol.) -- C:\Windows\System32\Drivers\raspptp.sys   [111104]
O58 - SDL:[MD5.E8B1E447B008D07FF47D016C2B0EEECB] - 14/07/2009 - 01:10:25 ---A- . (.Microsoft Corporation - RAS SSTP Miniport Call Manager.) -- C:\Windows\System32\Drivers\rassstp.sys   [83968]
O58 - SDL:[MD5.77F665941019A1594D887A74F301FA2F] - 20/11/2010 - 10:27:54 ---A- . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire tampon de lecteur red.) -- C:\Windows\System32\Drivers\rdbss.sys   [309248]
O58 - SDL:[MD5.302DA2A0539F2CF54D7C6CC30C1F2D8D] - 14/07/2009 - 01:17:46 ---A- . (.Microsoft Corporation - Microsoft RDP Bus Device driver.) -- C:\Windows\System32\Drivers\rdpbus.sys   [24064]
O58 - SDL:[MD5.CEA6CC257FC9B7715F1C2B4849286D24] - 14/07/2009 - 01:16:34 ---A- . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\RDPCDD.sys   [7680]
O58 - SDL:[MD5.BB5971A4F00659529A5C44831AF22365] - 14/07/2009 - 01:16:34 ---A- . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\RDPENCDD.sys   [7680]
O58 - SDL:[MD5.216F3FA57533D98E1F74DED70113177A] - 14/07/2009 - 01:16:35 ---A- . (.Microsoft Corporation - RDP Reflector Driver Miniport.) -- C:\Windows\System32\Drivers\RDPREFMP.sys   [8192]
O58 - SDL:[MD5.E61608AA35E98999AF9AAEEEA6114B0A] - 28/04/2012 - 04:55:21 ---A- . (.Microsoft Corporation - Pilote de pile RDP Terminal.) -- C:\Windows\System32\Drivers\rdpwd.sys   [210944]
O58 - SDL:[MD5.34ED295FA0121C241BFEF24764FC4520] - 20/11/2010 - 14:33:53 ---A- . (.Microsoft Corporation - ReadyBoost Driver.) -- C:\Windows\System32\Drivers\rdyboost.sys   [213888]
O58 - SDL:[MD5.CAF88D6573D21CD2AA27001DDBFDC74D] - 20/11/2010 - 11:49:51 ---A- . (.Microsoft Corporation - Reliable Multicast Transport.) -- C:\Windows\System32\Drivers\rmcast.sys   [146432]
O58 - SDL:[MD5.0E01641D96889BDEB22DE12D30575B08] - 04/07/2012 - 21:26:03 ---A- . (.Microsoft Corporation - Remote NDIS Miniport.) -- C:\Windows\System32\Drivers\RNDISMP.sys   [41472]
O58 - SDL:[MD5.388D3DD1A6457280F3BADBA9F3ACD6B1] - 14/07/2009 - 01:10:47 ---A- . (.Microsoft Corporation - Legacy Non-Pnp Modem Device Driver.) -- C:\Windows\System32\Drivers\rootmdm.sys   [11264]
O58 - SDL:[MD5.DDC86E4F8E7456261E637E3552E804FF] - 14/07/2009 - 01:08:51 ---A- . (.Microsoft Corporation - Link-Layer Topology Responder Driver for NDIS 6.) -- C:\Windows\System32\Drivers\rspndr.sys   [76800]
O58 - SDL:[MD5.C2F868881D48A568B525255F084EF063] - 19/06/2012 - 16:54:20 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys   [4065296]
O58 - SDL:[MD5.2DB8116D52B19216812C4E6D5D837810] - 05/06/2009 - 01:46:50 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\System32\Drivers\RtsUStor.sys   [216064]
O58 - SDL:[MD5.AC03AF3329579FFFB455AA2DAABBE22B] - 20/11/2010 - 14:33:54 ---A- . (.Microsoft Corporation - SBP-2 Protocol Driver.) -- C:\Windows\System32\Drivers\sbp2port.sys   [103808]
O58 - SDL:[MD5.253F38D0D7074C02FF8DEB9836C97D2B] - 20/11/2010 - 11:09:59 ---A- . (.Microsoft Corporation - Pilote de filtre de lecteur de carte à puce Microsoft.) -- C:\Windows\System32\Drivers\scfilter.sys   [29696]
O58 - SDL:[MD5.1B1E264203D4EF9D3DA1987AD70355AB] - 20/11/2010 - 14:33:54 ---A- . (.Microsoft Corporation - SCSI Port Driver.) -- C:\Windows\System32\Drivers\scsiport.sys   [171392]
O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys   [23040]
O58 - SDL:[MD5.CB624C0035412AF0DEBEC78C41F5CA1B] - 14/07/2009 - 01:00:33 ---A- . (.Microsoft Corporation - Serial Port Enumerator.) -- C:\Windows\System32\Drivers\serenum.sys   [23552]
O58 - SDL:[MD5.C1D8E28B2C2ADFAEC4BA89E9FDA69BD6] - 14/07/2009 - 01:00:40 ---A- . (.Microsoft Corporation - Pilote de périphérique série.) -- C:\Windows\System32\Drivers\serial.sys   [94208]
O58 - SDL:[MD5.1C545A7D0691CC4A027396535691C3E3] - 14/07/2009 - 01:00:20 ---A- . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys   [26624]
O58 - SDL:[MD5.A554811BCD09279536440C964AE35BBF] - 14/07/2009 - 01:01:01 ---A- . (.Microsoft Corporation - Small Form Factor Disk Driver.) -- C:\Windows\System32\Drivers\sffdisk.sys   [14336]
O58 - SDL:[MD5.FF414F0BAEFEBA59BC6C04B3DB0B87BF] - 14/07/2009 - 01:01:03 ---A- . (.Microsoft Corporation - Small Form Factor MMC Protocol Driver.) -- C:\Windows\System32\Drivers\sffp_mmc.sys   [13824]
O58 - SDL:[MD5.DD85B78243A19B59F0637DCF284DA63C] - 20/11/2010 - 11:34:00 ---A- . (.Microsoft Corporation - Small Form Factor SD Protocol Driver.) -- C:\Windows\System32\Drivers\sffp_sd.sys   [14336]
O58 - SDL:[MD5.A9D601643A1647211A1EE2EC4E433FF4] - 14/07/2009 - 01:01:02 ---A- . (.Microsoft Corporation - SCSI Floppy Driver.) -- C:\Windows\System32\Drivers\sfloppy.sys   [16896]
O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys   [43584]
O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys   [80464]
O58 - SDL:[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - 01:09:09 ---A- . (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\Drivers\smb.sys   [93184]
O58 - SDL:[MD5.A80348BA03E96C70852959655CA3E084] - 14/07/2009 - 01:00:35 ---A- . (.Microsoft Corporation - Smart Card Driver Library.) -- C:\Windows\System32\Drivers\smclib.sys   [20992]
O58 - SDL:[MD5.B9E31E5CACDFE584F34F730A677803F9] - 14/07/2009 - 02:45:55 ---A- . (.Microsoft Corporation - loader for security processor.) -- C:\Windows\System32\Drivers\spldr.sys   [19008]
O58 - SDL:[MD5.FFF95479C7AB1550F0750A5D01744211] - 10/06/2009 - 21:48:43 ---A- . (.Microsoft Corporation - security processor.) -- C:\Windows\System32\Drivers\spsys.sys   [426496]
O58 - SDL:[MD5.441FBA48BFF01FDB9D5969EBC1838F0B] - 29/04/2011 - 04:06:10 ---A- . (.Microsoft Corporation - Server driver.) -- C:\Windows\System32\Drivers\srv.sys   [467456]
O58 - SDL:[MD5.B4ADEBBF5E3677CCE9651E0F01F7CC28] - 29/04/2011 - 04:05:49 ---A- . (.Microsoft Corporation - Smb 2.0 Server driver.) -- C:\Windows\System32\Drivers\srv2.sys   [410112]
O58 - SDL:[MD5.27E461F0BE5BFF5FC737328F749538C3] - 29/04/2011 - 04:05:37 ---A- . (.Microsoft Corporation - Server Network driver.) -- C:\Windows\System32\Drivers\srvnet.sys   [168448]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [24656]
O58 - SDL:[MD5.19CB37AC38B802BE9C441D094521A29A] - 11/03/2011 - 07:41:37 ---A- . (.Microsoft Corporation - Microsoft Storage Port Driver.) -- C:\Windows\System32\Drivers\storport.sys   [189824]
O58 - SDL:[MD5.001CC10FA5E71AE1119115E126C8750D] - 14/07/2009 - 01:06:18 ---A- . (.Microsoft Corporation - WDM CODEC Class Device Driver 2.0.) -- C:\Windows\System32\Drivers\stream.sys   [68864]
O58 - SDL:[MD5.D01EC09B6711A5F8E7E6564A4D0FBC90] - 14/07/2009 - 02:45:55 ---A- . (.Microsoft Corporation - Plug and Play Software Device Enumerator.) -- C:\Windows\System32\Drivers\swenum.sys   [12496]
O58 - SDL:[MD5.BCF305959B53B200CEB2AD25AD22F8A7] - 19/06/2009 - 05:12:32 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys   [272432]
O58 - SDL:[MD5.6E316C01CBA8B785FE495F5CC4F48C6F] - 14/07/2009 - 01:01:04 ---A- . (.Microsoft Corporation - SCSI Tape Class Driver.) -- C:\Windows\System32\Drivers\tape.sys   [29184]
O58 - SDL:[MD5.40AF23633D197905F03AB5628C558C51] - 08/09/2013 - 03:30:37 ---A- . (.Microsoft Corporation - Pilote TCP/IP.) -- C:\Windows\System32\Drivers\tcpip.sys   [1903552]
O58 - SDL:[MD5.1B16D0BD9841794A6E0CDE0CEF744ABC] - 03/10/2012 - 17:07:26 ---A- . (.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) -- C:\Windows\System32\Drivers\tcpipreg.sys   [45568]
O58 - SDL:[MD5.6F020A220388ECA0AB6062DC27BD16B6] - 20/11/2010 - 10:22:07 ---A- . (.Microsoft Corporation - TDI Wrapper.) -- C:\Windows\System32\Drivers\tdi.sys   [26624]
O58 - SDL:[MD5.3371D21011695B16333A3934340C4E7C] - 14/07/2009 - 01:16:32 ---A- . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\Windows\System32\Drivers\tdpipe.sys   [15872]
O58 - SDL:[MD5.51C5ECEB1CDEE2468A1748BE550CFBC8] - 17/02/2012 - 05:57:32 ---A- . (.Microsoft Corporation - TCP Transport Driver.) -- C:\Windows\System32\Drivers\tdtcp.sys   [23552]
O58 - SDL:[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - 20/11/2010 - 10:21:56 ---A- . (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\Drivers\tdx.sys   [119296]
O58 - SDL:[MD5.561E7E1F06895D78DE991E01DD0FB6E5] - 20/11/2010 - 14:33:57 ---A- . (.Microsoft Corporation - Remote Desktop Server Driver.) -- C:\Windows\System32\Drivers\termdd.sys   [63360]
O58 - SDL:[MD5.4CE278FC9671BA81A138D70823FCAA09] - 15/06/2013 - 05:32:16 ---A- . (.Microsoft Corporation - TS Security Filter Driver.) -- C:\Windows\System32\Drivers\tssecsrv.sys   [39936]
O58 - SDL:[MD5.D11C783E3EF9A3C52C0EBE83CC5000E9] - 20/11/2010 - 12:07:05 ---A- . (.Microsoft Corporation - Pilote de filtre pour concentrateur USB du Bureau à distance.) -- C:\Windows\System32\Drivers\TsUsbFlt.sys   [59392]
O58 - SDL:[MD5.3566A8DAAFA27AF944F5D705EAA64894] - 20/11/2010 - 11:51:50 ---A- . (.Microsoft Corporation - Pilote d’interface de tunnel Microsoft.) -- C:\Windows\System32\Drivers\tunnel.sys   [125440]
O58 - SDL:[MD5.B4DD609BD7E282BFC683CEC7EAAAAD67] - 14/07/2009 - 02:45:55 ---A- . (.Microsoft Corporation - Filtre MS AGPv3.5.) -- C:\Windows\System32\Drivers\UAGP35.SYS   [64080]
O58 - SDL:[MD5.2E22C1FD397A5A9FFEF55E9D1FC96C00] - 06/05/2009 - 01:46:08 ---A- . (.NewTech Infosystems Corporation - NTI CDROM Filter Driver.) -- C:\Windows\System32\Drivers\UBHelper.sys   [16896]
O58 - SDL:[MD5.FF4232A1A64012BAA1FD97C7B67DF593] - 20/11/2010 - 10:26:11 ---A- . (.Microsoft Corporation - UDF File System Driver.) -- C:\Windows\System32\Drivers\udfs.sys   [328192]
O58 - SDL:[MD5.4BFE1BC28391222894CBF1E7D0E42320] - 14/07/2009 - 02:45:55 ---A- . (.Microsoft Corporation - Filtre ULi AGPv3.0 pour plateformes à processeur K8/9.) -- C:\Windows\System32\Drivers\ULIAGPKX.SYS   [64592]
O58 - SDL:[MD5.DC54A574663A895C8763AF0FA1FF7561] - 20/11/2010 - 11:44:37 ---A- . (.Microsoft Corporation - User-Mode Bus Enumerator.) -- C:\Windows\System32\Drivers\umbus.sys   [48640]
O58 - SDL:[MD5.B2E8E8CB557B156DA5493BBDDCC1474D] - 14/07/2009 - 01:06:52 ---A- . (.Microsoft Corporation - Generic pass-through driver.) -- C:\Windows\System32\Drivers\umpass.sys   [9728]
O58 - SDL:[MD5.92B3172E8C14C1444682F510843A9988] - 12/02/2013 - 05:12:05 ---A- . (.Microsoft Corporation - Remote NDIS USB Driver.) -- C:\Windows\System32\Drivers\usb8023.sys   [19968]
O58 - SDL:[MD5.9E58997A211C8C9AC9E6CFFA53614A73] - 28/08/2009 - 19:42:52 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys   [49152]
O58 - SDL:[MD5.292A8E03B3FCE04E39B5BE9B14132030] - 20/11/2010 - 11:44:05 ---A- . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) -- C:\Windows\System32\Drivers\USBCAMD2.sys   [32896]
O58 - SDL:[MD5.DCA68B0943D6FA415F0C56C92158A83A] - 27/11/2013 - 02:41:15 ---A- . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) -- C:\Windows\System32\Drivers\usbccgp.sys   [99840]
O58 - SDL:[MD5.80B0F7D5CCF86CEB5D402EAAF61FEC31] - 12/07/2013 - 11:41:12 ---A- . (.Microsoft Corporation - USB Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\usbcir.sys   [100864]
O58 - SDL:[MD5.FFA06EF43987ED0DD42AD59B260C0C78] - 27/11/2013 - 02:41:03 ---A- . (.Microsoft Corporation - Universal Serial Bus Driver.) -- C:\Windows\System32\Drivers\usbd.sys   [7808]
O58 - SDL:[MD5.18A85013A3E0F7E1755365D287443965] - 27/11/2013 - 02:41:11 ---A- . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) -- C:\Windows\System32\Drivers\usbehci.sys   [53248]
O58 - SDL:[MD5.8D1196CFBB223621F2C67D45710F25BA] - 27/11/2013 - 02:41:37 ---A- . (.Microsoft Corporation - Default Hub Driver for USB.) -- C:\Windows\System32\Drivers\usbhub.sys   [343040]
