~ Rapport de ZHPDiag v2013.12.29.26 - Nicolas Coolman  (29/12/2013)
~ Lancé par vanvan (13/01/2014 20:41:44)
~ Adresse du Site Web  http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version : 
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16750
GCIE: Google Chrome v31.0.1650.63 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8, 64-bit  (Build 9200)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : FCWYG
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2006
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W8

---\\ Logiciels d'optimisation du système
CCleaner v4.07 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels

---\\ Informations sur le système
~ Processor: AMD64 Family 22 Model 0 Stepping 1, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3522 MB (73% free)
System Restore: Activé (Enable)
System drive C: has 407 GB (89%) free of 454 GB

---\\ Mode de connexion au système
~ Computer Name: IVAN
~ User Name: vanvan
~ All Users Names: vanvan, HomeGroupUser$, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\vanvan\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\vanvan\AppData\Roaming\
~ %Desktop% : C:\Users\vanvan\Desktop\
~ %Favorites% : C:\Users\vanvan\Favorites\
~ %LocalAppData% : C:\Users\vanvan\AppData\Local\
~ %StartMenu% : C:\Users\vanvan\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 407 Go of 454 Go)
D: CD-ROM drive (Free 0 Go of 0 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 46 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.E7099336BF7531B6FCC920DCB5101259] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.25/10/2013 - 07:19:22.) -- C:\Windows\System32\wininet.dll [2241536]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.04/09/2013 - 04:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/53
~ Mes Favoris (My Favorites) : 1/9
~ Mes Documents (My Documents) : 5/116
~ Mon Bureau (My Desktop) : 2/57
~ Menu demarrer (Programs) : 1/21
~ Hidden Files:  Scanned in 00mn 01s



---\\ Processus lancés
[MD5.A56A77C6480EB238E8DDC76E51D4EB2B] - (.Glarysoft Ltd - Glary Utilities 3.) -- C:\Program Files (x86)\Glary Utilities 3\Integrator.exe   [471840] [PID.4336]
[MD5.C0AE759423616CDB7FCB3A19E6C869B1] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8304640] [PID.4796]
[MD5.B81D3D2FE2A8B1D9789234922883C3D0] - (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\core-static\CLIStart.exe   [642656] [PID.3540]
[MD5.A12BAE32D24CB4960266DC8FFC45DE7E] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe   [3568312] [PID.4396]
~ Processes Running:  Scanned in 00mn 02s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] avast! Online Security v.9.0.2005.45, (Désactivé)
G2 - GCE: Preference [User Data\Default] [jpmbfleldcgkldadpdinhjjopdfpjfjp] Wajam v.1.32 (Désactivé) =>PUP.Wajam
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.0 (Activé)
~ Google Browser: 10 Scanned in 00mn 04s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 4.3.1f1.) -- C:\Users\vanvan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
~ Firefox Browser: 2 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 17 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.dll
O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Clé orpheline
O2 - BHO: (no name) [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Clé orpheline
~ BHO: 8 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
~ Toolbar:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: avast! Free Antivirus.lnk . (.AVAST Software - avast! Antivirus.)  -- C:\Program Files\AVAST Software\Avast\AvastUI.exe 
O4 - GS\Desktop [Public]: EBP Compta Flash 4.0.lnk . (.EBP - Compta.)  -- C:\Program Files (x86)\EBP\Flash4.0\EbpFlash.exe 
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
O4 - GS\Desktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.)  -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe 
O4 - GS\Desktop [Public]: PDFCreator.lnk . (.pdfforge  GmbH - PDFCreator.)  -- C:\Program Files (x86)\PDFCreator\PDFCreator.exe 
O4 - GS\Program [Public]: AMD Start Now Technology.lnk . (.ATI Technologies Inc. - Catalyst Control Centre: Command Line Inter.)  -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\core-static\CLI.exe 
O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline
O4 - GS\Program [Public]: Glary Utilities 3.lnk . (.Glarysoft Ltd - Glary Utilities 3.)  -- C:\Program Files (x86)\Glary Utilities 3\Integrator.exe 
O4 - GS\Program [Public]: Pervasive System Analyzer.lnk . (.Pervasive Software Inc. - Pervasive.SQL V8.6 Component.)  -- C:\Program Files (x86)\Common Files\Pervasive Software Shared\PSA\psawizrd.exe 
O4 - GS\Program [Public]: WildTangent Games App - toshiba.lnk . (.WildTangent - WildTangent Games App.)  -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe 
O4 - GS\Program [Public]: Windows Store.lnk . (...)  -- C:\windows\WinStore\WinStore.htm 
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.)  -- C:\windows\system32\calc.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (...)  -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe (.not file.)
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.)  -- C:\windows\system32\mspaint.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.)  -- C:\windows\system32\mstsc.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d’écran.)  -- C:\windows\system32\SnippingTool.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.)  -- C:\windows\system32\SoundRecorder.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Enregistreur d’actions.)  -- C:\windows\system32\psr.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.)  -- C:\windows\system32\StikyNot.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft  Windows Fax and Scan.)  -- C:\windows\system32\WFS.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.)  -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.)  -- C:\windows\system32\xpsrchvw.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.)  -- C:\windows\system32\charmap.exe  =>.Microsoft Corporation
O4 - GS\QuickLaunch [vanvan]: Glary Utilities 3.lnk . (.Glarysoft Ltd - Glary Utilities 3.)  -- C:\Program Files (x86)\Glary Utilities 3\Integrator.exe 
O4 - GS\QuickLaunch [vanvan]: Glary Utilities.lnk . (.Glarysoft Ltd - Glary Utilities.)  -- C:\Program Files (x86)\Glary Utilities\Integrator.exe 
O4 - GS\QuickLaunch [vanvan]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
O4 - GS\QuickLaunch [vanvan]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\TaskBar [vanvan]: Desktop Assist.lnk . (...)  -- C:\Program Files (x86)\Toshiba\TOSHIBA Desktop Assist\TosDesktopAssist.exe (.not file.)
O4 - GS\TaskBar [vanvan]: File Explorer.lnk . (...)  -- C:\Users\vanvan\AppData\Roaming\Microsoft\Windows\Libraries 
O4 - GS\TaskBar [vanvan]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
O4 - GS\TaskBar [vanvan]: Mobogenie.lnk . (...)  -- C:\Program Files (x86)\Mobogenie\Mobogenie.exe (.not file.)
O4 - GS\TaskBar [vanvan]: Toshiba Tempro.lnk . (.Toshiba Europe GmbH - Toshiba TEMPRO.)  -- C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe  =>.Toshiba Corporation
O4 - GS\TaskBar [vanvan]: TOSHIBA VIDEO PLAYER.lnk . (...)  -- C:\Program Files (x86)\TOSHIBA\TOSHIBA VIDEO PLAYER\SMILauncher.exe
O4 - GS\Program [vanvan]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\Program [vanvan]: SkyDrive.lnk . (.Microsoft Corporation - Microsoft SkyDrive.)  -- C:\Users\vanvan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe  =>.Microsoft Corporation
O4 - GS\Accessories [vanvan]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.)  -- C:\windows\system32\notepad.exe  =>.Microsoft Corporation
O4 - GS\SendTo [vanvan]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - Pas de description.)  -- C:\Windows\System32\fsquirt.exe 
O4 - GS\Desktop [vanvan]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.)  -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe  =>.Nicolas Coolman
~ Global Startup: 40 Scanned in 00mn 02s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [cAudioFilterAgent] . (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) -- C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe 
O4 - HKLM\..\Run: [SmartAudio] . (.Conexant Systems, Inc. - SmartAudio CPL (32bit).) -- C:\Program Files\CONEXANT\SAII\SACpl.exe 
O4 - HKLM\..\Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe (.not file.) 
O4 - HKLM\..\Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\Hotkey\TCrdMain_Win8.exe (.not file.) 
O4 - HKLM\..\Run: [TecoResident] . (.TOSHIBA Corporation - Resident module of eco Utility.) -- C:\Program Files\TOSHIBA\Teco\TecoResident.exe 
O4 - HKLM\..\Run: [TODDMain] . (.Pas de propriétaire - TOSHIBA System Settings Service.) -- C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe 
O4 - HKLM\..\Wow6432Node\Run: [Intel AppUp(R) center] . (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe 
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe  =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [TSVU] . (.TOSHIBA - TOSHIBA Display Setup Launcher.) -- c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe 
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe 
~ Application:  Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll  =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll  =>.Microsoft Corporation
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\windows\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\windows\system32\mswsock.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\windows\system32\wshbth.dll