O58 - SDL:[MD5.765A92D428A8DB88B960DA5A8D6089DC] - 27/11/2013 - 02:41:09 ---A- . (.Microsoft Corporation - OHCI USB Miniport Driver.) -- C:\Windows\System32\Drivers\usbohci.sys   [25600]
O58 - SDL:[MD5.12FEB33791920678F8433701C822BCFD] - 27/11/2013 - 02:41:11 ---A- . (.Microsoft Corporation - Pilote de port USB 1.1 & 2.0.) -- C:\Windows\System32\Drivers\usbport.sys   [325120]
O58 - SDL:[MD5.73188F58FB384E75C4063D29413CEE3D] - 14/07/2009 - 01:38:18 ---A- . (.Microsoft Corporation - USB Printer driver.) -- C:\Windows\System32\Drivers\usbprint.sys   [25088]
O58 - SDL:[MD5.C3EC945DEC43C00E2AD4C98DDDD064C7] - 20/11/2010 - 12:37:20 ---A- . (.Microsoft Corporation - Gestionnaire de stratégie de redirection USB Windows.) -- C:\Windows\System32\Drivers\usbrpm.sys   [31744]
O58 - SDL:[MD5.9661DA76B4531B2DA272ECCE25A8AF24] - 03/07/2013 - 05:40:12 ---A- . (.Microsoft Corporation - USB Scanner Driver.) -- C:\Windows\System32\Drivers\usbscan.sys   [42496]
O58 - SDL:[MD5.FED648B01349A3C8395A5169DB5FB7D6] - 11/03/2011 - 05:37:16 ---A- . (.Microsoft Corporation - USB Mass Storage Class Driver.) -- C:\Windows\System32\Drivers\USBSTOR.SYS   [91648]
O58 - SDL:[MD5.DD253AFC3BC6CBA412342DE60C3647F3] - 27/11/2013 - 02:41:06 ---A- . (.Microsoft Corporation - UHCI USB Miniport Driver.) -- C:\Windows\System32\Drivers\usbuhci.sys   [30720]
O58 - SDL:[MD5.1F775DA4CF1A3A1834207E975A72E9D7] - 12/07/2013 - 11:41:35 ---A- . (.Microsoft Corporation - USB Video Class Driver.) -- C:\Windows\System32\Drivers\usbvideo.sys   [185344]
O58 - SDL:[MD5.C5C876CCFC083FF3B128F933823E87BD] - 14/07/2009 - 02:45:55 ---A- . (.Microsoft Corporation - Énumérateur racine de lecteur virtuel.) -- C:\Windows\System32\Drivers\vdrvroot.sys   [36432]
O58 - SDL:[MD5.53E92A310193CB3C03BEA963DE7D9CFC] - 14/07/2009 - 00:38:47 ---A- . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys   [29184]
O58 - SDL:[MD5.DA4DA3F5E02943C2DC8C6ED875DE68DD] - 14/07/2009 - 00:38:47 ---A- . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vgapnp.sys   [29184]
O58 - SDL:[MD5.2CE2DF28C83AEAF30084E1B1EB253CBB] - 20/11/2010 - 14:34:00 ---A- . (.Microsoft Corporation - VHD Miniport Driver.) -- C:\Windows\System32\Drivers\vhdmp.sys   [215936]
O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys   [17488]
O58 - SDL:[MD5.E7353D59C9842BC7299FAEB7E7E09340] - 14/07/2009 - 00:38:51 ---A- . (.Microsoft Corporation - Video Port Driver.) -- C:\Windows\System32\Drivers\videoprt.sys   [129024]
O58 - SDL:[MD5.D2AAFD421940F640B407AEFAAEBD91B0] - 20/11/2010 - 14:34:01 ---A- . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys   [71552]
O58 - SDL:[MD5.A255814907C89BE58B79EF2F189B843B] - 20/11/2010 - 14:34:01 ---A- . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys   [363392]
O58 - SDL:[MD5.0D08D2F3B3FF84E433346669B5E0F639] - 20/11/2010 - 14:34:02 ---A- . (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\Windows\System32\Drivers\volsnap.sys   [295808]
O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys   [161872]
O58 - SDL:[MD5.36D4720B72B5C5D9CB2B9C29E9DF67A1] - 14/07/2009 - 01:07:21 ---A- . (.Microsoft Corporation - Pilote de bus WiFi virtuel.) -- C:\Windows\System32\Drivers\vwifibus.sys   [24576]
O58 - SDL:[MD5.6A3D66263414FF0D6FA754C646612F3F] - 14/07/2009 - 01:07:22 ---A- . (.Microsoft Corporation - Virtual WiFi Filter Driver.) -- C:\Windows\System32\Drivers\vwififlt.sys   [59904]
O58 - SDL:[MD5.6A638FC4BFDDC4D9B186C28C91BD1A01] - 14/07/2009 - 01:07:28 ---A- . (.Microsoft Corporation - Virtual WiFi Miniport Driver.) -- C:\Windows\System32\Drivers\vwifimp.sys   [17920]
O58 - SDL:[MD5.4E9440F4F152A7B944CB1663D3935A3E] - 14/07/2009 - 01:02:07 ---A- . (.Microsoft Corporation - Wacom Serial Pen Tablet HID Driver.) -- C:\Windows\System32\Drivers\wacompen.sys   [27776]
O58 - SDL:[MD5.68F6A83C8848875AD027D038637A5BE0] - 16/04/2009 - 20:18:26 ---A- . (.Windows (R) Codename Longhorn DDK provider - Virtual Hid Device.) -- C:\Windows\System32\Drivers\walvhid.sys   [7808]
O58 - SDL:[MD5.356AFD78A6ED4457169241AC3965230C] - 20/11/2010 - 11:52:37 ---A- . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) -- C:\Windows\System32\Drivers\wanarp.sys   [88576]
O58 - SDL:[MD5.FC438D1430B28618E2D0C7C332A710AD] - 14/07/2009 - 00:37:35 ---A- . (.Microsoft Corporation - Watchdog Driver.) -- C:\Windows\System32\Drivers\watchdog.sys   [42496]
O58 - SDL:[MD5.72889E16FF12BA0F235467D6091B17DC] - 14/07/2009 - 02:45:55 ---A- . (.Microsoft Corporation - Microsoft Watchdog Timer Driver.) -- C:\Windows\System32\Drivers\wd.sys   [21056]
O58 - SDL:[MD5.E2C933EDBC389386EBE6D2BA953F43D8] - 25/06/2013 - 23:55:52 ---A- . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\System32\Drivers\Wdf01000.sys   [785624]
O58 - SDL:[MD5.AEA0A67275CFBA0E463E00C6E9A1DDAE] - 26/07/2012 - 05:55:47 ---A- . (.Microsoft Corporation - Kernel Mode Driver Framework Loader.) -- C:\Windows\System32\Drivers\WdfLdr.sys   [54376]
O58 - SDL:[MD5.611B23304BF067451A9FDEE01FBDD725] - 14/07/2009 - 01:09:26 ---A- . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) -- C:\Windows\System32\Drivers\wfplwf.sys   [12800]
O58 - SDL:[MD5.05ECAEC3E4529A7153B3136CEB49F0EC] - 14/07/2009 - 02:45:56 ---A- . (.Microsoft Corporation - Wim file system Driver.) -- C:\Windows\System32\Drivers\wimmount.sys   [22096]
O58 - SDL:[MD5.FE88B288356E7B47B74B13372ADD906D] - 20/11/2010 - 11:43:56 ---A- . (.Microsoft Corporation - Windows USB Class Driver BETA.) -- C:\Windows\System32\Drivers\winusb.sys   [41984]
O58 - SDL:[MD5.F6FF8944478594D0E414D3F048F0D778] - 14/07/2009 - 00:31:02 ---A- . (.Microsoft Corporation - Windows Management Interface for ACPI.) -- C:\Windows\System32\Drivers\wmiacpi.sys   [14336]
O58 - SDL:[MD5.FC146F46872D4C5B529B89A5131FD1E6] - 14/07/2009 - 02:45:55 ---A- . (.Microsoft Corporation - WMILIB WMI support library Dll.) -- C:\Windows\System32\Drivers\wmilib.sys   [16464]
O58 - SDL:[MD5.6BCC1D7D2FD2453957C5479A32364E52] - 14/07/2009 - 01:10:33 ---A- . (.Microsoft Corporation - Couche IFS Winsock2.) -- C:\Windows\System32\Drivers\ws2ifsl.sys   [21504]
O58 - SDL:[MD5.AB886378EEB55C6C75B4F2D14B6C869F] - 26/07/2012 - 03:26:45 ---A- . (.Microsoft Corporation - Windows Driver Foundation - User-mode Driver Framework Platform.) -- C:\Windows\System32\Drivers\WUDFPf.sys   [87040]
O58 - SDL:[MD5.DDA4CAF29D8C0A297F886BFE561E6659] - 26/07/2012 - 03:26:06 ---A- . (.Microsoft Corporation - Windows Driver Foundation - User-mode Driver Framework Reflecto.) -- C:\Windows\System32\Drivers\WUDFRd.sys   [198656]
O58 - SDL:[MD5.FE1EC06F2253F691FE36217C592A0206] - 14/07/2009 - 02:52:31 ---A- . (.Microsoft Corporation - Common Log File System Driver.) -- C:\Windows\System32\clfs.sys   [367696]
O58 - SDL:[MD5.1D7AAB58F4E21697AF8F46EAA81823DD] - 14/03/2011 - 06:53:44 ----- . (.Broadcom Corporation - Broadcom NetLink (TM) Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\k57nd60a.sys   [412712]
O58 - SDL:[MD5.F2BF71FCEAB8FB8A691408C478E2FF4C] - 26/11/2013 - 11:32:56 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys   [3156480]
O58 - SDL:[MD5.D5BCB77BE83CF99F508943945D46343D] - 26/03/2009 - 20:16:08 ---A- . (.Dritek System Inc. - Dritek 64-bit PS/2 Keyboard Filter Driver.) -- C:\Windows\SysWOW64\drivers\DKbFltr.sys   [25608]
O58 - SDL:[MD5.5CF95B35E59E2A38023836FFF31BE64C] - 14/07/2009 - 02:19:10 ---A- . (.Microsoft Corporation - Wim file system Driver.) -- C:\Windows\SysWOW64\drivers\wimmount.sys   [19008]
~ Drivers: 16 Scanned in 00mn 06s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 03/02/2014 - 11:16:12 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\Adobe\Adobe Photoshop CS6\Adobe Photoshop CS6 Settings\Actions Palette.psp   [31495]  =>.Adobe Systems Incorporated
O61 - LFC: 03/02/2014 - 11:16:12 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\Adobe\Adobe Photoshop CS6\Adobe Photoshop CS6 Settings\Adobe Photoshop X64 CS6 Prefs.psp   [235371]  =>.Adobe Systems Incorporated
O61 - LFC: 03/02/2014 - 11:16:12 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\Adobe\Adobe Photoshop CS6\Adobe Photoshop CS6 Settings\Color Settings.csf   [560008]  =>.Adobe Systems Incorporated
O61 - LFC: 03/02/2014 - 11:16:12 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\Adobe\Adobe Photoshop CS6\Adobe Photoshop CS6 Settings\LaunchEndFlag.psp   [11]  =>.Adobe Systems Incorporated
O61 - LFC: 03/02/2014 - 11:16:12 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\Adobe\Adobe Photoshop CS6\Adobe Photoshop CS6 Settings\RepoussePresets.psp   [10]  =>.Adobe Systems Incorporated
O61 - LFC: 03/02/2014 - 11:16:12 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\Adobe\Adobe Photoshop CS6\Adobe Photoshop CS6 Settings\WorkSpaces (Modified)\Essentials   [19335]  =>.Adobe Systems Incorporated
O61 - LFC: 03/02/2014 - 11:16:12 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\Adobe\Adobe Photoshop CS6\Adobe Photoshop CS6 Settings\Workspace Prefs.psp   [19628]  =>.Adobe Systems Incorporated
O61 - LFC: 03/02/2014 - 11:16:13 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\Adobe\Color\ACEConfigCache2.lst   [233]
O61 - LFC: 03/02/2014 - 11:16:14 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\Microsoft\Office\Recent\bouchra jarrar.LNK   [1022]
O61 - LFC: 03/02/2014 - 11:16:15 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\Microsoft\Office\Recent\Bureau.LNK   [879]
O61 - LFC: 03/02/2014 - 11:16:15 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\Microsoft\Office\Recent\Xpression plastique le Masque.LNK   [1126]
O61 - LFC: 03/02/2014 - 11:16:15 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\Microsoft\Office\Recent\fiche projet perso.LNK   [1071]
O61 - LFC: 03/02/2014 - 11:16:15 --H-- . (...) -- C:\Users\Teloü\AppData\Roaming\Microsoft\Office\Recent\index.dat   [177]
O61 - LFC: 04/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.fr_0.indexeddb.leveldb\000005.bak   [376]
O61 - LFC: 04/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.fr_0.indexeddb.leveldb\000005.ldb   [376]
O61 - LFC: 04/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.fr_0.indexeddb.leveldb\LOCK   [0]
O61 - LFC: 04/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_etu.univ-lyon2.fr_0.localstorage   [3072]
O61 - LFC: 04/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_etu.univ-lyon2.fr_0.localstorage-journal   [3608]
O61 - LFC: 04/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_evene.lefigaro.fr_0.localstorage   [3072]
O61 - LFC: 04/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_evene.lefigaro.fr_0.localstorage-journal   [3608]
O61 - LFC: 04/02/2014 - 11:15:30 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.linternaute.com_0.localstorage   [3072]
O61 - LFC: 04/02/2014 - 11:15:30 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.linternaute.com_0.localstorage-journal   [3608]
O61 - LFC: 04/02/2014 - 11:15:30 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.telerama.fr_0.localstorage   [3072]
O61 - LFC: 04/02/2014 - 11:15:30 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.telerama.fr_0.localstorage-journal   [3608]
O61 - LFC: 04/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\data_0   [8192]
O61 - LFC: 04/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\data_1   [270336]
O61 - LFC: 04/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\data_2   [8192]
O61 - LFC: 04/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\data_3   [8192]
O61 - LFC: 04/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\index   [524656]
O61 - LFC: 04/02/2014 - 11:15:33 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Toolbar Cache\7.5.4805.320\fr\translate_element.js.content   [2385]
O61 - LFC: 04/02/2014 - 11:15:33 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Toolbar Cache\7.5.4805.320\fr\translate_languages.json.content   [2033]
O61 - LFC: 04/02/2014 - 11:15:33 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Toolbar DNS data\data   [115]
O61 - LFC: 04/02/2014 - 11:15:33 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Toolbar\broker_metrics.xml   [20790]
O61 - LFC: 05/02/2014 - 11:15:24 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Bookmarks   [12572]
O61 - LFC: 05/02/2014 - 11:15:24 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak   [12572]
O61 - LFC: 05/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_connexity.net_0.localstorage   [3072]
O61 - LFC: 05/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_connexity.net_0.localstorage-journal   [3608]
O61 - LFC: 05/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_connexity.net_0.localstorage   [3072]
O61 - LFC: 05/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_connexity.net_0.localstorage-journal   [3608]
O61 - LFC: 05/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dub125.mail.live.com_0.localstorage   [3072]
O61 - LFC: 05/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dub125.mail.live.com_0.localstorage-journal   [3608]
O61 - LFC: 05/02/2014 - 11:15:30 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fr.openclassrooms.com_0.localstorage   [3072]
O61 - LFC: 05/02/2014 - 11:15:30 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fr.openclassrooms.com_0.localstorage-journal   [3608]
O61 - LFC: 05/02/2014 - 11:15:30 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_optimized-by.rubiconproject.com_0.localstorage   [3072]
O61 - LFC: 05/02/2014 - 11:15:30 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_optimized-by.rubiconproject.com_0.localstorage-journal   [3608]
O61 - LFC: 05/02/2014 - 11:15:30 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.tomsguide.fr_0.localstorage   [3072]
O61 - LFC: 05/02/2014 - 11:15:30 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.tomsguide.fr_0.localstorage-journal   [3608]
O61 - LFC: 05/02/2014 - 11:15:30 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage   [5120]
O61 - LFC: 05/02/2014 - 11:15:30 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal   [5672]
O61 - LFC: 05/02/2014 - 11:15:31 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\MJNVANQL\audienceinsights.net\pus.sol   [68]
O61 - LFC: 05/02/2014 - 11:15:31 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\MJNVANQL\con#\tent.yieldmanager.edgesuite.net\avazu.sol   [46]
O61 - LFC: 05/02/2014 - 11:15:31 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\MJNVANQL\macromedia.com\##4B29123116D03087\00000001.sol   [200]
O61 - LFC: 05/02/2014 - 11:15:31 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\MJNVANQL\macromedia.com\support\flashplayer\sys\#audienceinsights.net\settings.sol   [90]
O61 - LFC: 05/02/2014 - 11:16:10 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Temp\msohtmlclip1\01\clip_colorschememapping.xml   [314]
O61 - LFC: 05/02/2014 - 11:16:10 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Temp\msohtmlclip1\01\clip_themedata.thmx   [3086]
O61 - LFC: 05/02/2014 - 11:16:15 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\Microsoft\Office\Word12.pip   [1692]
O61 - LFC: 05/02/2014 - 11:16:25 ---A- . (.El Desaparecido - SosVirus.net - UsbFix.net.) -- C:\Users\Teloü\Downloads\UsbFix.exe   [2203492]
O61 - LFC: 06/02/2014 - 11:15:24 ---A- . (...) -- C:\Users\Teloü\AppData\Local\ATI\ACE\Manifest.Bin   [27796]
O61 - LFC: 06/02/2014 - 11:15:24 ---A- . (...) -- C:\Users\Teloü\AppData\Local\ATI\ACE\Manifest.xml   [20186]
O61 - LFC: 06/02/2014 - 11:15:24 ---A- . (...) -- C:\Users\Teloü\AppData\Local\ATI\ACE\Profiles.xml   [12493]
O61 - LFC: 06/02/2014 - 11:15:24 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Cookies   [1959936]
O61 - LFC: 06/02/2014 - 11:15:24 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal   [16384]
O61 - LFC: 06/02/2014 - 11:15:24 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000064.ldb   [231]
O61 - LFC: 06/02/2014 - 11:15:24 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT   [16]
O61 - LFC: 06/02/2014 - 11:15:24 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG   [145]
O61 - LFC: 06/02/2014 - 11:15:24 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old   [352]
O61 - LFC: 06/02/2014 - 11:15:24 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000066   [895]
O61 - LFC: 06/02/2014 - 11:15:24 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Extension State\CURRENT   [16]
O61 - LFC: 06/02/2014 - 11:15:24 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG   [151]
O61 - LFC: 06/02/2014 - 11:15:24 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old   [151]
O61 - LFC: 06/02/2014 - 11:15:24 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-002860   [265]  =>.Google Inc
O61 - LFC: 06/02/2014 - 11:15:24 ---A- . (...) -- C:\Users\Teloü\AppData\Local\avgchrome\avgp   [58726]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Favicons   [19312640]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal   [16384]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT   [16]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG   [151]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG.old   [151]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-001270   [204]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\History   [14643200]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache   [486268]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\History-journal   [16384]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.fr_0.indexeddb.leveldb\CURRENT   [16]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.fr_0.indexeddb.leveldb\LOG   [145]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.fr_0.indexeddb.leveldb\LOG.old   [145]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.fr_0.indexeddb.leveldb\MANIFEST-000051   [76]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Last Session   [393976]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Last Tabs   [53980]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlnembnfbcpjnepmfjmngjenhhajpdfd_0.localstorage   [32768]  =>Adware.IncrediBar
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlnembnfbcpjnepmfjmngjenhhajpdfd_0.localstorage-journal   [16384]  =>Adware.IncrediBar
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdns.gigya.com_0.localstorage   [3072]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdns.gigya.com_0.localstorage-journal   [3608]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage   [16384]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage-journal   [16384]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage   [3072]
O61 - LFC: 06/02/2014 - 11:15:29 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage-journal   [512]
O61 - LFC: 06/02/2014 - 11:15:30 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fra1.ib.adnxs.com_0.localstorage   [3072]
O61 - LFC: 06/02/2014 - 11:15:30 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fra1.ib.adnxs.com_0.localstorage-journal   [3608]
O61 - LFC: 06/02/2014 - 11:15:30 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_googleads.g.doubleclick.net_0.localstorage   [3072]
O61 - LFC: 06/02/2014 - 11:15:30 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_googleads.g.doubleclick.net_0.localstorage-journal   [512]
O61 - LFC: 06/02/2014 - 11:15:30 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor   [435200]
O61 - LFC: 06/02/2014 - 11:15:30 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal   [16384]
O61 - LFC: 06/02/2014 - 11:15:31 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\MJNVANQL\macromedia.com\support\flashplayer\sys\settings.sol   [556]
O61 - LFC: 06/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Preferences   [58725]
O61 - LFC: 06/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\QuotaManager   [20480]
O61 - LFC: 06/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal   [9800]
O61 - LFC: 06/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Session Storage\003674.ldb   [3278]
O61 - LFC: 06/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Session Storage\003676.ldb   [469]
O61 - LFC: 06/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT   [16]
O61 - LFC: 06/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG   [274]
O61 - LFC: 06/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old   [794]
O61 - LFC: 06/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-003675   [527]  =>.Google Inc
O61 - LFC: 06/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Shortcuts   [487424]
O61 - LFC: 06/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal   [16384]
O61 - LFC: 06/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Top Sites   [102400]
O61 - LFC: 06/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal   [16384]
O61 - LFC: 06/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity   [5433]
O61 - LFC: 06/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Visited Links   [131072]
O61 - LFC: 06/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Web Data   [296960]
O61 - LFC: 06/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal   [16384]
O61 - LFC: 06/02/2014 - 11:15:32 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Local State   [69243]
O61 - LFC: 06/02/2014 - 11:15:33 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom   [5635968]
O61 - LFC: 06/02/2014 - 11:15:33 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set   [1402610]
O61 - LFC: 06/02/2014 - 11:15:33 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies   [6144]
O61 - LFC: 06/02/2014 - 11:15:33 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal   [2576]
O61 - LFC: 06/02/2014 - 11:15:33 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist   [135548]
O61 - LFC: 06/02/2014 - 11:15:33 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Safe Browsing Download   [945680]
O61 - LFC: 06/02/2014 - 11:15:33 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist   [19440]
O61 - LFC: 06/02/2014 - 11:15:33 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist   [7812]
O61 - LFC: 06/02/2014 - 11:15:33 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Safe Browsing IP Blacklist   [768]
O61 - LFC: 06/02/2014 - 11:15:33 --HA- . (...) -- C:\Users\Teloü\AppData\Local\IconCache.db   [6291456]
O61 - LFC: 06/02/2014 - 11:16:10 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Temp\FXSAPIDebugLogFile.txt   [0]
O61 - LFC: 06/02/2014 - 11:16:10 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Temp\MyWinLocker\FileList.txt   [84]
O61 - LFC: 06/02/2014 - 11:16:10 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Temp\au-descriptor-1.7.0_51-b13.xml   [8894]
O61 - LFC: 06/02/2014 - 11:16:10 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Temp\boost_interprocess\INI_FILE_MUTEX   [20]
O61 - LFC: 06/02/2014 - 11:16:10 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Temp\hosts.bk   [824]
O61 - LFC: 06/02/2014 - 11:16:10 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Temp\system.ini.bk   [219]
O61 - LFC: 06/02/2014 - 11:16:10 ---A- . (...) -- C:\Users\Teloü\AppData\Local\Temp\win.ini.bk   [625]
O61 - LFC: 06/02/2014 - 11:16:14 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\BabSolution\Shared\chu.js   [2] =>Hijacker.BabSolution