~ Winsock: 7 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2421F3C7-F62D-4AA5-86C5-A565AEA4DE37}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2421F3C7-F62D-4AA5-86C5-A565AEA4DE37}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: AdaptiveSleepService (AdaptiveSleepService) . (...) - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service:  (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: C:\windows\system32\CxAudMsg64.exe (CxAudMsg) . (.Conexant Systems Inc. - Conexant Audio Message Service.) - C:\windows\system32\CxAudMsg64.exe
O23 - Service: DTS APO Service (dts_apo_service) . (.Pas de propriétaire - dts_apo_service.) - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: EBP Pervasive.SQL (EBP Pervasive.SQL) . (...) - C:\PVSW\Bin\WGE_SRV.exe
O23 - Service: EBP - Pervasive.SQL Workgroup (Pervasive.SQL Workgroup) . (...) - C:\PVSW\bin\WGE_SRV.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA eco Utility Service (TOSHIBA eco Utility Service) . (.Toshiba Corporation - TOSHIBA eco Utility Service.) - C:\Program Files\Toshiba\Teco\TecoService.exe  =>.Toshiba Corporation
~ Services: 9 Scanned in 00mn 56s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk * ) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GlaryInitialize 3.job   [344]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GlaryInitialize.job   [336]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job   [1074]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1078]
[MD5.6F1264DCAB3CD180BC6042FFBA93FB87] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe   [744040]
[MD5.3E6442B01E44B3AA31807FEF5235DC54] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe   [3919640]  =>Piriform Ltd
[MD5.4654B14F6E7CD4C70892F3017F5FDF0C] [APT] [GlaryInitialize] (.Glarysoft Ltd.) -- C:\Program Files (x86)\Glary Utilities\initialize.exe   [92448]
[MD5.AED7AD499DC7F38D48293EFFC858CDAC] [APT] [GlaryInitialize 3] (.Glarysoft Ltd.) -- C:\Program Files (x86)\Glary Utilities 3\Initialize.exe   [99616]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [116648]
[MD5.36D3F670553D2C403BB7FD64B6D6322B] [APT] [Synaptics TouchPad Enhancements] (.Synaptics Incorporated.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe   [3050736]
[MD5.00000000000000000000000000000000] [APT] [UMonitor Task] (...) -- C:\windows\system32\UMonit64.exe (.not file.)   [0]
[MD5.A40DD7718D41BA2C81F2B732E76D0F98] [APT] [CommonNotifier] (.Toshiba Europe GmbH.) -- C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe   [471056]
[MD5.5F1A0BC1AEC5FB623B7F139BC1A5CD71] [APT] [Service Station] (.TOSHIBA Corporation.) -- C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe   [654440]
~ Scheduled Task: 17 Scanned in 00mn 11s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll  =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe  =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\windows\system32\drivers\aswRdr2.sys
O41 - Driver:  (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\windows\system32\drivers\aswSnx.sys
O41 - Driver:  (aswSP) . (.AVAST Software - avast! self protection module.) - C:\windows\system32\drivers\aswSP.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Drivers: 40 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {A6AFFBD8-D006-967F-51AF-0120F0261080}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {931B988B-0973-0DF5-C3B7-572935D34DCD}
O42 - Logiciel: AMD Quick Stream - (.AppEx Networks.) [HKLM][64Bits] -- {E9EED4AE-682B-4501-9574-D09A21717599}_is1
O42 - Logiciel: Aloha TriPeaks - (.WildTangent.) [HKLM][64Bits] -- WTA-c92ef46b-0a99-4616-a204-ac53ce2314e1
O42 - Logiciel: Bejeweled 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-0a2d9bff-1b89-4b33-aca9-8e0f9c8488a1
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>Piriform Ltd
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {24D38277-CE6E-4E12-A2EE-F46832A4FA2F}
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-258a0249-8d56-4f5a-beef-0cb0095e5d85
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {AF312B06-5C5C-468E-89B3-BE6DE2645722}
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}
O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA
O42 - Logiciel: DTS Sound - (.DTS, Inc..) [HKLM][64Bits] -- {F8EB8FFC-C535-49A1-A84D-CC75CB2D6ADA}
O42 - Logiciel: EBP Btrieve 8.6 - (.EBP.) [HKLM][64Bits] -- EBP Btrieve 8.6
O42 - Logiciel: EBP Btrieve 8.6 - (.EBP.) [HKLM][64Bits] -- {747D0A04-5BDA-478D-A010-68CCCBE4D15A}
O42 - Logiciel: EBP Compta Flash 4.0 - (.EBP.) [HKLM][64Bits] -- EBP Compta Flash 4.0
O42 - Logiciel: EBP Compta Flash 4.0 - (.EBP.) [HKLM][64Bits] -- {C141101B-B015-4DF3-8520-689DA3205F29}
O42 - Logiciel: Empress of the Deep - The Darkest Secret - (.WildTangent.) [HKLM][64Bits] -- WTA-ab31bf2a-853c-4e8a-9d8f-bf7db429ea85
O42 - Logiciel: Genesys Logic USB2.0 Card Reader - (.Genesys Logic.) [HKLM][64Bits] -- {959B7F35-2819-40C5-A0CD-3C53B5FCC935}
O42 - Logiciel: Glary Utilities 2.56.0.1822 - (.Glarysoft Ltd.) [HKLM][64Bits] -- Glary Utilities_is1
O42 - Logiciel: Glary Utilities 3.9.4 - (.Glarysoft Ltd.) [HKLM][64Bits] -- Glary Utilities 3
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Intel AppUp(R) center - (.Intel.) [HKLM][64Bits] -- Intel AppUp(R) center 41663
O42 - Logiciel: Island Tribe - (.WildTangent.) [HKLM][64Bits] -- WTA-0c5e9669-9ff3-491a-8aea-7263935fa3d7
O42 - Logiciel: Jewel Quest Solitaire 2 - (.WildTangent.) [HKLM][64Bits] -- WTA-d343df8d-323d-4652-ba27-fd0b49246e0c
O42 - Logiciel: Magic Academy - (.WildTangent.) [HKLM][64Bits] -- WTA-11320a15-acaa-4120-8dc3-58a5a235484d
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft SkyDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- SkyDriveSetup.exe  =>.Microsoft Corporation
O42 - Logiciel: OEM Application Profile - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {C89A97B6-F991-EBB5-77B7-927BCF420EBE}
O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-040C-0000-0000000FF1CE}
O42 - Logiciel: PDFCreator - (.pdfforge.) [HKLM][64Bits] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: Peggle Nights - (.WildTangent.) [HKLM][64Bits] -- WTA-b65635bf-ab72-48c8-a979-b68230cfdede
O42 - Logiciel: Pervasive System Analyzer - (...) [HKLM][64Bits] -- Pervasive System Analyzer
O42 - Logiciel: Pervasive.SQL V8 Workgroup (v8.6) - (.Pervasive Software Inc. .) [HKLM][64Bits] -- {5FCFC78C-438A-4F4D-B266-E32B8468BAFC}
O42 - Logiciel: Plants vs. Zombies - Game of the Year - (.WildTangent.) [HKLM][64Bits] -- WTA-b704252c-ba1f-4e00-9fac-9034f8212baa
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WTA-1375e982-da7f-46ee-b641-add673595d82
O42 - Logiciel: Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Dr - (.Qualcomm Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: Realtek WLAN Driver - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- {9D3D8C60-A55F-4fed-B2B9-173001290E16}
O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: TOSHIBA Desktop Assist - (.Toshiba Corporation.) [HKLM][64Bits] -- {95CCACF0-010D-45F0-82BF-858643D8BC02}
O42 - Logiciel: TOSHIBA Display Utility - (.Toshiba Corporation.) [HKLM][64Bits] -- {B6619F14-F766-4000-BC8A-522D4CC4E44F}
O42 - Logiciel: TOSHIBA Function Key - (.Toshiba Corporation.) [HKLM][64Bits] -- {16562A90-71BC-41A0-B890-D91B0C267120}
O42 - Logiciel: TOSHIBA Manuals - (.TOSHIBA.) [HKLM][64Bits] -- {90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}
O42 - Logiciel: TOSHIBA PC Health Monitor - (.Toshiba Corporation.) [HKLM][64Bits] -- {9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}
O42 - Logiciel: TOSHIBA Password Utility - (.Toshiba Corporation.) [HKLM][64Bits] -- InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}
O42 - Logiciel: TOSHIBA Recovery Media Creator - (.Toshiba Corporation.) [HKLM][64Bits] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}
O42 - Logiciel: TOSHIBA Service Station - (.Toshiba Corporation.) [HKLM][64Bits] -- {6499E894-43F8-458B-AE35-724F4732BCDE}  =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA System Driver - (.Toshiba Corporation.) [HKLM][64Bits] -- {1E6A96A1-2BAB-43EF-8087-30437593C66C}
O42 - Logiciel: TOSHIBA System Settings - (.Toshiba Corporation.) [HKLM][64Bits] -- {05A55927-DB9B-4E26-BA44-828EBFF829F0}
O42 - Logiciel: TOSHIBA VIDEO PLAYER - (.Toshiba Corporation.) [HKLM][64Bits] -- {FF07604E-C860-40E9-A230-E37FA41F103A}
O42 - Logiciel: TOSHIBA eco Utility - (.Toshiba Corporation.) [HKLM][64Bits] -- {5944B9D4-3C2A-48DE-931E-26B31714A2F7}  =>.Toshiba Corporation
O42 - Logiciel: Toshiba TEMPRO - (.Toshiba Europe GmbH.) [HKLM][64Bits] -- {F76F5214-83A8-4030-80C9-1EF57391D72A}  =>.Toshiba Corporation
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
O42 - Logiciel: Virtual Villagers 4 - The Tree of Life - (.WildTangent.) [HKLM][64Bits] -- WTA-13dc75ed-3939-4b7a-9bd8-3512f5babf73
O42 - Logiciel: WildTangent Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent wildgames Master Uninstall
O42 - Logiciel: WildTangent Games App (Toshiba Games) - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba
O42 - Logiciel: avast! Free Antivirus v9.0.2006 - (.Avast Software.) [HKLM][64Bits] -- Avast
~ Logic: 39 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ATI]
[HKCU\Software\AVAST Software]
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow]
[HKCU\Software\Bugsplat]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conexant]