O61 - LFC: 06/02/2014 - 11:16:14 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2014-02-06 (08-49-12).txt   [94976]
O61 - LFC: 06/02/2014 - 11:16:14 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\cacaoweb\npdfile.dat   [248] =>PUP.CacaoWeb
O61 - LFC: 06/02/2014 - 11:16:14 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\cacaoweb\storage.db   [25] =>PUP.CacaoWeb
O61 - LFC: 06/02/2014 - 11:16:15 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\OpenOffice.org\3\.lock   [137]
O61 - LFC: 06/02/2014 - 11:16:16 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Office\Common.xcu   [3261]
O61 - LFC: 06/02/2014 - 11:16:19 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\Skype\shared.xml   [87796]
O61 - LFC: 06/02/2014 - 11:16:19 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\Skype\shared_dynco\dc.db   [2183168]
O61 - LFC: 06/02/2014 - 11:16:19 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\Skype\shared_dynco\dc.db-journal   [1313792]
O61 - LFC: 06/02/2014 - 11:16:21 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\ZHP\Log.txt   [19929]  =>.Nicolas Coolman
O61 - LFC: 06/02/2014 - 11:16:21 ---A- . (...) -- C:\Users\Teloü\AppData\Roaming\ZHP\TestsZHPDiag.txt   [2878]  =>.Nicolas Coolman
O61 - LFC: 06/02/2014 - 11:16:23 ---A- . (.Malwarebytes Corporation.) -- C:\Users\Teloü\Downloads\mbam-setup-1.75.0.1300.exe   [10285040]
O61 - LFC: 06/02/2014 - 11:16:34 ---A- . (.Nicolas Coolman.) -- C:\Users\Teloü\Downloads\ZHPDiag2.exe   [6862845]  =>.Nicolas Coolman
~ 9 Fichiers temporaires (Temporary files)
~ Files: 150 Scanned in 02mn 03s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 28/09/2013 - C:\Windows\system32\drivers\afd.sys (AFD)  .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 30/10/2012 - C:\Windows\System32\Drivers\aswFsBlk.sys (aswFsBlk)  .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - 30/10/2012 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt)  .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 15/10/2012 - C:\Windows\system32\Drivers\aswrdr2.sys (aswRdr)  .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 30/10/2012 - C:\Windows\System32\Drivers\aswSnx.sys (aswSnx)  .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 30/10/2012 - C:\Windows\System32\Drivers\aswSP.sys (aswSP)  .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 30/10/2012 - C:\Windows\System32\Drivers\aswTdi.sys (aswTdi)  .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\atapi.sys (atapi)  .(.Microsoft Corporation - ATAPI IDE Miniport Driver.) - LEGACY_ATAPI
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep)  .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP
O64 - Services: CurCS - 04/07/2012 - C:\Windows\system32\browser.dll (bowser)  .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS)  .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 04/07/2013 - C:\Windows\System32\Drivers\cng.sys (CNG)  .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\dfsc.sys (DfsC)  .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache)  .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE
O64 - Services: CurCS - 01/08/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl)  .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\fastfat.sys (fastfat)  .(.Microsoft Corporation - Fast FAT File System Driver.) - LEGACY_FASTFAT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo)  .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr)  .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - 24/01/2013 - C:\Windows\system32\drivers\fvevol.sys (fvevol)  .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\http.sys (HTTP)  .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy)  .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
O64 - Services: CurCS - 25/09/2013 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD)  .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - 25/09/2013 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg)  .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio)  .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv)  .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr)  .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv)  .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb10)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv)  .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup)  .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP
O64 - Services: CurCS - 03/06/2009 - C:\Windows\System32\DRIVERS\mwlPSDFilter.sys (mwlPSDFilter)  .(.Egis Technology Inc. - PSD Filter Driver.) - LEGACY_MWLPSDFILTER
O64 - Services: CurCS - 03/06/2009 - C:\Windows\System32\DRIVERS\mwlPSDNServ.sys (mwlPSDNServ)  .(.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) - LEGACY_MWLPSDNSERV
O64 - Services: CurCS - 03/06/2009 - C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys (mwlPSDVDisk)  .(.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) - LEGACY_MWLPSDVDISK
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP)  .(.Microsoft Corporation - Pilote de miniport WiFi natif.) - LEGACY_NATIVEWIFIP
O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS)  .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio)  .(.Microsoft Corporation - Pilote d’E/S du mode utilisateur NDIS.) - LEGACY_NDISUIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS)  .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT)  .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy)  .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw)  .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH)  .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\pacer.sys (Psched)  .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (rdbss)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD)  .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD)  .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP)  .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr)  .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr)  .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv)  .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv2)  .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet)  .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (Tcpip)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP
O64 - Services: CurCS - 03/10/2012 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg)  .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (tdx)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave)  .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx)  .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap)  .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\vwififlt.sys (vwififlt)  .(.Microsoft Corporation - Virtual WiFi Filter Driver.) - LEGACY_VWIFIFLT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6)  .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
O64 - Services: CurCS - 25/06/2013 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000)  .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf)  .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF
O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\WudfPf.sys (WudfPf)  .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF
~ Legacy: 82 Scanned in 00mn 01s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("aol_toolbar.default.homepage.check", false);
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("aol_toolbar.default.search.check", false);
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar.admin", false); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar.aflt", "babsst"); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar.autoRvrt", "false"); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar.dfltLng", "fr"); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar.excTlbr", false); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar.id", "d617658b0000000000000ceee6c5f119"); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar.instlDay", "15708"); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar.instlRef", "na"); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar.prtkDS", 0); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar.prtkHmpg", 0); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar.rvrt", "false"); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar.tlbrId", "base"); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=d617658b0000000000000ceee6c5f1[...] =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar.vrsn", "1.8.7.2"); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar.vrsni", "1.8.7.2"); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar_i.excTlbr", false); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar_i.newTab", false); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.7.215:12:46"); =>PUP.Babylon
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.aflt", "babsst");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.bbDpng", "18");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.cntry", "FR");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.dfltLng", "fr");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.ffxUnstlRst", true);
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.hdrMd5", "AC5CE71BC5F26ADC71D849F94B5FFE65");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.id", "d617658b0000000000000ceee6c5f119");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.instlDay", "15977");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.lastVrsnTs", "1.8.24.610:57:49");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.sg", "azb");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.smplGrp", "azb");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.vrsn", "1.8.24.6");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.vrsni", "1.8.24.6");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta.vrsnTs", "1.8.24.610:57:49");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta_i.babExt", "");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta_i.babTrack", "affID=119357&tsp=5020");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("extensions.delta_i.srcExt", "ss");
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "WebSearch"); =>PUP.SweetIM
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "WebSearch"); =>PUP.SweetIM
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("sweetim.toolbar.previous.browser.startup.homepage", "http://websearch.soft-quick.info/"); =>PUP.SweetIM
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("sweetim.toolbar.previous.keyword.URL", "http://websearch.soft-quick.info/?l=1&q="); =>PUP.SweetIM
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*"); =>PUP.SweetIM
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("sweetim.toolbar.searchguard.enable", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1"); =>PUP.SweetIM
O69 - SBI: prefs.js [Teloü - njwswb7h.default] user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1"); =>PUP.SweetIM
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (SearchGol) - http://www.searchgol.com =>Hijacker.SearchGol
O69 - SBI: SearchScopes [HKCU] {2B7B7EFC-C234-4532-822B-A8D74D7EF7EB} - (Durable.com) - http://www.durable.com
O69 - SBI: SearchScopes [HKCU] {468B4068-F26B-0E35-9733-1AA4BCA6276B} - (MyStart Search) - http://mystart.incredibar.com =>Adware.IncrediBar
O69 - SBI: SearchScopes [HKCU] {64A188EE-ADFE-4C94-B68E-B944CC542206} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} - (MyStart Search) - http://mystart.incredibar.com =>Adware.IncrediBar
~ Keys:  Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [859648]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll   [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll   [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [100864]

~ Services: 32 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.62B7C506B092D460898F3296DA94B728] [SPRF][18/07/2009] (.Oberon Media - FullRemove.) -- C:\ProgramData\FullRemove.exe   [36136]
[MD5.884E144676C0C9679042E83574822FB9] [SPRF][06/02/2014] (...) -- C:\Users\Teloü\AppData\LocalLow\SkwConfig.bin   [8432]
[MD5.FFDB21FFC1B250F5E812BA55B41CAE74] [SPRF][07/06/2011] (...) -- C:\Users\Teloü\AppData\Roaming\wklnhst.dat   [1810]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll   [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe   [196608]
[MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll   [172032]
~ Files: 6 Scanned in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-Prov-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe
O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-McrMgr-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Media Center Extender Manager.) -- C:\Windows\ehome\mcrmgr.exe
O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "{A5A48B92-8A06-46CC-AB98-D30EDF70F628}" | In - Public - P6 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O87 - FAEL: "{D8AABB03-CA8D-478A-9763-5281D43A0491}" | In - Public - P6 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O87 - FAEL: "{709F98C6-1B56-469C-AA7C-7E33F537B2FB}" | In - Public - P17 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O87 - FAEL: "{0DB6F52F-2488-4615-B42D-CC238964C6BE}" | In - Public - P17 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O87 - FAEL: "{419483B8-E53B-4670-B436-BD62DAEF765A}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Microsoft Office OneNote.) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.exe
O87 - FAEL: "{E004B37D-0603-4931-8D11-63CE217C3D73}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Microsoft Office OneNote.) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.exe
O87 - FAEL: "{28B76CE2-D2D0-4D7E-A632-E78CCF1F86F1}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{B5C96685-6BFE-4B97-A621-E69C226FCEEA}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{42335DE1-29B9-41E9-94A0-72B1AE36D6E9}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{5E81EEED-7127-4010-B64B-55EB6D332A6D}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{17C93703-BC34-4FFB-A65A-EF3A485BEF5B}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "{A16DFA72-8327-4B43-8022-BC7ADACEAA96}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "{5D90B2A4-0692-4275-A459-00DCCF5B9662}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "{623652C1-85E9-43ED-B2DA-AFEF97A8893D}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "{C2BD762B-0526-4133-A810-576F9432493A}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{FA3F91F7-C706-4014-ADCD-886075DA2DD0}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{6102D62E-732C-4A77-9518-7A4AD638814D}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{751E8456-3565-4469-AFC4-608ED0993077}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{7530717F-01FF-4F2C-B4D7-5DC65A983ECA}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{2E300F14-F0C6-4D85-AE0E-17DDCB599BBF}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{DCFCA575-1D8A-4F50-8C84-BAB6F4A92180}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{CB8B358B-77A9-4FDA-B3C8-3400650937AD}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{D6A17FEC-2617-4674-AB39-7D46CB5F59AD}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{0127F182-063C-4FD6-B427-64F05949B43E}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{59388524-1043-498C-8E69-126FEB06CF9E}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{2CEDC435-3FBA-4C1E-B7CA-B76F2A0E86EB}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "{D3D8DB78-BCDD-4F71-ABCA-6573B7C1B7CC}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{D7B2A708-D7DB-4A64-A4B5-7EE5E7C4DD29}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{86B75EAC-79A6-45EA-9EED-D5D6593ACC59}" | In - Private - P6 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe
O87 - FAEL: "{12CB3F44-C000-4828-BDF3-CFD11FA8B6FB}" | In - Private - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe
O87 - FAEL: "{855BBF6C-778B-4BCC-97BE-2FB7487C689A}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
O87 - FAEL: "{0B39B979-391C-43AF-8DC0-948ECF1FB0F6}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O87 - FAEL: "{FAF8B097-73E9-4C50-A615-78E19EA5CCA4}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\System32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "TCP Query User{842DDA13-7958-4823-8E47-8B97B2F85105}C:\program files (x86)\quake 3\quake3\quake3.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\quake 3\quake3\quake3.exe
O87 - FAEL: "UDP Query User{508A5FAF-7DAC-48EC-BF1E-198995388306}C:\program files (x86)\quake 3\quake3\quake3.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\quake 3\quake3\quake3.exe
O87 - FAEL: "{14C132BE-E4AC-4C4E-9F08-2B5C8F27965C}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\ma-config.com\maconfservice.exe (.not file.)
O87 - FAEL: "{C51F702D-76F0-4035-A49E-AD6B844E3FF1}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\ma-config.com\maconfservice.exe (.not file.)
O87 - FAEL: "{03E0FEBF-5F81-47BC-96AB-F6B056B99FD6}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{3823741A-7A82-4B5B-85B6-E84FD2B10D0A}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "TCP Query User{9EE0256E-20A5-4F22-A4A4-B111B092A24B}C:\program files (x86)\quake 3\quake3\quake3.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\quake 3\quake3\quake3.exe
O87 - FAEL: "UDP Query User{C35D2033-5B03-4B73-9396-49220D2F3826}C:\program files (x86)\quake 3\quake3\quake3.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\quake 3\quake3\quake3.exe
O87 - FAEL: "{472BDF6C-9C8D-495B-A117-A3A72ABDA318}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files (x86)\Microsoft Office\Office12\outlook.exe  =>.Microsoft Corporation
O87 - FAEL: "{F113644F-E497-41EB-BCC5-AC8B36F3FD59}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Microsoft Office Groove.) -- C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.exe
O87 - FAEL: "{EEB6FDDF-451B-40DE-9206-A735370319A8}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft Office Groove.) -- C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.exe
O87 - FAEL: "{4C34A17D-49F9-4EF6-A42A-64EDBBFF70A5}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Microsoft Office OneNote.) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.exe
O87 - FAEL: "{8FFE4F95-F025-485A-90C8-4B186115DBB8}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft Office OneNote.) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.exe
O87 - FAEL: "TCP Query User{C5EC68AE-36A7-4420-8C4E-D024270D202B}C:\program files (x86)\spotify\spotify.exe" | In - Private - P6 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\program files (x86)\spotify\spotify.exe
O87 - FAEL: "UDP Query User{476D579C-C376-4DD8-AA4A-F7E26B7A61C4}C:\program files (x86)\spotify\spotify.exe" | In - Private - P17 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\program files (x86)\spotify\spotify.exe
O87 - FAEL: "{C9FA1CB0-2E19-4DF5-B3F9-F8CE486F978F}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
O87 - FAEL: "TCP Query User{485324DA-E77B-4E8E-B988-AB2E278311F4}C:\program files (x86)\java\jre7\bin\java.exe" | In - Private - P6 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre7\bin\java.exe
O87 - FAEL: "UDP Query User{BCC48A35-E824-448E-9B60-BEF64364D771}C:\program files (x86)\java\jre7\bin\java.exe" | In - Private - P17 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre7\bin\java.exe
O87 - FAEL: "TCP Query User{685F8CB7-275B-4702-8970-B2EB80995A05}C:\program files (x86)\spotify\spotify.exe" | In - Public - P6 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\program files (x86)\spotify\spotify.exe
O87 - FAEL: "UDP Query User{C387DBA7-BCCC-4F9A-862D-CE692469F5FF}C:\program files (x86)\spotify\spotify.exe" | In - Public - P17 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\program files (x86)\spotify\spotify.exe
O87 - FAEL: "TCP Query User{D278CAC1-C499-4194-AE6F-50970B76D00D}C:\program files (x86)\java\jre7\bin\java.exe" | In - Public - P6 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre7\bin\java.exe
O87 - FAEL: "UDP Query User{33A1DCFD-BB4C-4127-9759-2573F71BB1CF}C:\program files (x86)\java\jre7\bin\java.exe" | In - Public - P17 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre7\bin\java.exe
O87 - FAEL: "TCP Query User{796C802F-DE8F-4EDB-A66B-923DF9CC8024}C:\users\teloü\age of empires ii\empires2m.exe" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Age of Empires II.) -- C:\users\teloü\age of empires ii\empires2m.exe
O87 - FAEL: "UDP Query User{61D8CD02-8FE8-4B88-BBB8-73B9CDC680E8}C:\users\teloü\age of empires ii\empires2m.exe" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Age of Empires II.) -- C:\users\teloü\age of empires ii\empires2m.exe
O87 - FAEL: "TCP Query User{C9118514-F814-4FAB-A6DA-9814780A4FC3}C:\users\teloü\age of empires ii\empires2m.exe" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Age of Empires II.) -- C:\users\teloü\age of empires ii\empires2m.exe
O87 - FAEL: "UDP Query User{F5013DAA-53CA-4E10-AC86-96A00089A654}C:\users\teloü\age of empires ii\empires2m.exe" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Age of Empires II.) -- C:\users\teloü\age of empires ii\empires2m.exe
O87 - FAEL: "{1B404D0A-EDD3-4F9E-BFF2-4EA5A84D06B2}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\x64\maconfservice.exe
O87 - FAEL: "{760ED30B-1C73-499B-B68F-03EBC2E8F2DE}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\x64\maconfservice.exe
O87 - FAEL: "{07130690-30C3-45A8-8E96-597B1B6CE57F}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{2840661D-E152-4654-B9F2-5B0281188BEB}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{3F3B00AD-C6CB-4060-9DC1-D9B5B745820D}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe (.not file.)
O87 - FAEL: "{5571D466-3867-43C5-B463-1F37A0B551E1}" |In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe (.not file.)
O87 - FAEL: "{A2AA0AC4-C358-4A2A-99F5-48ED3B4D7613}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{9DA0ED0F-3744-4DE2-B94C-C16405C9F784}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{6A34A8A7-C9B4-465D-BF4E-76C9F9E3F523}" |In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe (.not file.)
O87 - FAEL: "{AFA863D2-3201-46FE-A5A1-4AC4A9FC9225}" |In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe (.not file.)
O87 - FAEL: "{48378D21-9C47-4A23-AF54-C83CE182E42B}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\ARFC\wrtc.exe (.not file.)
O87 - FAEL: "{78DBD0CC-BEA0-443D-B710-E51F05FCA9CC}" |In - Private - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\ARFC\wrtc.exe (.not file.)
O87 - FAEL: "{B2A35A74-3208-483F-A68F-F8255565C459}" |In - Public - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\ARFC\wrtc.exe (.not file.)
O87 - FAEL: "{49799BD3-76C2-42B1-B8FE-FB5FCFD53B7A}" |In - Public - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\ARFC\wrtc.exe (.not file.)
O87 - FAEL: "{1266AF4E-65A6-4E57-BDEF-CDB0CD3221C9}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe  =>.Skype Technologies S.A.