[HKCU\Software\EBP]
[HKCU\Software\Filseclab]
[HKCU\Software\GlarySoft]
[HKCU\Software\Google]
[HKCU\Software\Licenses]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mine]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Oberon Media]
[HKCU\Software\PDFCreator]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Synaptics]
[HKCU\Software\TeleCharger]
[HKCU\Software\Toshiba]
[HKCU\Software\Trolltech]
[HKCU\Software\Unity]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AppEx Accelerator]
[HKLM\Software\AppEx Networks]
[HKLM\Software\CNXT_UIU_MUTEX]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cnxt_Uiu_Parms]
[HKLM\Software\Conexant]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Synaptics]
[HKLM\Software\ToshibaBlobDelivery]
[HKLM\Software\Toshiba]
[HKLM\Software\UIU]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\DTS, Inc.]
[HKLM\Software\Wow6432Node\DTS]
[HKLM\Software\Wow6432Node\Filseclab]
[HKLM\Software\Wow6432Node\GlarySoft]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\PDFCreator]
[HKLM\Software\Wow6432Node\Pervasive Software]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\SRS Labs]
[HKLM\Software\Wow6432Node\TOSHIBA]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\Wow6432Node]
[HKLM\Software\Wow6432Node\sMedio]
[HKLM\Software\Wow6432Node]
~ Key Software: 192 Scanned in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 08/08/2013 - 17:20:09 - [1,627] ----D C:\Program Files (x86)\AMD AVT
O43 - CFD: 08/08/2013 - 17:20:07 - [59,394] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 08/08/2013 - 17:36:34 - [3,394] ----D C:\Program Files (x86)\Cisco
O43 - CFD: 30/12/2013 - 21:24:38 - [0,010] ----D C:\Program Files (x86)\Cling Clang
O43 - CFD: 08/12/2013 - 18:55:14 - [180,008] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 30/12/2013 - 21:19:25 - [0,043] ----D C:\Program Files (x86)\Discount Dragon =>PUP.DiscountDragon
O43 - CFD: 08/08/2013 - 17:27:51 - [3,697] ----D C:\Program Files (x86)\DTS, Inc
O43 - CFD: 06/05/2013 - 03:10:41 - [1,160] ----D C:\Program Files (x86)\eBay =>Toolbar.eBay
O43 - CFD: 22/10/2013 - 16:35:16 - [56,775] ----D C:\Program Files (x86)\EBP
O43 - CFD: 30/12/2013 - 21:19:28 - [19,028] ----D C:\Program Files (x86)\Glary Utilities
O43 - CFD: 13/01/2014 - 20:41:18 - [33,521] ----D C:\Program Files (x86)\Glary Utilities 3
O43 - CFD: 11/01/2014 - 19:06:16 - [192,287] ----D C:\Program Files (x86)\Google
O43 - CFD: 17/10/2013 - 03:06:52 - [4,699] ----D C:\Program Files (x86)\GUMB27E.tmp
O43 - CFD: 08/08/2013 - 18:20:33 - [39,284] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 06/05/2013 - 03:09:17 - [63,889] ----D C:\Program Files (x86)\Intel
O43 - CFD: 14/12/2013 - 08:36:49 - [4,633] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 12/01/2014 - 23:34:13 - [13,336] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 26/11/2013 - 07:59:20 - [37,927] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 26/11/2013 - 07:59:06 - [28,513] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 17/10/2013 - 16:26:53 - [5,397] ----D C:\Program Files (x86)\Microsoft SkyDrive  =>.Microsoft Corporation
O43 - CFD: 26/11/2013 - 08:00:51 - [1,314] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 17/10/2013 - 16:22:44 - [7,797] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 17/10/2013 - 03:09:42 - [0] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 26/11/2013 - 08:05:10 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 28/11/2013 - 20:38:02 - [23,690] ----D C:\Program Files (x86)\PDFCreator
O43 - CFD: 30/12/2013 - 20:57:18 - [0] ----D C:\Program Files (x86)\predm
O43 - CFD: 08/08/2013 - 17:34:50 - [7,088] ----D C:\Program Files (x86)\Realtek WLAN Driver
O43 - CFD: 02/08/2012 - 02:05:32 - [36,536] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 08/08/2013 - 18:20:24 - [326,988] ----D C:\Program Files (x86)\TOSHIBA
O43 - CFD: 08/08/2013 - 18:19:43 - [20,937] ----D C:\Program Files (x86)\TOSHIBA Games
O43 - CFD: 08/08/2013 - 17:55:32 - [46,537] ----D C:\Program Files (x86)\Toshiba TEMPRO  =>.Toshiba Corporation
O43 - CFD: 12/01/2014 - 19:06:29 - [0] ----D C:\Program Files (x86)\Uniblue
O43 - CFD: 08/08/2013 - 18:19:23 - [302,738] ----D C:\Program Files (x86)\WildGames
O43 - CFD: 08/08/2013 - 17:56:10 - [10,805] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 25/10/2013 - 14:11:49 - [1,038] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 17/10/2013 - 06:07:14 - [5,466] ----D C:\Program Files (x86)\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 17/10/2013 - 06:07:12 - [3,494] ----D C:\Program Files (x86)\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 26/07/2012 - 09:12:59 - [7,243] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 21/10/2013 - 14:04:04 - [5,226] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/07/2012 - 09:12:59 - [0] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 13/01/2014 - 20:41:27 - [17,224] ----D C:\Program Files (x86)\ZHPDiag  =>.Nicolas Coolman
O43 - CFD: 08/08/2013 - 17:20:09 - [2,200] ----D C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 17/10/2013 - 16:23:07 - [0,013] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 22/10/2013 - 16:35:17 - [1,356] ----D C:\Program Files (x86)\Common Files\EBP
O43 - CFD: 08/08/2013 - 17:39:32 - [5,018] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 05/12/2013 - 20:59:18 - [144,167] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 09/01/2014 - 18:34:55 - [11,431] ----D C:\Program Files (x86)\Common Files\Pervasive Software Shared
O43 - CFD: 26/07/2012 - 09:13:01 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 17/10/2013 - 06:07:05 - [9,809] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 08/08/2013 - 17:52:02 - [6,010] ----D C:\Program Files (x86)\Common Files\Toshiba Shared
O43 - CFD: 17/10/2013 - 14:13:17 - [0,218] ----D C:\ProgramData\AMD
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 08/08/2013 - 17:27:58 - [0] ----D C:\ProgramData\ATI
O43 - CFD: 28/11/2013 - 21:42:46 - [11,442] ----D C:\ProgramData\AVAST Software
O43 - CFD: 17/10/2013 - 07:03:01 - [23,790] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 08/08/2013 - 17:23:19 - [0,734] ----D C:\ProgramData\Conexant
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -S--D C:\ProgramData\Desktop
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 22/10/2013 - 17:49:52 - [0,002] ----D C:\ProgramData\EBP
O43 - CFD: 06/11/2013 - 22:55:30 - [1,455] ----D C:\ProgramData\GlarySoft
O43 - CFD: 17/10/2013 - 06:16:22 - [0] ----D C:\ProgramData\Google
O43 - CFD: 06/05/2013 - 03:10:02 - [2,303] ----D C:\ProgramData\Intel
O43 - CFD: 12/01/2014 - 23:34:09 - [7,916] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 08/12/2013 - 18:55:18 - [0] ----D C:\ProgramData\McAfee
O43 - CFD: 26/11/2013 - 08:04:27 - [233,916] -S--D C:\ProgramData\Microsoft
O43 - CFD: 29/12/2013 - 23:50:14 - [0,016] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 17/10/2013 - 16:26:17 - [0] ----D C:\ProgramData\Microsoft SkyDrive  =>.Microsoft Corporation
O43 - CFD: 25/10/2013 - 12:40:14 - [2,864] ----D C:\ProgramData\Oberon Media
O43 - CFD: 21/10/2013 - 14:33:44 - [0,064] ----D C:\ProgramData\PRICache
O43 - CFD: 13/12/2013 - 09:20:19 - [0,004] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 08/08/2013 - 17:27:51 - [0,136] ----D C:\ProgramData\SRS Labs
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Templates
O43 - CFD: 17/10/2013 - 01:43:55 - [38,971] ----D C:\ProgramData\Toshiba
O43 - CFD: 17/10/2013 - 01:59:24 - [0,003] ----D C:\ProgramData\ToshibaEurope
O43 - CFD: 08/08/2013 - 18:19:42 - [984,715] ----D C:\ProgramData\WildTangent
O43 - CFD: 22/10/2013 - 16:36:00 - [76,811] --H-D C:\ProgramData\{7BB121D6-7600-4558-AB42-6E3B25FFE647}
O43 - CFD: 22/10/2013 - 16:37:31 - [20,297] --H-D C:\ProgramData\{B33CBE2B-A739-401D-A5E0-041195C4A17B}
O43 - CFD: 17/10/2013 - 01:41:13 - [0] ----D C:\Users\vanvan\AppData\Roaming\Adobe
O43 - CFD: 17/10/2013 - 01:48:55 - [0] ----D C:\Users\vanvan\AppData\Roaming\ATI
O43 - CFD: 28/11/2013 - 23:00:44 - [0] ----D C:\Users\vanvan\AppData\Roaming\AVAST Software
O43 - CFD: 22/10/2013 - 16:36:16 - [0,031] ----D C:\Users\vanvan\AppData\Roaming\EBP
O43 - CFD: 31/12/2013 - 20:16:38 - [0,044] ----D C:\Users\vanvan\AppData\Roaming\eCyber
O43 - CFD: 06/11/2013 - 22:51:05 - [0,104] ----D C:\Users\vanvan\AppData\Roaming\Glarysoft
O43 - CFD: 17/10/2013 - 06:16:17 - [0] ----D C:\Users\vanvan\AppData\Roaming\Google
O43 - CFD: 17/10/2013 - 01:59:01 - [0] ----D C:\Users\vanvan\AppData\Roaming\Macromedia
O43 - CFD: 12/01/2014 - 23:34:35 - [43,090] ----D C:\Users\vanvan\AppData\Roaming\Malwarebytes
O43 - CFD: 30/12/2013 - 21:13:20 - [50,655] -S--D C:\Users\vanvan\AppData\Roaming\Microsoft
O43 - CFD: 24/11/2013 - 16:16:32 - [0,001] ----D C:\Users\vanvan\AppData\Roaming\sMedio
O43 - CFD: 12/01/2014 - 19:06:31 - [0] ----D C:\Users\vanvan\AppData\Roaming\Uniblue
O43 - CFD: 05/01/2014 - 15:29:45 - [0] ----D C:\Users\vanvan\AppData\Roaming\Unity
O43 - CFD: 13/01/2014 - 20:43:17 - [0,311] ----D C:\Users\vanvan\AppData\Roaming\ZHP  =>.Nicolas Coolman
O43 - CFD: 17/10/2013 - 01:39:07 - [0] -SH-D C:\Users\vanvan\AppData\Local\Application Data
O43 - CFD: 17/10/2013 - 01:48:55 - [0,064] ----D C:\Users\vanvan\AppData\Local\ATI
O43 - CFD: 08/12/2013 - 09:36:57 - [5,663] ----D C:\Users\vanvan\AppData\Local\cache
O43 - CFD: 30/12/2013 - 18:35:14 - [0] ----D C:\Users\vanvan\AppData\Local\Diagnostics