O87 - FAEL: "TCP Query User{678CFB23-5291-4826-93DD-B9C26BB7A0C6}C:\users\teloü\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Private - P6 - TRUE | .(...) -- C:\users\teloü\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{5D34F679-F588-4294-9BE9-36D15CB8B42E}C:\users\teloü\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Private - P17 - TRUE | .(...) -- C:\users\teloü\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O87 - FAEL: "TCP Query User{B10BCD44-489A-4999-8ED2-CF7C49ED84FD}C:\users\teloü\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Public - P6 - TRUE | .(...) -- C:\users\teloü\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{C5E88E9D-C2FC-4DF4-80F2-E3111AEA97C7}C:\users\teloü\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Public - P17 - TRUE | .(...) -- C:\users\teloü\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
~ Firewall: 245 Scanned in 00mn 03s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "000021090200C0400000000000F01FEC" . (.Module de compatibilité pour Microsoft Office System 2007.) -- c:\Windows\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe
O90 - PUC: "00002159FA00C0400000000000F01FEC" . (.Microsoft Office PowerPoint Viewer 2007 (French).) -- c:\Windows\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe,0  =>.Microsoft Corporation
O90 - PUC: "0336A2D4B8F23E11C9048BCAF6798BE8" . (.Google Earth.) -- C:\Windows\Installer\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}\ARPPRODUCTICON.exe
O90 - PUC: "03E9C206838F2DA4D82C62C591D2A4CA" . (.Ma-Config.com (64 bits).) -- C:\Windows\Installer\{602C9E30-F838-4AD2-8DC2-265C192D4AAC}\maconfico
O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico
O90 - PUC: "09683D6BE55704F43AA5328FCBB268CA" . (.Microsoft_VC90_MFCLOC_x86.) -- C:\Windows\Installer\{B6D38690-755E-4F40-A35A-23F8BC2B86AC}\ARPPRODUCTICON.exe
O90 - PUC: "11F12B5E3396B0E42AC597363E0CD711" . (.Windows Live Messenger.) -- C:\Windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe
O90 - PUC: "121E2D80A6F7BE3479DF26B944094330" . (.Microsoft_VC90_CRT_x86.) -- C:\Windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe
O90 - PUC: "144A4120BA4A8A34D8FEF2375C636437" . (.Microsoft Works.) -- c:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\MSWorks.exe
O90 - PUC: "17298FAA4952D8645B87692B3EC0144C" . (.eBay Worldwide.) -- C:\Windows\Installer\{AAF89271-2594-468D-B578-96B2E30C41C4}\_6FEFF9B68218417F98F549.exe =>Toolbar.eBay
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon
O90 - PUC: "1EDCB75C9BC7D7643BABE7119961DC1C" . (.Norton Online Backup.) -- C:\Windows\Installer\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}\Icon.ico  =>.Symantec Corporation
O90 - PUC: "20993234FD30561AE76FA694EDF4E81F" . (.ATI AVIVO64 Codecs.) -- C:\Windows\Installer\{43239902-03DF-A165-7EF6-6A49DE4F8EF1}\ARPPRODUCTICON.exe
O90 - PUC: "20B91A1DE71869244AB57058F37DD475" . (.Microsoft_VC80_MFC_x86.) -- C:\Windows\Installer\{D1A19B02-817E-4296-A45B-07853FD74D57}\ARPPRODUCTICON.exe
O90 - PUC: "25BBB29DFF28DE24A8C3E460F249A47B" . (.Microsoft_VC80_MFCLOC_x86.) -- C:\Windows\Installer\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}\ARPPRODUCTICON.exe
O90 - PUC: "28F75DC84FFF7F318F4579E643BCDD8F" . (.Catalyst Control Center Graphics Previews Vista.) -- C:\Windows\Installer\{8CD57F82-FFF4-13F7-F854-976E34CBDDF8}\ARPPRODUCTICON.exe
O90 - PUC: "29ECF755735432C647985E389680BE67" . (.Catalyst Control Center Core Implementation.) -- C:\Windows\Installer\{557FCE92-4537-6C23-7489-E5836908EB76}\ARPPRODUCTICON.exe
O90 - PUC: "3060DDA6FE61D004F9E9844623380520" . (.OpenOffice.org 3.2.) -- C:\Windows\Installer\{6ADD0603-16EF-400D-9F9E-486432835002}\soffice.exe
O90 - PUC: "368245D336E7889D61A8844CB8B9A7B9" . (.Catalyst Control Center Graphics Light.) -- C:\Windows\Installer\{3D542863-7E63-D988-168A-48C48B9B7A9B}\ARPPRODUCTICON.exe
O90 - PUC: "3BD0A87E6D47675F33F13387D0D1D8E7" . (.Catalyst Control Center Graphics Full Existing.) -- C:\Windows\Installer\{E78A0DB3-74D6-F576-331F-33780D1D8D7E}\ARPPRODUCTICON.exe
O90 - PUC: "3E04CFE913F557F448548226377FD4E8" . (.Apple Mobile Device Support.) -- C:\Windows\Installer\{9EFC40E3-5F31-4F75-8445-286273F74D8E}\Installer.ico
O90 - PUC: "487EA05EEBAFAD641A8FB7B665CD2BE2" . (.Microsoft Office Suite Activation Assistant.) -- C:\Windows\Installer\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}\ARPPRODUCTICON.exe
O90 - PUC: "4999D01D733476085F7DF9F8CEE1A400" . (.ATI Catalyst Install Manager.) -- C:\Windows\Installer\{D10D9994-4337-8067-F5D7-9F8FEC1E4A00}\ARPPRODUCTICON.exe
O90 - PUC: "4A1AFE21B3CAC344183432E7ED674030" . (.NTI Backup Now Standard.) -- C:\Windows\Installer\{12EFA1A4-AC3B-443C-8143-237EDE760403}\ARPPRODUCTICON.exe
O90 - PUC: "50910386AED2EC144A4D8E4B340B99AB" . (.MyWinLocker.) -- C:\Windows\Installer\{68301905-2DEA-41CE-A4D4-E8B443B099BA}\ARPPRODUCTICON.exe
O90 - PUC: "5B769D51EB4AEA24E94846DC60B252AA" . (.eSobi v2.) -- C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\ARPPRODUCTICON.exe
O90 - PUC: "5E677B270354B4C4493557D18FD7D939" . (.Backup Manager Basic.) -- C:\Windows\Installer\{72B776E5-4530-4C4B-9453-751DF87D9D93}\ARPPRODUCTICON.exe
O90 - PUC: "5FF7781CA915702C5A9EE4961247EFA4" . (.ccc-core-static.) -- C:\Windows\Installer\{C1877FF5-519A-C207-A5E9-4E692174FE4A}\ARPPRODUCTICON.exe
O90 - PUC: "68AB67CA7DA7FFFFB7449A0100000010" . (.Adobe Reader 9.2 MUI.) -- c:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\SC_Reader.ico
O90 - PUC: "7692FC6BE18C0C0489510C7547EF1F02" . (.Skype Click to Call.) -- C:\Windows\Installer\{B6CF2967-C81E-40C0-9815-C05774FEF120}\IconUninstallIco
O90 - PUC: "843730339BB6AE9508EDD8E7E009B638" . (.ccc-utility64.) -- C:\Windows\Installer\{33037348-6BB9-59EA-80DE-8D7E0E906B83}\ARPPRODUCTICON.exe
O90 - PUC: "8FD07F69F061C9F4B9E9A2B934B9E49B" . (.Broadcom Gigabit NetLink Controller.) -- c:\Windows\Installer\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}\ARPPRODUCTICON.exe
O90 - PUC: "907018673D7AD86419761A87C0E167C6" . (.Windows Live FolderShare.) -- C:\Windows\Installer\{76810709-A7D3-468D-9167-A1780C1E766C}\FolderShare48x48.ico
O90 - PUC: "91785D291CBB3CC40AB8659C8E48CCC2" . (.Microsoft_VC80_CRT_x86.) -- C:\Windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe
O90 - PUC: "942D0A43E747C6D408D323C921C0B697" . (.Catalyst Control Center - Branding.) -- C:\Windows\Installer\{34A0D249-747E-4D6C-803D-329C120C6B79}\ARPPRODUCTICON.exe
O90 - PUC: "9B342C9CDB30AB445A29BA9036A02E2D" . (.iTunes.) -- C:\Windows\Installer\{C9C243B9-03BD-44BA-A592-AB09630AE2D2}\Installer.ico
O90 - PUC: "A9434A6655AA5E347A182668A707A109" . (.MacroKey Manager.) -- C:\Windows\Installer\{66A4349A-AA55-43E5-A781-62867A701A90}\ARPPRODUCTICON.exe
O90 - PUC: "B5DEF536D6C2EB94786EA7F6DC22CBA5" . (.Microsoft_VC90_MFC_x86.) -- C:\Windows\Installer\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}\ARPPRODUCTICON.exe
O90 - PUC: "B6ED15411EBA26F4EBA93B361A57882A" . (.QuickTime.) -- C:\Windows\Installer\{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}\Installer.ico
O90 - PUC: "C039314290386A74CB16E52FA72422CB" . (.NTI Media Maker 8.) -- C:\Windows\Installer\{2413930C-8309-47A6-BC61-5EF27A4222BC}\ARPPRODUCTICON.exe
O90 - PUC: "C2BE52F627908258D7AEF9AC8EAA20E6" . (.Catalyst Control Center Graphics Full New.) -- C:\Windows\Installer\{6F25EB2C-0972-8528-7DEA-9FCAE8AA026E}\ARPPRODUCTICON.exe
O90 - PUC: "C415A3A72B4B3B5CDF9F2123E9E629CB" . (.Catalyst Control Center Localization All.) -- C:\Windows\Installer\{7A3A514C-B4B2-C5B3-FDF9-12329E6E92BC}\ARPPRODUCTICON.exe
O90 - PUC: "D3BE9C3CAF4226447B48E06CAACF2DDD" . (.Fable - The Lost Chapters.) -- C:\Windows\Installer\{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "E7FF67E4ABEA78C47B88DC745E24B5D9" . (.Skype™ 6.11.) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O90 - PUC: "E873E3303DA65DA4DBBEBC6DB91340C6" . (.Microsoft_VC90_ATL_x86.) -- C:\Windows\Installer\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}\ARPPRODUCTICON.exe
O90 - PUC: "EC932EADD9BE3BE40B4D25D8B6AA84DF" . (.Bonjour.) -- C:\Windows\Installer\{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}\Installer.ico
O90 - PUC: "F6071111A6667304777712318267D401" . (.JavaFX 2.1.1.) -- C:\Windows\Installer\{1111706F-666A-4037-7777-211328764D10}\javaIcon.ico
O90 - PUC: "F65865963B6B0EB4ABB0F894B53E0233" . (.Apple Software Update.) -- C:\Windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\Installer.ico  =>.Apple Inc
O90 - PUC: "FD563AF386D2DE54F838C8A8336E1534" . (.Apple Application Support.) -- C:\Windows\Installer\{3FA365DF-2D68-45ED-8F83-8C8A33E65143}\WinInstall.ico
~ Update Products: 163 Scanned in 00mn 00s



---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\f0dfdeb239e413\2.7.1769.27\upd]:="upd="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413\2.7.1832.68\upd]:="upd="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:dllName="BitGuard.dll" =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:exeName="BitGuard.exe" =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:folderName="BitGuard" =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:guid="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\f0dfdeb239e413\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:serviceName="BitGuard" =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:version="2.6.1694.246" =>Hijacker.Eazel
[HKCU\Software\f0dfdeb239e413\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:SERVICE_NAME="BitGuard" =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:dllName="BitGuard.dll" =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:exeName="BitGuard.exe" =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:folderName="BitGuard" =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:guid="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\f0dfdeb239e413\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:version="2.7.1769.27" =>Hijacker.Eazel
[HKCU\Software\f0dfdeb239e413]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPCHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:HPIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:INSTALL_FOLDER_NAME="BitGuard" =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:KWFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTCHREGEXP1="FO81jovjQUF+5S6+hbF0tnG4Tc/u94SDBhydJTxS8+ldnZRi5niE4Dm49Yxb"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTCHREGEXP2="FO81jovjQUF+5S6+hbF/tG24SsHn9oyWDBuXLj1U8e1fjIJv8XSE4Dy75IlV"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:NTFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:PROTECTOR_DLL_NAME="BitGuard.dll" =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:PROTECT_EXE_NAME="BitGuard.exe" =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SECHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SEIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:SERVICE_NAME="BitGuard" =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:showagain="p/2lTJU4olIuro52tJurFmjRNz33u7Fj1NwGCbkzNkO6o3VIOPi2/jJ2Nrs="  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:usrcheckbox="1"  =>PUP.BitGuard
[HKCU\Software\f0dfdeb239e413]:version="2.7.1832.68"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPCHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:HPIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:INSTALL_FOLDER_NAME="BitGuard" =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:KWFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTCHREGEXP1="FO81jovjQUF+5S6+hbF0tnG4Tc/u94SDBhydJTxS8+ldnZRi5niE4Dm49Yxb"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTCHREGEXP2="FO81jovjQUF+5S6+hbF/tG24SsHn9oyWDBuXLj1U8e1fjIJv8XSE4Dy75IlV"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:NTFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:PROTECTOR_DLL_NAME="BitGuard.dll" =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:PROTECT_EXE_NAME="BitGuard.exe" =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SECHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SEIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:SERVICE_NAME="BitGuard" =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:showagain="p/2lTJU4olIuro52tJurFmjRNz33u7Fj1NwGCbkzNkO6o3VIOPi2/jJ2Nrs="  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:usrcheckbox="1"  =>PUP.BitGuard
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:version="2.7.1832.68"  =>PUP.BitGuard
~ Export Key Software:  Scanned in 00mn 01s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.D8D303C249F15F70835C57C6F69C404B] [WIS][21/08/2009] (.NewTech Infosystems - Backup Manager Basic.) -- C:\Windows\Installer\1763c.msi   [996864]
[MD5.BC30B5C65EAF436A3D4AE8F6DAB0F205] [WIS][29/07/2009] (.ATI - Branding.) -- C:\Windows\Installer\19b00.msi   [392192]
[MD5.17D60124F77BF14A46F654AE8CFF03F2] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b05.msi   [2808320]
[MD5.4259E8B16AA90A132E5A3EC7090C83B5] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b0a.msi   [6873600]
[MD5.69B50A26FA9125011530255A3380A538] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b0f.msi   [409600]
[MD5.374B5CD00C1AFC59668F1DCBB30F8187] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b14.msi   [929280]
[MD5.553DBB9B2486BEFDA19DF549B8FB4949] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b19.msi   [5750272]
[MD5.97CC03A00E98FF355D584EF4E08CE974] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b1f.msi   [1242624]
[MD5.BFB152F968900A49B5B2BDA4FB488201] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b24.msi   [1228288]
[MD5.2778EC36255C28A84822137DE53AF51C] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b29.msi   [1211392]
[MD5.DEF72B90E4DE7DB18BD0FB5457541CF8] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b2e.msi   [1281024]
[MD5.9A1821D80E3E4334903680EBA1D16413] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b33.msi   [700928]
[MD5.90186EC5BAC5522ED6A4B30216A6B290] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b38.msi   [1228288]
[MD5.2BD1F8A328879A7E5BF3D9714B7F1751] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b3d.msi   [1232896]
[MD5.8D8DA27D3A2A25A72764A1900ACE296E] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b42.msi   [1236992]
[MD5.EF70FEE003B511EC246D91814F69461A] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b47.msi   [1250304]
[MD5.AE76D663D2353D1D22A6D308D993E9CF] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b4c.msi   [1228288]
[MD5.EF022E9F8F51F9A03AF064EEE40EA43B] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b51.msi   [1258496]
[MD5.FC5CAFB60F138CF73E34F5B6E2E71A0D] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b56.msi   [1242624]
[MD5.5477851FDE49F622EAFDE15C6700C5B6] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b5b.msi   [1234432]
[MD5.DFCFFEFA93A626CDC93AC65080D3BB8A] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b60.msi   [1222144]
[MD5.EE33CE2C081B92AB2A5B32EAE0A2F42D] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b65.msi   [1237504]
[MD5.E5B5FC8AD715057A9A2766615A5DC909] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b6a.msi   [1234432]
[MD5.5A1238203D521288C6E0DC05BD2CD52A] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b6f.msi   [1266176]
[MD5.318FD6B11E62BBB3F2FB5890A83866A0] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b74.msi   [1225216]
[MD5.77B40928F51D696224733138775B008E] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b79.msi   [1254400]
[MD5.3AE5732F85EBAF1CCFD517D47E1864AF] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b7e.msi   [1232896]
[MD5.3A7632627F5E5731A3BAA071E6B2AA96] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b83.msi   [920064]
[MD5.97CFAFB07B81F5BEB1031CE30ACFE53F] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b88.msi   [1222656]
[MD5.939A0E0B624B817C4DB25E53F57A33FF] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b8d.msi   [1711616]
[MD5.768615AAF347D3C61EF175E787CC90CD] [WIS][15/07/2009] (.ATI - Catalyst Control Center Utility 64.) -- C:\Windows\Installer\19b92.msi   [274944]
[MD5.1713DDC7FB9B033D5F2BCD1395737197] [WIS][15/07/2009] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\19b98.msi   [2406912]
[MD5.3E765C9DA387C8C8C067266C3AE3FB9B] [WIS][24/10/2012] (.Skype Technologies S.A. - Skype Click to Call.) -- C:\Windows\Installer\24764.msi   [10137600]
[MD5.7BBA4B35D884495DD7F3E3C5502ECD4B] [WIS][01/07/2009] (.Broadcom Corporation - Broadcom Driver Installer.) -- C:\Windows\Installer\2b35f.msi   [1605824]
[MD5.C555B7BE179B1E472AE5E946BA5B3066] [WIS][22/08/2009] (.esobi Inc. - eSobi.) -- C:\Windows\Installer\2b398.msi   [12495872]
[MD5.2E8EE55BF71FE8AB5371B1749FAE5069] [WIS][11/08/2009] (.NewTech Infosystems - Media Maker.) -- C:\Windows\Installer\2b39d.msi   [12269568]
[MD5.3F896A3FF12FD12CE0BDADDA642E447A] [WIS][12/12/2012] (.Ask.com - Blank Project Template.) -- C:\Windows\Installer\3b808b.msi   [3979264]
[MD5.8625A9228458B0148E79C3F6AC9E6962] [WIS][28/12/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\3ca7d.msi   [24997888]
[MD5.8BAD3B4225E4D8C0746ED2CF02A0B249] [WIS][18/03/2011] (.Adobe - Blank Project Template.) -- C:\Windows\Installer\3f666f.msi   [725504]
[MD5.E85D953AE603484B31869F1D44B53B18] [WIS][18/03/2011] (.Adobe - Blank Project Template.) -- C:\Windows\Installer\3f6674.msi   [3670016]
[MD5.5807A6A79EBF57203BA6FD68E93A676C] [WIS][18/03/2011] (.Adobe - Blank Project Template.) -- C:\Windows\Installer\3f6679.msi   [12719104]
[MD5.95B5A4285B03437E4D83FB3615B9A10C] [WIS][18/03/2011] (.Adobe - Blank Project Template.) -- C:\Windows\Installer\3f667e.msi   [606208]
[MD5.874693B6F1A47B79D080EB95ED295983] [WIS][18/03/2011] (.Adobe - Blank Project Template.) -- C:\Windows\Installer\3f6683.msi   [915456]
[MD5.3F13781D8AF0D9B0495FE4301F71F99A] [WIS][30/05/2012] (.Babylon Ltd - BabylonObjectInstaller.) -- C:\Windows\Installer\3fd685.msi   [346624]  =>PUP.Babylon
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][20/09/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\4a172.msi   [45056]  =>Adware.Boxore
[MD5.E4AF16B0574B2598AADD353A35A3722B] [WIS][05/04/2012] (.Adobe - Blank Project Template.) -- C:\Windows\Installer\989371.msi   [2211328]
[MD5.78B41A323699DAF1C25265890733BE26] [WIS][05/04/2012] (.Adobe - Blank Project Template.) -- C:\Windows\Installer\989378.msi   [1997312]
[MD5.D24949E5C6EC59F7F8664A657066994D] [WIS][22/08/2009] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\bb18a.msi   [28160]  =>Toolbar.Google
[MD5.54B5423762DE3DA303F21EAAC5E02818] [WIS][29/05/2010] (.Nikon - Blank Project Template.) -- C:\Windows\Installer\f468b.msi   [37061472]
[MD5.405F9CA982295E5EA64AE01926F00443] [WIS][29/05/2010] (.Nikon - Nikon Message Center.) -- C:\Windows\Installer\f4696.msi   [6469280]
~ WIS: 170 Scanned in 00mn 29s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 14/02/2010 135664 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 14/02/2010 135664 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 23/08/2012 194032 |  (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 22/10/2004 73728 |  (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
SS - | Demand 28/10/2012 427976 |  (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\x64\maconfservice.exe
SS - | Demand 18/06/2009 50432 |  (NTIBackupSvc) . (.NewTech InfoSystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
SS - | Auto 05/09/2013 171680 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 19/02/2010 517096 |  (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SS - | Auto 10/07/1658 0 |  (Web Assistant Updater) . (...) - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe =>Adware.IncrediBar

SR - | Auto 28/03/2009 16896 |  (AgereModemAudio) . (.LSI Corporation.) - C:\Program Files\LSI SoftModem\agr64svc.exe
SR - | Auto 02/07/2009 203264 |  (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 28/08/2009 144672 |  (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
SR - | Auto 30/10/2012 44808 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Disabled 10/07/1658 0 |  (avast! Firewall) . (...) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 18/11/2013 3780064 |  (BitGuard) . (...) - C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe =>PUP.BitGuard
SR - | Auto 12/12/2008 238888 |  (Bonjour Service) . (.Apple Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
SR - | Auto 05/08/2009 844320 |  (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
SR - | Auto 04/06/2009 1150496 |  (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
SR - | Auto 05/06/2009 354840 |  (IAANTMON) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
SR - | Demand 12/11/2009 660256 |  (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 07/08/2009 311592 |  (MWLService) . (.Egis Technology Inc..) - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
SR - | Auto 21/08/2009 62720 |  (NTI IScheduleSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
SR - | Auto 18/06/2009 144640 |  (NTISchedulerSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
SR - | Auto 02/10/2012 3064000 |  (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SR - | Auto 04/07/2009 240160 |  (Updater Service) . (.Acer.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SR - | Auto 06/08/2009 662248 |  (WTService) . (...) - C:\Windows\System32\atwtusb.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services:  Scanned in 00mn 31s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Teloü at 06/02/2014 11:18:01
~ OS 64 not supported by MBR tool

~ MBR: 0 Scanned in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Teloü at 06/02/2014 11:18:03

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR:  Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13030 - (25/01/2014)
Clés trouvées (Keys found) : 121
Valeurs trouvées (Values found) : 2
Dossiers trouvés  (Folders found) : 28
Fichiers trouvés  (Files found) : 18

[HKLM\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd]   =>Adware.IncrediBar^
[HKLM\Software\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp]   =>PUP.Wajam^
[HKLM\Software\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj]   =>PUP.SweetIM^
[HKLM\Software\Google\Chrome\Extensions\panidppaghojieggpioojcdhmcfdhcdg]   =>PUP.OfferWare^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}]   =>Adware.IncrediBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]   =>Trojan.FindFDSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4D91-8333-CF10577473F7}]   =>Toolbar.Google^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB6C84A6-CEC2-8A8C-D4EE-8E5D09D1375E}]   =>PUP.OfferWare^
[HKLM\SYSTEM\CurrentControlSet\Services\BitGuard]   =>PUP.BitGuard^
[HKLM\SYSTEM\CurrentControlSet\Services\Web Assistant Updater]   =>Adware.IncrediBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}]   =>PUP.BitGuard^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{84747EAB-1AB8-4640-A4AB-529A5F975C5D}]   =>PUP.OfferWare^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{55E8A9F6-9C59-4427-AE52-3A1A7C44414D}]   =>Adware.JustPlugIt^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar]   =>Toolbar.DeltaSearch^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AffiliatedUpdate]   =>PUP.Dealply^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}]   =>Toolbar.Google^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}]   =>Toolbar.Google^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SP_a8235b05]   =>Hijacker.SoftQuick^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{83B952C7-F8F3-4CA3-B4C5-33C85B24E478}]   =>Crapware.SpyHunter^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1]   =>Adware.IncrediBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{77236F9C-987C-40EC-832B-5BD6181E4846}]   =>Adware.SocialSkinz^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AAF89271-2594-468D-B578-96B2E30C41C4}]   =>Toolbar.eBay^
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}]   =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}]   =>PUP.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}]   =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}]   =>Toolbar.Expresso