O43 - CFD: 30/12/2013 - 21:19:03 - [0,039] ----D C:\Users\vanvan\AppData\Local\Discount Dragon =>PUP.DiscountDragon
O43 - CFD: 17/10/2013 - 03:43:16 - [102,890] ----D C:\Users\vanvan\AppData\Local\Google
O43 - CFD: 17/10/2013 - 01:39:07 - [0] -SH-D C:\Users\vanvan\AppData\Local\Historique
O43 - CFD: 30/12/2013 - 21:12:57 - [138,382] ----D C:\Users\vanvan\AppData\Local\Microsoft
O43 - CFD: 26/11/2013 - 07:59:10 - [0] ----D C:\Users\vanvan\AppData\Local\Microsoft Help
O43 - CFD: 30/12/2013 - 23:01:07 - [173,645] ----D C:\Users\vanvan\AppData\Local\Packages
O43 - CFD: 17/10/2013 - 03:08:51 - [0] ----D C:\Users\vanvan\AppData\Local\Programs
O43 - CFD: 13/01/2014 - 20:40:57 - [0,380] ----D C:\Users\vanvan\AppData\Local\Temp
O43 - CFD: 17/10/2013 - 01:39:07 - [0] -SH-D C:\Users\vanvan\AppData\Local\Temporary Internet Files
O43 - CFD: 17/10/2013 - 06:29:56 - [0] ----D C:\Users\vanvan\AppData\Local\Toshiba
O43 - CFD: 05/01/2014 - 15:20:38 - [0,615] ----D C:\Users\vanvan\AppData\Local\Unity
O43 - CFD: 21/10/2013 - 17:04:25 - [0,076] ----D C:\Users\vanvan\AppData\Local\VirtualStore
O43 - CFD: 26/07/2012 - 09:13:00 - [0,004] R---D C:\Users\vanvan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/07/2012 - 09:13:00 - [0,001] R---D C:\Users\vanvan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 27/10/2013 - 11:06:31 - [0] R---D C:\Users\vanvan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 26/07/2012 - 09:13:00 - [0] ----D C:\Users\vanvan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 31/12/2013 - 17:05:57 - [0] R---D C:\Users\vanvan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 06/05/2013 - 02:21:09 - [0,005] R---D C:\Users\vanvan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
~ Program Folder: 116 Scanned in 00mn 11s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.93BCAD88E03D35A349EEDD5FAF2C7B2D] - 09/01/2014 - 18:38:02 ---A- . (...) -- C:\Windows\bti.ini   [184]
O44 - LFC:[MD5.F338F94AFFB3A3C42E4A996D711E21D4] - 09/01/2014 - 18:39:26 ---A- . (...) -- C:\Windows\DBNAMES.CFG   [49152]
O44 - LFC:[MD5.1EF9CEDB3CF5C7471A24ADBFD37F59AC] - 12/01/2014 - 16:41:20 ---A- . (...) -- C:\Windows\MEMORY.DMP   [460581507]
O44 - LFC:[MD5.63AF1D66074BF76321478B65400AFED7] - 12/01/2014 - 16:53:20 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [5430]
O44 - LFC:[MD5.37EFD0A2DF385A647F1BFB89DCCA100A] - 12/01/2014 - 16:53:20 ---A- . (...) -- C:\Windows\System32\perfc009.dat   [232706]
O44 - LFC:[MD5.9FDE8BFCAD8E7654882412B11A010270] - 12/01/2014 - 16:53:20 ---A- . (...) -- C:\Windows\System32\perfc00C.dat   [269326]
O44 - LFC:[MD5.49BEBAE467AC3FD22B9DEDECD521AD9E] - 12/01/2014 - 16:53:20 ---A- . (...) -- C:\Windows\System32\perfh009.dat   [814944]
O44 - LFC:[MD5.AEB8ADEE54AC97FF5E8DA5DD8D6E8D65] - 12/01/2014 - 16:53:20 ---A- . (...) -- C:\Windows\System32\perfh00C.dat   [1168622]
O44 - LFC:[MD5.A84DD93B5B19931CEADDBCCC47850486] - 12/01/2014 - 18:09:42 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin   [512]
O44 - LFC:[MD5.0BB97D43299910CBFBA59C461B99B910] - 12/01/2014 - 23:34:06 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys   [25928]
O44 - LFC:[MD5.24E65E6D41782A64B676161EA855A131] - 13/01/2014 - 11:55:12 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [867167]
O44 - LFC:[MD5.3562BBA64F40598F215F62076B4BAEC6] - 13/01/2014 - 11:55:49 ---A- . (...) -- C:\Windows\PFRO.log   [7254]
O44 - LFC:[MD5.C76FCED7C0799C43ED7F47F0F93B4896] - 13/01/2014 - 11:56:24 ---A- . (...) -- C:\Windows\pvsw.log   [1195]
O44 - LFC:[MD5.0BB6A9D204F59404C7228999522991E1] - 13/01/2014 - 14:11:39 ---A- . (...) -- C:\Windows\System32\spu_storage.bin   [65536]
O44 - LFC:[MD5.0D7E41E9637D86FF54AD9FAF58AB29F3] - 13/01/2014 - 20:40:31 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 30/12/2013 - 21:47:13 --HA- . (...) -- C:\Windows\System32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf   [0]
~ Files: 16 Scanned in 00mn 36s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.1F2EFCCD3E8FFAE047F476E22B294178] - 01/01/2014 - 15:19:45 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-1076C419.pf
O45 - LFCP:[MD5.B78BFC0804DAE262407E306BAA84346B] - 02/01/2014 - 14:58:14 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-5F7F692E.pf
O45 - LFCP:[MD5.121184192627B8B8584251A87672E8ED] - 02/01/2014 - 14:58:18 ---A- - C:\Windows\Prefetch\LIVECOMM.EXE-F1928578.pf
O45 - LFCP:[MD5.A2C34DF58CC4935D0A1FBEB97F9719DE] - 02/01/2014 - 15:18:18 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-384F8A25.pf
O45 - LFCP:[MD5.9C8ACAA469F3E92FF25BBE193CDA4D0A] - 02/01/2014 - 15:18:18 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-8904BC49.pf
O45 - LFCP:[MD5.3FFD34F65BB654E3338199C219D3C02E] - 02/01/2014 - 15:18:18 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-8E300B44.pf
O45 - LFCP:[MD5.19AD8342D7CA6D16BEA801CB5993450B] - 02/01/2014 - 15:18:18 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-E4E545ED.pf
O45 - LFCP:[MD5.6E20A282872BFE98818A6AE8D83BBBF2] - 02/01/2014 - 23:00:40 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B88D68FA.pf
O45 - LFCP:[MD5.621A5CC7D2CBE014BC5EFF9901DC97EB] - 03/01/2014 - 20:06:36 ---A- - C:\Windows\Prefetch\BACKGROUNDTRANSFERHOST.EXE-9145C254.pf
O45 - LFCP:[MD5.91BBD108A4DD8755D5F0FE358ACEB934] - 03/01/2014 - 23:01:06 ---A- - C:\Windows\Prefetch\WUDFHOST.EXE-0D78D366.pf
O45 - LFCP:[MD5.4DFA9261613D1CE5754DA3689D46D835] - 03/01/2014 - 23:01:13 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-86E16961.pf
O45 - LFCP:[MD5.71D799D1E9F2996A9130CCD8A1578468] - 03/01/2014 - 23:01:13 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-4A7CF88B.pf
O45 - LFCP:[MD5.9545AB6F1237A5674B879BFA38229762] - 05/01/2014 - 15:21:29 ---A- - C:\Windows\Prefetch\UNITYWEBPLAYER.EXE-3F7033B4.pf  =>Adware.SocialSkinz
O45 - LFCP:[MD5.C62466BEC5387948D6A0698871F6E326] - 05/01/2014 - 20:47:14 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-CA50B522.pf
O45 - LFCP:[MD5.BFCCB6C097A673522E786E35BF0B6249] - 07/01/2014 - 17:34:07 ---A- - C:\Windows\Prefetch\WINWORD.EXE-2437DA78.pf
O45 - LFCP:[MD5.47D78F1AFF799B6A7D8B84C0CF2EC94B] - 07/01/2014 - 17:34:33 ---A- - C:\Windows\Prefetch\MAVINJECT32.EXE-A39D6437.pf
O45 - LFCP:[MD5.78317B2D866FC187080D08C7A4A15E4A] - 07/01/2014 - 17:34:34 ---A- - C:\Windows\Prefetch\MSOSQM.EXE-2955CA48.pf
O45 - LFCP:[MD5.ECA3F89155466E58123E50FDC83AB976] - 07/01/2014 - 17:45:51 ---A- - C:\Windows\Prefetch\SETUP.EXE-264339E5.pf
O45 - LFCP:[MD5.279AFE5126B55D6CA1D6205B0205BE7D] - 07/01/2014 - 17:45:52 ---A- - C:\Windows\Prefetch\PREINSTALLVALIDATOR.EXE-755CE109.pf
O45 - LFCP:[MD5.40B0CC3DB1F0665CE45A7E08EFC29724] - 08/01/2014 - 09:47:23 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-2E6EB6A2.pf
O45 - LFCP:[MD5.9A56B4A29533540C3ACDB99EC266FC7A] - 08/01/2014 - 20:49:59 ---A- - C:\Windows\Prefetch\53DE9992-B921-4A69-99C6-992FC-35B8970A.pf
O45 - LFCP:[MD5.7679D6D864695FE2C62DB1CD51A440B5] - 08/01/2014 - 22:13:58 ---A- - C:\Windows\Prefetch\WINWORD.EXE-342B9A35.pf
O45 - LFCP:[MD5.5B967768AC61C58A8BFB5B3C89643216] - 08/01/2014 - 22:14:49 ---A- - C:\Windows\Prefetch\OSE.EXE-898B0C73.pf
O45 - LFCP:[MD5.7F4434FAEC21956999E009B55C5634FB] - 09/01/2014 - 18:30:50 ---A- - C:\Windows\Prefetch\EBP_CD.EXE-8A5FA0C5.pf
O45 - LFCP:[MD5.14D4F5468E4C37DE61814DC21820DD65] - 09/01/2014 - 18:31:33 ---A- - C:\Windows\Prefetch\SETUP.EXE-ACB57775.pf
O45 - LFCP:[MD5.86E17C637C333142AED409924AB79987] - 09/01/2014 - 18:31:38 ---A- - C:\Windows\Prefetch\SETUP.EX_-ACB57B37.pf
O45 - LFCP:[MD5.1EC88991F74161DBA6C431FB6A2CBC33] - 09/01/2014 - 18:34:43 ---A- - C:\Windows\Prefetch\SETUP.EXE-811C47BD.pf
O45 - LFCP:[MD5.9C06572651E7A7A3D34C7C6EB882822F] - 09/01/2014 - 18:34:45 ---A- - C:\Windows\Prefetch\_INS5576._MP-EBC62F75.pf
O45 - LFCP:[MD5.04BA178561481F9A556FC85792CB5564] - 09/01/2014 - 18:34:47 ---A- - C:\Windows\Prefetch\_ISDEL.EXE-F97AB510.pf
O45 - LFCP:[MD5.4CF5E7380B7C0FCDF5E2B27E93B5B881] - 09/01/2014 - 18:34:53 ---A- - C:\Windows\Prefetch\HHUPD.EXE-5A5F465D.pf
O45 - LFCP:[MD5.8831AF532210CD77CC4166243E7E75B6] - 09/01/2014 - 18:35:39 ---A- - C:\Windows\Prefetch\PVKILLWG.EXE-3FE2608E.pf
O45 - LFCP:[MD5.20C0978D8164D087703CAD187B9CC1B4] - 09/01/2014 - 18:35:40 ---A- - C:\Windows\Prefetch\PVPDUN.EXE-A28F6E37.pf
O45 - LFCP:[MD5.AF962A5119764F41D6FB23381A6E36B5] - 09/01/2014 - 18:35:46 ---A- - C:\Windows\Prefetch\PSAWIZRD.EXE-751A99DA.pf
O45 - LFCP:[MD5.3B364379C7F374128DDE4D3959D44AED] - 09/01/2014 - 18:35:46 ---A- - C:\Windows\Prefetch\PVBANNER.EXE-64469492.pf
O45 - LFCP:[MD5.006AB52D4FEC3B83B3439EDD2F104167] - 09/01/2014 - 18:35:46 ---A- - C:\Windows\Prefetch\PVCLOSE.EXE-1A896032.pf
O45 - LFCP:[MD5.683C829FEC35310DB54174034C96A6CE] - 09/01/2014 - 18:38:57 ---A- - C:\Windows\Prefetch\PVSETEX.EXE-9C42EC19.pf
O45 - LFCP:[MD5.BF8D3C38498CE948FF8B6C26D3421F57] - 09/01/2014 - 18:39:13 ---A- - C:\Windows\Prefetch\CREATEDB.EXE-9FBCF6D0.pf
O45 - LFCP:[MD5.62CD9D1DE67F2E7CB96B3644F0645F22] - 09/01/2014 - 18:39:13 ---A- - C:\Windows\Prefetch\DROPDB.EXE-A7AB500D.pf
O45 - LFCP:[MD5.2A4EE31D5BE165E9494F0B9DD2A029BF] - 09/01/2014 - 18:39:13 ---A- - C:\Windows\Prefetch\EXPWIZRD.EXE-A974515F.pf
O45 - LFCP:[MD5.C4331F26556FFD191019F78EB45549A1] - 09/01/2014 - 18:39:13 ---A- - C:\Windows\Prefetch\IMPWIZRD.EXE-78613D2C.pf
O45 - LFCP:[MD5.8095A58AE17069FC5B2EBAC9C6654EF6] - 09/01/2014 - 18:39:13 ---A- - C:\Windows\Prefetch\NULCNVWZ.EXE-6CAF2D69.pf
O45 - LFCP:[MD5.D7B5EFDB4AECB29F442515B9AC1F6CE9] - 09/01/2014 - 18:39:13 ---A- - C:\Windows\Prefetch\PCC.EXE-3474DEB4.pf