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}]   =>Adware.IncrediBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}]   =>Adware.IncrediBar
[HKLM\Software\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}]   =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]   =>Adware.IncrediBar
[HKLM\Software\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}]   =>Toolbar.Wajam
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]   =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]   =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]   =>PUP.Babylon
[HKLM\Software\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}]   =>Toolbar.Expresso
[HKLM\Software\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}]   =>Toolbar.Expresso
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}]   =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}]   =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}]   =>PUP.Babylon
[HKLM\Software\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}]   =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}]   =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}]   =>Adware.CDNHelper
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}]   =>Adware.IncrediBar
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}]   =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}]   =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}]   =>PUP.Babylon
[HKLM\Software\Classes\AppID\escort.dll]   =>PUP.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll]   =>PUP.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll]   =>PUP.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE]   =>PUP.Babylon
[HKLM\Software\Classes\AppID\Extension.DLL]   =>Toolbar.Expresso
[HKLM\Software\Classes\Extension.ExtensionHelperObject]   =>Toolbar.Expresso
[HKLM\Software\Classes\Extension.ExtensionHelperObject.1]   =>Toolbar.Expresso
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd]   =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp]   =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296]   =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\AF2CF8FE20EBB4443855807CA5D6E7A3]   =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AF2CF8FE20EBB4443855807CA5D6E7A3]   =>Adware.Boxore
[HKLM\Software\Wow6432Node\Classes\Installer\Features\AF2CF8FE20EBB4443855807CA5D6E7A3]   =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9]   =>Adware.MyWebSearch
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater]   =>Toolbar.Wajam
[HKCU\Software\cacaoweb]   =>PUP.CacaoWeb
[HKLM\Software\Wow6432Node\DataMngr]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\SP Global]   =>PUP.AdvancedSystemProtector
[HKLM\Software\Wow6432Node\SProtector]   =>PUP.AdvancedSystemProtector
[HKCU\Software\SweetIM]   =>PUP.SweetIM
[HKLM\Software\Web Assistant]   =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Web Assistant]   =>Adware.IncrediBar
[HKLM\Software\WNLT]   =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32]   =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS]   =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}]   =>PUP.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]   =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Prod.cap]   =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8]   =>Adware.Boxore
[HKLM\Software\Wow6432Node\InstallCore]   =>Adware.InstallCore
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings]   =>PUP.BProtector
[HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}]   =>Adware.Agent
[HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193]   =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193]   =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193]   =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ContinueToSave]   =>PUP.Offerware
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{77236F9C-987C-40EC-832B-5BD6181E4846}]   =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}]   =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}]   =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo]   =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}]   =>Adware.MagniPic
[HKLM\Software\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}]   =>Adware.MagniPic
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASAPI32]   =>Adware.Boxore
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASMANCS]   =>Adware.Boxore
[HKLM\Software\Classes\protector_dll.protectorbho]   =>PUP.BProtector
[HKLM\Software\Classes\protector_dll.protectorbho.1]   =>PUP.BProtector
[HKLM\Software\Classes\AppID\escorTlbr.DLL]   =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escort.DLL]   =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortApp.DLL]   =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL]   =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escorTlbr.DLL]   =>PUP.Funmoods
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C]   =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA]   =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC]   =>Adware.Boxore^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F}   =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg   =>Toolbar.Google^
C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd   =>Adware.IncrediBar^
C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp   =>PUP.Wajam^
C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj   =>PUP.SweetIM^
C:\Users\Teloü\AppData\Local\Google\Chrome\User Data\Default\Extensions\panidppaghojieggpioojcdhmcfdhcdg   =>PUP.OfferWare^
C:\Users\Teloü\AppData\Roaming\Mozilla\Firefox\Profiles\njwswb7h.default\extensions\50584f0b80f32@50584f0b80f69.com   =>Adware.JustPlugIt^
C:\Users\Teloü\AppData\Roaming\Mozilla\Firefox\Profiles\njwswb7h.default\extensions\50e594fd435cd@50e594fd435f9.com   =>PUP.OfferWare^
C:\Users\Teloü\AppData\Roaming\Mozilla\Firefox\Profiles\njwswb7h.default\extensions\cacaoweb@cacaoweb.org   =>PUP.CacaoWeb^
C:\Users\Teloü\AppData\Roaming\Mozilla\Firefox\Profiles\njwswb7h.default\extensions\ffxtlbr@delta.com   =>Toolbar.DeltaSearch^
C:\Users\Teloü\AppData\Roaming\Mozilla\Firefox\Profiles\njwswb7h.default\extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}   =>Adware.BonanzaDeals^
C:\Program Files (x86)\ContinueToSave   =>PUP.OfferWare^
C:\Program Files (x86)\MyPC Backup   =>PUP.MyPCBackup^
C:\Program Files (x86)\SoftQuick   =>Hijacker.SoftQuick^
C:\ProgramData\Babylon   =>PUP.Babylon^
C:\ProgramData\BitGuard   =>PUP.BitGuard^
C:\ProgramData\continuetosave   =>PUP.OfferWare^
C:\ProgramData\DSearchLink   =>Toolbar.DeltaSearch^
C:\ProgramData\InstallMate   =>PUP.Tarma^
C:\Users\Teloü\AppData\Roaming\BabSolution   =>Hijacker.BabSolution^
C:\Users\Teloü\AppData\Roaming\Babylon   =>PUP.Babylon^
C:\Users\Teloü\AppData\Roaming\cacaoweb   =>PUP.CacaoWeb^
C:\Users\Teloü\AppData\Roaming\WebPlayerBdd   =>Adware.SocialSkinz^
C:\Users\Teloü\AppData\Local\Kreapixel   =>Adware.SocialSkinz^
C:\Users\Teloü\AppData\Local\Wajam   =>PUP.Wajam^
C:\Users\Teloü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard   =>PUP.BitGuard^
C:\Users\Teloü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter   =>Crapware.SpyHunter^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\continuetosave   =>PUP.Offerware
C:\Users\Teloü\AppData\LocalLow\continuetosave   =>PUP.Offerware
C:\Users\Teloü\AppData\Roaming\Mozilla\Firefox\Profiles\njwswb7h.default\Extensions\ffxtlbr@babylon.com   =>PUP.Babylon
C:\Users\Teloü\AppData\Roaming\Mozilla\Firefox\Profiles\njwswb7h.default\bprotector_prefs.js   =>PUP.BProtector
C:\Users\Teloü\AppData\Roaming\Mozilla\Firefox\Profiles\njwswb7h.default\SearchPlugins\MyStart Search.xml   =>Spyware.VMNToolbar
C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe   =>PUP.BitGuard^
C:\Users\Teloü\AppData\Roaming\cacaoweb\cacaoweb.exe   =>PUP.CacaoWeb^
C:\ProgramData\Premium\ContinueToSave\ContinueToSave.exe   =>PUP.Offerware^
C:\Windows\Tasks\ContinueToSaveUpdaterTask{6A1B1C8B-60C4-4A79-B4E2-34EBEB088A76}.job   =>PUP.Offerware^
C:\Users\Teloü\AppData\Roaming\BabSolution\Shared\BabMaint.exe   =>Hijacker.BabSolution^
C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe   =>Crapware.SpyHunter^
[HKCU\Software\BabSolution]   =>Hijacker.BabSolution^
[HKLM\Software\IB Updater]   =>Adware.InstallBrain^
[HKLM\Software\Wow6432Node\Babylon]   =>PUP.Babylon^
[HKCU\Software\f0dfdeb239e413\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:dllName="BitGuard.dll"   =>PUP.BitGuard^
[HKCU\Software\f0dfdeb239e413\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:SERVICE_NAME="BitGuard"   =>PUP.BitGuard^
[HKCU\Software\f0dfdeb239e413]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}"   =>Hijacker.Eazel^
[HKLM\Software\Wow6432Node\f0dfdeb239e413]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}"   =>Hijacker.Eazel^
C:\Windows\Installer\3fd685.msi   =>PUP.Babylon^
C:\Windows\Installer\4a172.msi   =>Adware.Boxore^
C:\Windows\Installer\bb18a.msi   =>Toolbar.Google^
~ Additionnel Scan: 382936 Items scanned in 01mn 40s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/32979753-pup-bitguard   =>PUP.BitGuard
~ http://nicolascoolman.webs.com/apps/blog/show/27566847-pup-cacaoweb   =>PUP.CacaoWeb
~ http://nicolascoolman.webs.com/apps/blog/show/27332348-pup-offerware   =>PUP.Offerware
~ http://nicolascoolman.webs.com/apps/blog/show/26898222-adware-incredibar  =>Adware.Incredibar
~ http://nicolascoolman.webs.com/apps/blog/show/27379491-toolbar-wajam   =>PUP.Wajam
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim   =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon  =>PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/27985391-spyware-vmntoolbar   =>Spyware.VMNToolbar
~ http://nicolascoolman.webs.com/apps/blog/show/28834943-hijacker-softquick   =>Hijacker.SoftQuick
~ http://nicolascoolman.webs.com/apps/blog/show/26764545-adware-justplugit   =>Adware.JustPlugIt
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch   =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/32816468-adware-bonanzadeals   =>Adware.BonanzaDeals
~ http://nicolascoolman.webs.com/apps/blog/show/34817643-trojan-findfdsearch   =>Trojan.FindFDSearch
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution   =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask   =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/26609241-crapware-spyhunter   =>Crapware.SpyHunter
~ http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply   =>PUP.DealPly
~ http://nicolascoolman.webs.com/apps/blog/show/27480243-adware-socialskinz   =>Adware.SocialSkinz
~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain  =>Adware.InstallBrain
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr   =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore   =>Adware.InstallCore
~ http://nicolascoolman.webs.com/apps/blog/show/26630283-pup-advancedsystemprotector   =>PUP.AdvancedSystemProtector
~ http://nicolascoolman.webs.com/apps/blog/show/28486577-pup-mocaflix   =>PUP.MocaFlix
~ http://nicolascoolman.webs.com/apps/blog/show/32174815-pup-mypcbackup   =>PUP.MyPCBackup
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma   =>PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/33216982-hijacker-searchgol    =>Hijacker.SearchGol
~ http://nicolascoolman.webs.com/apps/blog/show/27161672-hijacker-eazel   =>Hijacker.Eazel
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore  =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch   =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo  =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector   =>PUP.BProtector
~ http://nicolascoolman.webs.com/apps/blog/show/26632189-adware-magnipic   =>Adware.MagniPic
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods   =>PUP.Funmoods
~ MSI: 33 link(s) detected in 02mn 01s



End of the scan (3050 lines in 09mn 08s)(0)