O45 - LFCP:[MD5.5B71DA38C24620058F8949F563E64711] - 09/01/2014 - 18:39:13 ---A- - C:\Windows\Prefetch\PCCFRAME.EXE-20B412C3.pf
O45 - LFCP:[MD5.364BDDB95AD9D82F4FB76317DC65C417] - 09/01/2014 - 18:39:16 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-FF81E3C4.pf
O45 - LFCP:[MD5.3F639E1366738B979041F8012E964FF2] - 09/01/2014 - 18:39:57 ---A- - C:\Windows\Prefetch\PVKILLWG.EXE-11D6CC8E.pf
O45 - LFCP:[MD5.4CD9B52C1928ADDA0156FFF3AD49DA90] - 09/01/2014 - 18:40:09 ---A- - C:\Windows\Prefetch\W3DBSMGR.EXE-C170E353.pf
O45 - LFCP:[MD5.A36E2056C308588C8D19FC429CC2C260] - 09/01/2014 - 18:40:09 ---A- - C:\Windows\Prefetch\WGE_SRV.EXE-DF17F65F.pf
O45 - LFCP:[MD5.5B4E9ACEFED9AA4D09C02D68DD44BCBE] - 09/01/2014 - 18:40:53 ---A- - C:\Windows\Prefetch\HH.EXE-603A5034.pf
O45 - LFCP:[MD5.F1D01F817A187D3BD450EBA9D7216F62] - 09/01/2014 - 18:41:03 ---A- - C:\Windows\Prefetch\SLEEP.EXE-D433A063.pf
O45 - LFCP:[MD5.EFBDD742ECEA3F22526D7672176C41B2] - 09/01/2014 - 18:45:50 ---A- - C:\Windows\Prefetch\OSPPSVC.EXE-B07514FA.pf
O45 - LFCP:[MD5.C22FA6B017CCC57E8170C102B94F7736] - 09/01/2014 - 18:45:55 ---A- - C:\Windows\Prefetch\SPLWOW64.EXE-853292E2.pf
O45 - LFCP:[MD5.9F3217B9CB9EFA1ECBE314EDF004C33D] - 09/01/2014 - 18:48:58 ---A- - C:\Windows\Prefetch\EBPFLASH.EXE-C2B1D913.pf
O45 - LFCP:[MD5.AF33D08D358E90C1D02B8A9E7CEFEAD2] - 09/01/2014 - 18:52:18 ---A- - C:\Windows\Prefetch\GLCND.EXE-05B73AB0.pf
O45 - LFCP:[MD5.4280CBD951174C1B293A81271C94A0DE] - 09/01/2014 - 20:34:16 ---A- - C:\Windows\Prefetch\PRINTDIALOGHOST.EXE-90923561.pf
O45 - LFCP:[MD5.F8A84392E7B80F8F681FBEEB035B4DED] - 09/01/2014 - 20:34:17 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-A69709A8.pf
O45 - LFCP:[MD5.4BF214BAAEF4C0DFB13B232B04F34462] - 10/01/2014 - 07:44:35 ---A- - C:\Windows\Prefetch\CNMSEA4.EXE-E5B3E446.pf
O45 - LFCP:[MD5.C01FB27785E887379ABB126744C6EC56] - 10/01/2014 - 07:44:35 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-7DA584A2.pf
O45 - LFCP:[MD5.8DACCF2530367E11757E52969C78B7F3] - 10/01/2014 - 07:44:43 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-7455801D.pf
O45 - LFCP:[MD5.18D90E221050D6F1A35E7F914A6E9943] - 10/01/2014 - 07:45:22 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-6AB4C5A4.pf
O45 - LFCP:[MD5.765FFFF4B90AB479B72637D0263CE3EC] - 11/01/2014 - 17:45:50 ---A- - C:\Windows\Prefetch\PRINTISOLATIONHOST.EXE-9AE42873.pf
O45 - LFCP:[MD5.8FCF2C01CB3134537680CD8E17999A16] - 11/01/2014 - 18:45:48 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-E875A140.pf
O45 - LFCP:[MD5.0D7F8027214B5A2091F10E89813EC3E0] - 11/01/2014 - 18:45:58 ---A- - C:\Windows\Prefetch\PICKERHOST.EXE-03F09186.pf
O45 - LFCP:[MD5.6F349A67158CB3025986E3903433E4AF] - 11/01/2014 - 18:46:01 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-38161C81.pf
O45 - LFCP:[MD5.95C853FE6453339A0BCED900CE8EBF29] - 11/01/2014 - 18:48:29 ---A- - C:\Windows\Prefetch\SKETCHUP.EXE-F9FF151F.pf
O45 - LFCP:[MD5.E34DB68296E59833EFCBCD96AFF739A4] - 11/01/2014 - 19:03:47 ---A- - C:\Windows\Prefetch\VSSVC.EXE-206E55B3.pf
O45 - LFCP:[MD5.5D17E686156B73E9FCA9BEC80B335F08] - 11/01/2014 - 19:03:48 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-69B6023D.pf
O45 - LFCP:[MD5.3C7A01E75A684293C390CBC452547DD3] - 11/01/2014 - 19:04:41 ---A- - C:\Windows\Prefetch\DSMUSERTASK.EXE-D4A83970.pf
O45 - LFCP:[MD5.973030AF19A2CBEB5C5A14F986899F2E] - 11/01/2014 - 19:04:51 ---A- - C:\Windows\Prefetch\SRTASKS.EXE-29C2E869.pf
O45 - LFCP:[MD5.ABDC9B299DA160567946DFC4D90FFB46] - 11/01/2014 - 19:07:08 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-BAE57A74.pf
O45 - LFCP:[MD5.FC0692B031406FE94B12B3900972679E] - 11/01/2014 - 19:41:15 ---A- - C:\Windows\Prefetch\MEMFILESSERVICE.EXE-51D6CCD0.pf
O45 - LFCP:[MD5.6DB07199210F9F759998604FA8229D8F] - 11/01/2014 - 19:41:16 ---A- - C:\Windows\Prefetch\WIN64SHELLLINK.EXE-6B51BEED.pf
O45 - LFCP:[MD5.05C4DE05DB79CA1ED072BAF89FBEDBB2] - 11/01/2014 - 19:41:27 ---A- - C:\Windows\Prefetch\CHECKDISKPROGRESS.EXE-9C87DD17.pf
O45 - LFCP:[MD5.7C926E9E2F87FBBC1A3AEE3D90373C76] - 11/01/2014 - 19:53:32 ---A- - C:\Windows\Prefetch\FW-3-0-16938-FR.EXE-D692E633.pf
O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/03/2139 - 12:57:20 ----D - C:\Windows\Prefetch\ReadyBoot
O45 - LFCP:[MD5.D809B80DECAABDD027D745819015152E] - 12/01/2014 - 02:01:28 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-7B9CC28A.pf
O45 - LFCP:[MD5.90FEF122626B0B9C85AB625D788E5FE9] - 12/01/2014 - 15:04:24 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-05B3EDF6.pf
O45 - LFCP:[MD5.4C09EBAE10090626D4C624EB7073C060] - 12/01/2014 - 15:06:59 ---A- - C:\Windows\Prefetch\CCLEANER64.EXE-1137D9AC.pf  =>Piriform Ltd
O45 - LFCP:[MD5.C9227B59273B3CBD4DDE7E1BCF268D3B] - 12/01/2014 - 15:19:34 ---A- - C:\Windows\Prefetch\LIVECOMM.EXE-C6BA460D.pf
O45 - LFCP:[MD5.34872AADF3321F30A33610503CF74B23] - 12/01/2014 - 15:22:21 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-F592BF19.pf
O45 - LFCP:[MD5.AEDD27DA0BD161BCB6DF01569DD5A2D5] - 12/01/2014 - 15:24:41 ---A- - C:\Windows\Prefetch\WMPLAYER.EXE-B0AD61F0.pf
O45 - LFCP:[MD5.144C9539695F8B984C6341A5D960A60C] - 12/01/2014 - 15:24:49 ---A- - C:\Windows\Prefetch\OPENWITH.EXE-BA0DC300.pf
O45 - LFCP:[MD5.2AB244D721841CE49B1667D1B3469C2F] - 12/01/2014 - 16:48:13 ---A- - C:\Windows\Prefetch\ISAFETRAY.EXE-F929161B.pf  =>Trojan.Staser
O45 - LFCP:[MD5.79E726AADD45D5BD399BE2871E66CC3C] - 12/01/2014 - 16:51:29 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-E41090C3.pf
O45 - LFCP:[MD5.E203FDF38822CB788A7C0A147142D884] - 12/01/2014 - 16:51:38 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-B74CD89D.pf
O45 - LFCP:[MD5.D6C27697BE05FF9EDA14E7855370FE31] - 12/01/2014 - 16:51:40 ---A- - C:\Windows\Prefetch\SYSTEMSETTINGS.EXE-D8CC3B5E.pf
O45 - LFCP:[MD5.28E1298F666551414F4141C755F6C732] - 12/01/2014 - 16:54:43 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-D35BF5AF.pf
O45 - LFCP:[MD5.C8DBE4D78529A1051F26422D37D82A3D] - 12/01/2014 - 17:41:05 ---A- - C:\Windows\Prefetch\FILETYPEHELPER.EXE-DE295D5E.pf
O45 - LFCP:[MD5.7C0EE94D808E63CF749C2953F6BEAF80] - 12/01/2014 - 18:07:50 ---A- - C:\Windows\Prefetch\LADS.EXE-BC89FD22.pf
O45 - LFCP:[MD5.297CE4732A27151D162CFD6D60BDC50A] - 12/01/2014 - 18:09:22 ---A- - C:\Windows\Prefetch\NSLOOKUP.EXE-EB35EDAD.pf
O45 - LFCP:[MD5.61A25CAA82D1E0FBB42B557A3097D868] - 12/01/2014 - 18:09:42 ---A- - C:\Windows\Prefetch\MBRCHECK.EXE-52282269.pf
O45 - LFCP:[MD5.2B05FA134F6EE1521892DC6F893D7C69] - 12/01/2014 - 18:11:22 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-F0516D55.pf
O45 - LFCP:[MD5.9C8FA1596FBDC630270F76259DFDB223] - 12/01/2014 - 18:13:04 ---A- - C:\Windows\Prefetch\ASWRUNDLL.EXE-812C3585.pf
O45 - LFCP:[MD5.DA6BB13849B8BFDD9CA8C114BF2CC2EB] - 12/01/2014 - 18:13:05 ---A- - C:\Windows\Prefetch\WERMGR.EXE-D948C216.pf
O45 - LFCP:[MD5.6FF290FE63176A8465CA9830672668D6] - 12/01/2014 - 18:13:15 ---A- - C:\Windows\Prefetch\UPDATE.EXE-46733ABF.pf
O45 - LFCP:[MD5.36680A5032A31AC3A44A17605209212C] - 12/01/2014 - 18:13:16 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-94CE7668.pf
O45 - LFCP:[MD5.F8BBB0213AAC7FC220AFF6248E2499DF] - 12/01/2014 - 18:16:09 ---A- - C:\Windows\Prefetch\INSTUP.EXE-3AF05CB9.pf
O45 - LFCP:[MD5.800EC5E7177A39676947CA0C3621500E] - 12/01/2014 - 18:33:39 ---A- - C:\Windows\Prefetch\DUP.EXE-B42CF878.pf
O45 - LFCP:[MD5.4DCC7A7390A2C8FC3837F272C8A8A180] - 12/01/2014 - 18:48:43 ---A- - C:\Windows\Prefetch\CONTROL.EXE-5BCB0217.pf
O45 - LFCP:[MD5.1DA2494ABE057C89CD66DA3282119858] - 12/01/2014 - 18:48:44 ---A- - C:\Windows\Prefetch\Op-EXPLORER.EXE-03C49D11-000000F5.pf
O45 - LFCP:[MD5.945C063F1887F013C09A5465E32F0431] - 12/01/2014 - 18:49:11 ---A- - C:\Windows\Prefetch\ISAFEUPDATE.EXE-CA31796A.pf  =>Trojan.Staser
O45 - LFCP:[MD5.B004E41F340B6703055B141F97794A61] - 12/01/2014 - 18:50:03 ---A- - C:\Windows\Prefetch\UNINS000.EXE-89E38755.pf
O45 - LFCP:[MD5.D7E1B37292814A639F0E6674AA85514C] - 12/01/2014 - 18:50:03 ---A- - C:\Windows\Prefetch\_IU14D2N.TMP-CA849576.pf
O45 - LFCP:[MD5.828CC511199A988292504869CC9A1ED5] - 12/01/2014 - 18:50:13 ---A- - C:\Windows\Prefetch\BACKGROUNDTRANSFERHOST.EXE-05224ED5.pf
O45 - LFCP:[MD5.5B72C9F5B66CB3ABF9C540D4602EFB6C] - 12/01/2014 - 18:50:28 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-DD88E0F2.pf
O45 - LFCP:[MD5.07B30B80F43DAFFE33F2C5FF2518139A] - 12/01/2014 - 18:50:34 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-3AA8E2C3.pf
O45 - LFCP:[MD5.F6C34F0A3352DC1DDBAECCB2153FFAE8] - 12/01/2014 - 18:50:36 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-EFFCE0E6.pf
O45 - LFCP:[MD5.34EF866DFB338A4296B05594DBA3B527] - 12/01/2014 - 18:50:40 ---A- - C:\Windows\Prefetch\WEBPLAYER.EXE-A9563CDE.pf  =>Adware.SocialSkinz
O45 - LFCP:[MD5.D8EF1F03B26A7E928B86269D2961E5E7] - 12/01/2014 - 18:50:43 ---A- - C:\Windows\Prefetch\BU_.EXE-0292A2C6.pf
O45 - LFCP:[MD5.9E2C33B6AC6F573F365955A89EFABCE0] - 12/01/2014 - 18:51:07 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-CD037A5F.pf
O45 - LFCP:[MD5.E0F519BDE6F9E1AA79CED5E0212CA884] - 12/01/2014 - 18:51:08 ---A- - C:\Windows\Prefetch\PING.EXE-CF0A440C.pf
O45 - LFCP:[MD5.74E2F3919BE6689C57FAB978B4B9A016] - 12/01/2014 - 18:51:51 ---A- - C:\Windows\Prefetch\WEBPLAYER.EXE-97E3F712.pf  =>Adware.SocialSkinz
O45 - LFCP:[MD5.1297E7329097E93B6CC55A63B99332F9] - 12/01/2014 - 18:51:55 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-858F13A0.pf
O45 - LFCP:[MD5.7132AE9F1E454FF8979116F6AC4A68F2] - 12/01/2014 - 18:52:28 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-6EE82B7E.pf
O45 - LFCP:[MD5.8048FD4FADE0C57A1128B90A6A35A868] - 12/01/2014 - 18:52:32 ---A- - C:\Windows\Prefetch\UPDATE_CHECKER.EXE-7F3CCF9F.pf
O45 - LFCP:[MD5.F906CA515677AB3924993C1AC7B6B436] - 12/01/2014 - 18:53:21 ---A- - C:\Windows\Prefetch\UNINS000.EXE-337FE730.pf
O45 - LFCP:[MD5.9824FC715AB76108AEB5DF18C6132942] - 12/01/2014 - 18:53:47 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-82C77375.pf
O45 - LFCP:[MD5.E53ABE50932D1FED59BAE1EC876F89E9] - 12/01/2014 - 18:53:57 ---A- - C:\Windows\Prefetch\NET.EXE-C3772C91.pf
O45 - LFCP:[MD5.B1C05C37D77F7832FB07CD035C5366B6] - 12/01/2014 - 18:53:57 ---A- - C:\Windows\Prefetch\NET1.EXE-D513025E.pf
O45 - LFCP:[MD5.D5181E62DB51CF998372D8A6A55293D0] - 12/01/2014 - 18:54:00 ---A- - C:\Windows\Prefetch\AU_.EXE-81931391.pf
O45 - LFCP:[MD5.29F12E3BBA698BD708F4D50CA399673E] - 12/01/2014 - 18:54:00 ---A- - C:\Windows\Prefetch\SC.EXE-CCD1735C.pf
O45 - LFCP:[MD5.B586A78A5DD02BCE649286BE3A9F5B92] - 12/01/2014 - 18:54:00 ---A- - C:\Windows\Prefetch\WAJAMUPDATERV3.EXE-0651FA7E.pf  =>PUP.Wajam
O45 - LFCP:[MD5.DE835C25F1571A674F6890FF5D1A79C3] - 12/01/2014 - 18:54:18 ---A- - C:\Windows\Prefetch\TASKKILL.EXE-3D8A2F61.pf
O45 - LFCP:[MD5.508FEC33ABD7D70EB99DF6051C97AFB0] - 12/01/2014 - 18:54:58 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-084955AE.pf
O45 - LFCP:[MD5.3A7BC9984475A24605962C0CE647CF5D] - 12/01/2014 - 18:55:00 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-DFD632C5.pf
O45 - LFCP:[MD5.EE61BB60E94D91E356279564DC33725A] - 12/01/2014 - 18:55:05 ---A- - C:\Windows\Prefetch\BUGREPORT.EXE-7EC15CCD.pf
O45 - LFCP:[MD5.D867AFE09B5AD77D3C6E20FBA4523BF2] - 12/01/2014 - 18:55:05 ---A- - C:\Windows\Prefetch\ISAFESVC.EXE-8A12EE57.pf  =>Trojan.Staser
O45 - LFCP:[MD5.1ADAC452B5A982499C2E1204DFABD3A8] - 12/01/2014 - 18:55:28 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf
O45 - LFCP:[MD5.0D510F5BD580579A705EFCDB9E6D4B1C] - 12/01/2014 - 18:55:38 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf
O45 - LFCP:[MD5.3FBB8F99F42BFF9F1E96229C4E41F618] - 12/01/2014 - 19:01:33 ---A- - C:\Windows\Prefetch\OPTPROLAUNCHER.EXE-215AE735.pf
O45 - LFCP:[MD5.416E02C4287AAA96B065D4DBDF2C7B3D] - 12/01/2014 - 19:01:53 ---A- - C:\Windows\Prefetch\MGUSB.EXE-2DCAF222.pf
O45 - LFCP:[MD5.E7DF4A580869E3BD297BE3AC9EBCD96F] - 12/01/2014 - 19:01:56 ---A- - C:\Windows\Prefetch\DAEMONPROCESS.EXE-E4BDA2BB.pf
O45 - LFCP:[MD5.AE0C11704CBEED07103925C9C829FF07] - 12/01/2014 - 20:03:04 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-D248379B.pf
O45 - LFCP:[MD5.8C06D93D330CCEF7ED51C2FF61F80B7F] - 12/01/2014 - 20:03:21 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-19311FF5.pf
O45 - LFCP:[MD5.CD23D6BA1A7C4CF23DB7D3441CBC1A9F] - 12/01/2014 - 20:06:02 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5D09CA10.pf
O45 - LFCP:[MD5.7C098E268865DDC359C4BAFD105E1350] - 12/01/2014 - 20:06:43 ---A- - C:\Windows\Prefetch\ADWCLEANER.EXE-D78EED7E.pf
O45 - LFCP:[MD5.AB0E69C7FCCFDEE3F7DAC38D33CBABEA] - 12/01/2014 - 20:08:31 ---A- - C:\Windows\Prefetch\CMD.EXE-CD245F9E.pf
O45 - LFCP:[MD5.ECBB682D6B320E0478B906098738825B] - 12/01/2014 - 20:08:31 ---A- - C:\Windows\Prefetch\REG.EXE-6A8B6960.pf
O45 - LFCP:[MD5.043D758DB8E2B8B4199C2B9F73F1286D] - 12/01/2014 - 20:08:41 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-44194444.pf
O45 - LFCP:[MD5.5A3199BE0C75ABABBD4FD62F6B18A0F7] - 12/01/2014 - 20:11:02 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-08344DEE.pf
O45 - LFCP:[MD5.DFB7EE3751DC90353A171DD5FD758823] - 12/01/2014 - 20:11:50 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-B28CC291.pf
O45 - LFCP:[MD5.7CD73856B50289172C0082A99443EAA7] - 12/01/2014 - 20:12:02 ---A- - C:\Windows\Prefetch\AgCx_SC4.db
O45 - LFCP:[MD5.98FC6EFFABD64D795F7E2507CFF03411] - 12/01/2014 - 20:20:11 ---A- - C:\Windows\Prefetch\MOM.EXE-AF39B199.pf
O45 - LFCP:[MD5.8CBD92B134F99BB860B67FAEA6AF5665] - 12/01/2014 - 20:20:13 ---A- - C:\Windows\Prefetch\CCC.EXE-22878179.pf
O45 - LFCP:[MD5.C5F7AE64C56F29F05FD05476848A5A41] - 12/01/2014 - 22:26:37 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-BA1E321E.pf
O45 - LFCP:[MD5.CB4BA32CC5BDB3831240E63F9E386D3F] - 12/01/2014 - 22:39:17 ---A- - C:\Windows\Prefetch\MBAM-SETUP-1.75.0.1300.TMP-6BBBC109.pf
O45 - LFCP:[MD5.380B0CF8C925FA207D3F64F3C6E91653] - 12/01/2014 - 22:39:25 ---A- - C:\Windows\Prefetch\MBAM-SETUP-1.75.0.1300.EXE-00E23B4F.pf
O45 - LFCP:[MD5.422F1E026DBBAB5781874055550E9BFA] - 12/01/2014 - 22:39:27 ---A- - C:\Windows\Prefetch\MBAM-SETUP-1.75.0.1300.TMP-4513E833.pf
O45 - LFCP:[MD5.42470B2EFB7EC58C1C4AC5F889727994] - 12/01/2014 - 23:03:13 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-276AC160.pf
O45 - LFCP:[MD5.416FD64D0949AD722CA21F4B6425EEB6] - 12/01/2014 - 23:15:27 ---A- - C:\Windows\Prefetch\MMLOADDRV.EXE-778A3492.pf
O45 - LFCP:[MD5.FBE7EB6D64887F551792774023E1EB22] - 12/01/2014 - 23:34:06 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-E1DBB6D8.pf
O45 - LFCP:[MD5.8A08C3CC86A6712AC48CA25598F93AE2] - 12/01/2014 - 23:36:02 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-3290E8FC.pf
O45 - LFCP:[MD5.AC389FBFB15BD7A7A4AF05549F3929DF] - 12/01/2014 - 23:36:11 ---A- - C:\Windows\Prefetch\MBAM.EXE-125A28F9.pf
O45 - LFCP:[MD5.C989B2512ECCF596EFEDAD38B20EDC56] - 12/01/2014 - 23:44:56 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5A956D1E.pf
O45 - LFCP:[MD5.C3ADA245499E6FDA8B82A47DC73F44EC] - 13/01/2014 - 01:06:01 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-E35F76FB.pf
O45 - LFCP:[MD5.73CF2936ED9AA3D73A1A752ABA479C0E] - 13/01/2014 - 03:06:24 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-FA06153B.pf
O45 - LFCP:[MD5.896A393B3A0EA3158C7025CF3A74084A] - 13/01/2014 - 11:47:56 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-54718F11.pf
O45 - LFCP:[MD5.110B13FC2DC90BDD62A88306604E281E] - 13/01/2014 - 11:47:56 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-675DCE4B.pf
O45 - LFCP:[MD5.F9ECB7B940FCB398047458A765B12797] - 13/01/2014 - 11:47:58 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-01427ED9.pf
O45 - LFCP:[MD5.B6EBA039302C0DAFFCCF2E3A601B7AEA] - 13/01/2014 - 11:48:22 ---A- - C:\Windows\Prefetch\DELEGATE_EXECUTE.EXE-09EF6B82.pf
O45 - LFCP:[MD5.47ED0C6D705CA606E3438E48A50B45E3] - 13/01/2014 - 11:50:16 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.5E584E28A1C6F14B151BBF9E809AAFED] - 13/01/2014 - 11:50:17 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.2ED3C20B4969DB7586FB088D116636C8] - 13/01/2014 - 11:50:18 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.B80064E255E7A6E1F91D6B84FFAC7C9A] - 13/01/2014 - 11:50:18 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.F2811EBF55CF2DF04EDF05C20B183AE8] - 13/01/2014 - 11:50:22 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-1A4CC1C3.pf
O45 - LFCP:[MD5.8E2DA44EB8F225C1E618B638280945D7] - 13/01/2014 - 11:50:50 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-8B7FFE00.pf
O45 - LFCP:[MD5.03D3C56E54E99717D5AEE0AEF685F1F0] - 13/01/2014 - 11:50:55 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-65421336.pf
O45 - LFCP:[MD5.BE879217ECF7A7D4F70987A8D99E8827] - 13/01/2014 - 11:51:27 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-210D3DBE.pf
O45 - LFCP:[MD5.49042AF98E627AD4F32A2D1FA5DEFAB4] - 13/01/2014 - 11:52:02 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-3787397168-1108925348-3941744411-1001.db
O45 - LFCP:[MD5.36658ABE5B1007B48CC1D42F002732C9] - 13/01/2014 - 11:52:02 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-3787397168-1108925348-3941744411-1001.db
O45 - LFCP:[MD5.962C977A679D6AFADAC4E6D827C2DD7D] - 13/01/2014 - 11:52:19 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3F4.pf
O45 - LFCP:[MD5.F669881D48B81F4F418C47F5866EF1E8] - 13/01/2014 - 11:52:57 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-E6E6216F.pf
O45 - LFCP:[MD5.EBAC39C20002C9A2594692033D9190C5] - 13/01/2014 - 11:54:49 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-BE4C6037.pf
O45 - LFCP:[MD5.854C8C04A321CA546735FED86B475C84] - 13/01/2014 - 11:55:06 ---A- - C:\Windows\Prefetch\CLI.EXE-278FDBBC.pf
O45 - LFCP:[MD5.AB7327D7FF6122485232D71B9D30D1E4] - 13/01/2014 - 11:55:11 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.7393D0092BF86155683FEBF802C459D4] - 13/01/2014 - 11:57:15 ---A- - C:\Windows\Prefetch\LPKSETUP.EXE-EE6EE0C2.pf
O45 - LFCP:[MD5.4B0477C844DD5449E59D760334B97D31] - 13/01/2014 - 11:57:43 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-B12FF6E7.pf
O45 - LFCP:[MD5.FA9751063C7BC1FB9A80BFE8D6EE10AC] - 13/01/2014 - 11:58:31 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-6520183E.pf
O45 - LFCP:[MD5.9545197CED92D81E9E6EB0598B8112BC] - 13/01/2014 - 11:58:41 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-EF8503D3.pf
O45 - LFCP:[MD5.7EB0094A1D827E0723E0E1BB463B7D53] - 13/01/2014 - 12:00:26 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-7D63BB4C.pf
O45 - LFCP:[MD5.9C8960CAECBEB6C3B12FE4BC53B967B5] - 13/01/2014 - 12:06:23 ---A- - C:\Windows\Prefetch\AVBUGREPORT.EXE-E4EA699E.pf
O45 - LFCP:[MD5.B83693ABBFE101C7FC20FEF060666881] - 13/01/2014 - 12:07:11 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5F33F207.pf
O45 - LFCP:[MD5.CA9F7DDCD5A60F15E38AA06121C16F95] - 13/01/2014 - 12:07:11 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-29D61DAB.pf
O45 - LFCP:[MD5.271FC93332AC8E2B3A7C3443EF4C3217] - 13/01/2014 - 12:07:12 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-7D20CFB0.pf
O45 - LFCP:[MD5.722F24F47B9080C1EB2E45F52D05566B] - 13/01/2014 - 12:08:33 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-B018CCBF.pf
O45 - LFCP:[MD5.E427430BD7E392C73B4D0CD2D014BA61] - 13/01/2014 - 12:08:34 ---A- - C:\Windows\Prefetch\TIWORKER.EXE-375F3D59.pf
O45 - LFCP:[MD5.EA997087AFE99E226462AF0642FC66F3] - 13/01/2014 - 14:11:30 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.AF4903D6924ED027311E538CAB4864BE] - 13/01/2014 - 20:40:35 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-F2C7AEBC.pf
O45 - LFCP:[MD5.A131C72899F30046CA0D3E949BF69C12] - 13/01/2014 - 20:40:41 ---A- - C:\Windows\Prefetch\ATBROKER.EXE-8B8F7F7C.pf
O45 - LFCP:[MD5.C20C7BDD722EB7276C8DCC0AF3E4E1F7] - 13/01/2014 - 20:40:48 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-E6B64B6C.pf
O45 - LFCP:[MD5.77C465C034801E42E3EB99DF3FE23D5C] - 13/01/2014 - 20:40:48 ---A- - C:\Windows\Prefetch\MBAMGUI.EXE-9FF23AE2.pf
O45 - LFCP:[MD5.CD48A47F8E06B27E99E4BD63B6C8146A] - 13/01/2014 - 20:40:48 ---A- - C:\Windows\Prefetch\TASKHOSTEX.EXE-7356AAC0.pf
O45 - LFCP:[MD5.4E1A065904208B4AD1FE05BA8E7D0B68] - 13/01/2014 - 20:40:49 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-48F3DAE9.pf
O45 - LFCP:[MD5.0753CEACE555B69B319CC0D1C71083CE] - 13/01/2014 - 20:40:49 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-AAB0060C.pf
O45 - LFCP:[MD5.324CFE314283889E469C26F4A746BE7A] - 13/01/2014 - 20:40:49 ---A- - C:\Windows\Prefetch\USERINIT.EXE-7FD17ED1.pf
O45 - LFCP:[MD5.F3E79EFE6BC15DE31318B1A367089EB0] - 13/01/2014 - 20:40:51 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf
O45 - LFCP:[MD5.A0978C2F13B96078475A35ECEFF41EDC] - 13/01/2014 - 20:41:00 ---A- - C:\Windows\Prefetch\INITIALIZE.EXE-E23C86B4.pf
O45 - LFCP:[MD5.E93EBBEAECCD355EE0E23A0BB22160C1] - 13/01/2014 - 20:41:00 ---A- - C:\Windows\Prefetch\INITIALIZE.EXE-FA7D38EB.pf
O45 - LFCP:[MD5.6CC099F8B2C1B37CB15B4D02204766D0] - 13/01/2014 - 20:41:00 ---A- - C:\Windows\Prefetch\TASKENG.EXE-23205583.pf
O45 - LFCP:[MD5.51BD93EA30822E724C512411100B85F0] - 13/01/2014 - 20:41:02 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-62E5E10F.pf
O45 - LFCP:[MD5.37E75C8E2C58823C9BF1569601470308] - 13/01/2014 - 20:41:09 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-CE99ACA7.pf
O45 - LFCP:[MD5.F735A895D56A85F6F07B0A18AAC30D49] - 13/01/2014 - 20:41:09 ---A- - C:\Windows\Prefetch\THUMBNAILEXTRACTIONHOST.EXE-C3FB8861.pf
O45 - LFCP:[MD5.7331FF6CB18EDD1A6F5776F10B741889] - 13/01/2014 - 20:41:12 ---A- - C:\Windows\Prefetch\CONSENT.EXE-2D674CE4.pf
O45 - LFCP:[MD5.B73836ACD478098DFBBB997F72D0BA44] - 13/01/2014 - 20:41:12 ---A- - C:\Windows\Prefetch\INTEGRATOR.EXE-0112F6B4.pf
O45 - LFCP:[MD5.D77CCD745ABC8D0D0227C7CBE1B359B9] - 13/01/2014 - 20:41:16 ---A- - C:\Windows\Prefetch\SACPL.EXE-1581A3B9.pf
O45 - LFCP:[MD5.4881584714CB8DD89192E597AA694B1B] - 13/01/2014 - 20:41:16 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-C6CFE2A8.pf
O45 - LFCP:[MD5.695365A9C5288CAC33DCA2074A401BF4] - 13/01/2014 - 20:41:19 ---A- - C:\Windows\Prefetch\UPGRADE.EXE-AAFD1969.pf
O45 - LFCP:[MD5.E058E7FCEA10EDAE150288453308C98E] - 13/01/2014 - 20:41:20 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.6F955DA0A6AA83A8468ACAD0BB00AD15] - 13/01/2014 - 20:41:20 ---A- - C:\Windows\Prefetch\RUNTIMEBROKER.EXE-17E2786F.pf
O45 - LFCP:[MD5.40E9D327A263690B429226C46B45DFDD] - 13/01/2014 - 20:41:20 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-5F2753B1.pf
O45 - LFCP:[MD5.C18DAA711412148D0557040D37660C81] - 13/01/2014 - 20:41:21 ---A- - C:\Windows\Prefetch\CAUDIOFILTERAGENT64.EXE-472DD6CA.pf
O45 - LFCP:[MD5.7722E8CE628C6F921F8EE3219262494F] - 13/01/2014 - 20:41:21 ---A- - C:\Windows\Prefetch\TCRDKBB.EXE-0C78BCFE.pf
O45 - LFCP:[MD5.114354F8480B4C733C3DD6841B5733AC] - 13/01/2014 - 20:41:25 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-9848A323.pf
O45 - LFCP:[MD5.F611A1D26C1B743E3AD96B4D4C70E919] - 13/01/2014 - 20:41:25 ---A- - C:\Windows\Prefetch\TODDMAIN.EXE-F23C8850.pf
O45 - LFCP:[MD5.4902074CBB65671C743A820B57E99000] - 13/01/2014 - 20:41:27 ---A- - C:\Windows\Prefetch\TOSWAITSRV.EXE-37C5DA09.pf
O45 - LFCP:[MD5.25C2CA38ED3320D5C87FC6FDEE23DAE3] - 13/01/2014 - 20:41:29 ---A- - C:\Windows\Prefetch\ISMAGENT.EXE-47E31896.pf
O45 - LFCP:[MD5.0CE042CD3516F4857FBDD004832AA1A7] - 13/01/2014 - 20:41:29 ---A- - C:\Windows\Prefetch\TCRDMAIN_WIN8.EXE-77E6C30D.pf
O45 - LFCP:[MD5.80E5B61C1BC32D797838930F907488DC] - 13/01/2014 - 20:41:34 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-00AD1665.pf
O45 - LFCP:[MD5.5DDE555C893D822755A902F5DA8FBA96] - 13/01/2014 - 20:41:34 ---A- - C:\Windows\Prefetch\TECORESIDENT.EXE-E27F516A.pf
O45 - LFCP:[MD5.9016273BD9D41022817EC340609F1D4D] - 13/01/2014 - 20:41:34 ---A- - C:\Windows\Prefetch\TOSSMARTVIEWLAUNCHER.EXE-33011BC8.pf
O45 - LFCP:[MD5.2D692B9563EE95BF164A0EA93E990AC9] - 13/01/2014 - 20:41:34 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-C7289479.pf
O45 - LFCP:[MD5.48568E197346D17410799B786D9C5560] - 13/01/2014 - 20:41:35 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-E874B0D0.pf
O45 - LFCP:[MD5.C71EFCF8F9C23434E543BEFB1D80FE76] - 13/01/2014 - 20:41:38 ---A- - C:\Windows\Prefetch\AVASTEMUPDATE.EXE-0DD1597D.pf
O45 - LFCP:[MD5.22CE01152D640587DC953D1660121F89] - 13/01/2014 - 20:41:40 ---A- - C:\Windows\Prefetch\CLISTART.EXE-02DB8E02.pf
O45 - LFCP:[MD5.BD33A8D5E1ABF84DA8AC7DE22E59EA65] - 13/01/2014 - 20:41:46 ---A- - C:\Windows\Prefetch\AVASTUI.EXE-DC11C262.pf
O45 - LFCP:[MD5.62D65F91B289851E1DAFCC8E60BC2B09] - 13/01/2014 - 20:41:53 ---A- - C:\Windows\Prefetch\CMD.EXE-2EB3E6E2.pf
O45 - LFCP:[MD5.137DE66437EF8F2500DD4457EF8BD057] - 13/01/2014 - 20:41:53 ---A- - C:\Windows\Prefetch\CONHOST.EXE-F98A1078.pf
O45 - LFCP:[MD5.B0624E4BE7523030C98DE57FDEF02861] - 13/01/2014 - 20:41:53 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-E9FF6526.pf
O45 - LFCP:[MD5.5053F93D2060154C38EFC1438C722C6E] - 13/01/2014 - 20:41:57 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-0C8A533A.pf
O45 - LFCP:[MD5.ADD392097BEB83F9A223C9146C6A9F4E] - 13/01/2014 - 20:41:58 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-7B160CA5.pf
O45 - LFCP:[MD5.C6E29478AC4A41DB177EAC758B5EFA50] - 13/01/2014 - 20:41:59 ---A- - C:\Windows\Prefetch\PV.EXE-D9D90B9C.pf
O45 - LFCP:[MD5.99C204015FC6E50A99D4A5955B6E2CCD] - 13/01/2014 - 20:42:10 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-D08B2113.pf
O45 - LFCP:[MD5.1B02ED0E9FEC99F35E1C392DA4820891] - 13/01/2014 - 20:42:31 ---A- - C:\Windows\Prefetch\AgCx_SC2.db
O45 - LFCP:[MD5.0B4148B8C0D8765429D57556AB1C7228] - 13/01/2014 - 20:43:09 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-985C34E6.pf
O45 - LFCP:[MD5.019A68CEFDA8A2CF20BA04A2C2E154F4] - 13/01/2014 - 20:43:16 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-0AD36442.pf
O45 - LFCP:[MD5.08825407613F5AD0D87DA9F18E8A6EAA] - 13/01/2014 - 20:43:16 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-10E4267C.pf
O45 - LFCP:[MD5.C49B5C40EE3B650E423E213CCC2864DD] - 13/01/2014 - 20:43:28 ---A- - C:\Windows\Prefetch\TPCHSRV.EXE-8E49E8E5.pf
O45 - LFCP:[MD5.DF3D3D9429BA1D5CF3CAB43B5D8BF34C] - 13/01/2014 - 20:43:28 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-BB49B536.pf
O45 - LFCP:[MD5.31AD21DDFE6984F761813369C7A89F10] - 13/01/2014 - 20:43:29 ---A- - C:\Windows\Prefetch\TPCHWMSG.EXE-C4A050F4.pf
O45 - LFCP:[MD5.59F577C2B0985502EAB84F03681AC7D1] - 31/12/2013 - 20:18:11 ---A- - C:\Windows\Prefetch\AgAppLaunch.db
O45 - LFCP:[MD5.4360D995B464E5C98571364CA28DD1C1] - 31/12/2013 - 20:19:17 ---A- - C:\Windows\Prefetch\ISAFESCAN.EXE-BEDBDBDC.pf  =>Trojan.Staser
O45 - LFCP:[MD5.6A432CF50E0C069FD7BA1151C0FAC2E1] - 31/12/2013 - 20:19:18 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-487A9CF7.pf
O45 - LFCP:[MD5.7CA6BF3857564667B10FB7F404D23E86] - 31/12/2013 - 20:19:18 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-F7C56AD3.pf
~ Prefetcher: 242 Scanned in 00mn 04s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableTaskMgr"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0
~ MWPS: 19 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=221
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRun"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoControlPanel"=0
~ MWPE Keys: 7 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.4F18D4C7EA14F11A7211F60D553C03DB] - 26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys   [106736]
O58 - SDL:[MD5.93C6388592B99925C1D1576E465BC80F] - 26/07/2012 - 06:00:49 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [492272]
O58 - SDL:[MD5.D27763E0247292654E7F7D16444C7C72] - 26/07/2012 - 06:00:48 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys   [340720]
O58 - SDL:[MD5.67B90070FF48F794AF19F9FCF0080D75] - 26/07/2012 - 06:00:49 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys   [184048]
O58 - SDL:[MD5.C0A486A51FDE02E22E8D5E5544479825] - 07/02/2013 - 16:45:32 ---A- . (.Advanced Micro Devices, INC. - AMD AS4 Driver.) -- C:\Windows\System32\Drivers\AmdAS4.sys   [17504]
O58 - SDL:[MD5.35A0EB5AECB0FA3C41A2FB514A562304] - 26/07/2012 - 06:00:49 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys   [76016]
O58 - SDL:[MD5.00452671904F5EE94B50BF0219C97164] - 26/07/2012 - 06:00:49 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys   [258288]
O58 - SDL:[MD5.EA3FFE53E92E59C87E3ECA9BEB20D9B7] - 26/07/2012 - 06:00:48 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys   [26352]
O58 - SDL:[MD5.22AB11BB2CDFA2C7F4575BC3CC96B38C] - 21/03/2013 - 20:21:00 ---A- . (.AppEx Networks Corporation - AppEx Accelerator LWF/WFP Driver L.E..) -- C:\Windows\System32\Drivers\appexDrv.sys   [217824]
O58 - SDL:[MD5.E933401B392387F4BE34DE8BAF1722A7] - 26/07/2012 - 06:00:49 ---A- . (.PMC-Sierra, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys   [104688]
O58 - SDL:[MD5.07CA323EF2E8247A568AB0F3662AD644] - 26/07/2012 - 06:00:48 ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys   [108272]
O58 - SDL:[MD5.79EB7B1733F0EA220C95335795C806EB] - 28/11/2013 - 21:45:45 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\System32\Drivers\aswFsBlk.sys   [38984]
O58 - SDL:[MD5.9FB1012D9EE3B9510FAA4C8D34DECD1C] - 28/11/2013 - 21:45:45 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys   [84328]
O58 - SDL:[MD5.679712B7A353EE665B9301592164A172] - 28/11/2013 - 21:45:44 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys   [92544]
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 28/11/2013 - 21:45:45 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys   [65776]
O58 - SDL:[MD5.DF97409EBD35C5A40AF5594806724F75] - 28/11/2013 - 21:45:45 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys   [1032416]
O58 - SDL:[MD5.79ADA401A6E2054F110E7FBDFAC71942] - 28/11/2013 - 21:48:53 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys   [409832]
O58 - SDL:[MD5.59787B95DD9CA44CB139D96863438587] - 28/11/2013 - 21:45:45 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys   [205320]
O58 - SDL:[MD5.5325911C42BCDA542CB1079E6BC98DCF] - 15/01/2013 - 18:11:30 ---A- . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\AtihdW86.sys   [94208]
O58 - SDL:[MD5.ABFA41E79C787CEF4985BFAE5FCE3BC3] - 12/03/2013 - 23:58:20 ---A- . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\Drivers\atikmdag.sys   [11644416]
O58 - SDL:[MD5.613E9491066C299B31E2AE7326527A6E] - 12/03/2013 - 21:34:16 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\Drivers\atikmpag.sys   [581120]
O58 - SDL:[MD5.A3DB7272B70485B1D470EB34F3B3576D] - 24/10/2013 - 03:30:18 ---A- . (.<Glarysoft Ltd> - The driver for the supercool driver-based tool.) -- C:\Windows\System32\Drivers\BootDefragDriver.sys   [16640]
O58 - SDL:[MD5.87AB5BB072A3F128541D5B815F82FFDD] - 20/09/2012 - 08:55:24 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys   [533224]
O58 - SDL:[MD5.83CAE42C2B02C593B300DF90639DB836] - 27/02/2013 - 06:58:58 ---A- . (.Conexant Systems Inc. - 64-bit High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\CHDRT64.sys   [1680992]
O58 - SDL:[MD5.5AB97B3282D7D6114949D1EB5C8598E4] - 20/09/2012 - 08:55:27 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys   [3265256]
O58 - SDL:[MD5.1CAC7DC83D77DB9FD9099E7D97B1329E] - 22/03/2013 - 10:06:30 ---A- . (.GenesysLogic - GeneStor.) -- C:\Windows\System32\Drivers\GeneStor.sys   [91368]
O58 - SDL:[MD5.64DB7A8D97CA53DCCF93D0A1E08342CF] - 26/07/2012 - 06:00:52 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys   [64752]
O58 - SDL:[MD5.5E394EBD26FD68AA9300332C46BEDD62] - 26/07/2012 - 06:00:52 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys   [411888]
O58 - SDL:[MD5.24847A06B84339FEEDE5CABF3D27D320] - 26/07/2012 - 06:00:52 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys   [45296]
O58 - SDL:[MD5.CAA8BC6737DFA3BF1A50175CFB226788] - 18/06/2010 - 23:36:04 ---A- . (.Siliten - Flex Define Keyboard Driver.) -- C:\Windows\System32\Drivers\InputFilter_FlexDef2b.sys   [17920]
O58 - SDL:[MD5.11DCE6A4A2211C6CA12ABB4346DFFD51] - 15/01/2013 - 15:43:58 ---A- . (.Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet Controlle.) -- C:\Windows\System32\Drivers\L1C63x64.sys   [119376]
O58 - SDL:[MD5.022CDD12161B063D7852B1075BF3FFF2] - 26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys   [108784]
O58 - SDL:[MD5.07AD59D669B996F29F91817F0ECFA34F] - 26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys   [92400]
O58 - SDL:[MD5.216FB796AA4E252ACCE93B1BCB80B5EC] - 26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys   [116976]
O58 - SDL:[MD5.5E80530AF37102488EE980B4A92AF99F] - 26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sss.sys   [81136]
O58 - SDL:[MD5.0BB97D43299910CBFBA59C461B99B910] - 04/04/2013 - 14:50:32 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys   [25928]
O58 - SDL:[MD5.9B0D829C3BE4E7472DB9DD2B79908E3C] - 26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys   [51952]
O58 - SDL:[MD5.ECC3F54C7AFC318271C4F0B4606D8DB0] - 26/07/2012 - 06:00:52 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys   [353008]
O58 - SDL:[MD5.3A1E095277BBD406CEA8EA6B76950664] - 26/07/2012 - 06:00:55 ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\Drivers\mvumis.sys   [64240]
O58 - SDL:[MD5.12DD2800E4EEA37DC9AE256AD62423B4] - 26/07/2012 - 06:00:55 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys   [52464]
O58 - SDL:[MD5.D6D34118263412D3AAA8348A9572B7F2] - 26/07/2012 - 06:00:55 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys   [150256]
O58 - SDL:[MD5.27AFC428D1D32ABD04A86763A4EDDEA9] - 26/07/2012 - 06:00:55 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys   [168176]
O58 - SDL:[MD5.3AC61DA79A01FFDE88925D772C9DE016] - 26/07/2012 - 18:40:00 ---A- . (.TOSHIBA - Generic IO & Memory Access.) -- C:\Windows\System32\Drivers\QIOMem.sys   [14000]
O58 - SDL:[MD5.4045C3F69F5FEF1186A76320E560F1CC] - 31/05/2012 - 16:49:12 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) -- C:\Windows\System32\Drivers\rtl8187B.sys   [458384]
O58 - SDL:[MD5.D3E9982A81BC534614D45057BD887388] - 02/05/2012 - 15:48:54 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8187S PCIE NDIS Driverr.) -- C:\Windows\System32\Drivers\rtl8187Se.sys   [450664]
O58 - SDL:[MD5.789C177A1529F0453C625C68A4EF2F00] - 20/06/2011 - 16:07:08 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL81892SE NDIS Driverr.) -- C:\Windows\System32\Drivers\rtl8192se.sys   [1225832]
O58 - SDL:[MD5.689E5A7993643E216CB553930990DE23] - 22/12/2010 - 15:24:00 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL819xP NDIS Driverr.) -- C:\Windows\System32\Drivers\rtl819xp.sys   [626792]
O58 - SDL:[MD5.4359F5FD63E0FB6F24ACD53D2869FFAC] - 12/03/2013 - 17:39:44 ---A- . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driverr.) -- C:\Windows\System32\Drivers\rtwlane.sys   [1544704]
O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 26/07/2012 - 09:11:43 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys   [23040]
O58 - SDL:[MD5.2560721D6F16D5B611C36A3A9D28C1B2] - 26/07/2012 - 06:00:55 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys   [44784]
O58 - SDL:[MD5.3AA8FDE1DBF65BB8B88B053529554A0D] - 26/07/2012 - 06:00:56 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys   [81648]
O58 - SDL:[MD5.4E85355B94CFCB67C135F6521A4895A7] - 26/07/2012 - 06:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys   [30960]
O58 - SDL:[MD5.A71E88AA4B92488A548A6492DA89B6B3] - 04/04/2013 - 21:56:56 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys   [495344]
O58 - SDL:[MD5.58480A57ACF2671C343FD1D4BA990E34] - 25/07/2012 - 00:54:00 ---A- . (.TOSHIBA Corporation. - TOSHIBA ODD Writing Driver for x64..) -- C:\Windows\System32\Drivers\tdcmdpst.sys   [31184]
O58 - SDL:[MD5.16E745743BABAF480B7718442F38B076] - 31/07/2012 - 20:28:54 ---A- . (.Windows (R) Win 7 DDK provider - Toshiba Hotkey Driver.) -- C:\Windows\System32\Drivers\Thotkey.sys   [28632]
O58 - SDL:[MD5.36391C3953D191A2AF4556D5D706C641] - 18/06/2012 - 18:30:56 ---A- . (.TOSHIBA Corporation - tos_sps64.) -- C:\Windows\System32\Drivers\tos_sps64.sys   [499096]
O58 - SDL:[MD5.55A9A23DD64EB7781FCAB565B028CD0E] - 21/07/2012 - 23:59:02 ---A- . (.TOSHIBA Corporation - TOSHIBA TVALZ Filter Driver.) -- C:\Windows\System32\Drivers\TVALZFL.sys   [16768]
O58 - SDL:[MD5.54BDBF3D4DED58DA78B702471C68D4CA] - 26/07/2012 - 00:34:42 ---A- . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Devi.) -- C:\Windows\System32\Drivers\TVALZ_O.SYS   [32832]
O58 - SDL:[MD5.504901430B6E03B99EBB6BF26E0868C6] - 29/08/2012 - 07:27:24 ---A- . (.Advanced Micro Devices - AMD USB Filter Driver.) -- C:\Windows\System32\Drivers\usbfilter.sys   [58536]
O58 - SDL:[MD5.F5B4A14B00E89250C50982AC762DDD1D] - 26/07/2012 - 06:00:58 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys   [19184]
O58 - SDL:[MD5.38A60CD9C009C55C6D3B5586F8E6A353] - 26/07/2012 - 06:00:58 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys   [164080]
O58 - SDL:[MD5.A0F6FE0FC2F647C22BBFD6BD4249DBCC] - 26/07/2012 - 06:00:58 ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\Drivers\VSTXRAID.SYS   [322800]
~ Drivers: 19 Scanned in 00mn 04s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 10/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\2000038e_3dea6d35f477ae.eml   [24708]  =>.Microsoft Corporation
O61 - LFC: 10/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\2000038f_f600d1219913af.eml   [78040]  =>.Microsoft Corporation
O61 - LFC: 10/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000390_a44af5d195c83a.eml   [97030]  =>.Microsoft Corporation
O61 - LFC: 10/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000391_d52d26801624d7.eml   [42869]  =>.Microsoft Corporation
O61 - LFC: 10/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000392_91993b46f064e0.eml   [90746]  =>.Microsoft Corporation
O61 - LFC: 10/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000393_e9c9ea1335b69f.eml   [88972]  =>.Microsoft Corporation
O61 - LFC: 10/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000394_a7a4aee4cc0337.eml   [38755]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:34 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\Settings\settings.dat   [262144]
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000395_9b4a9816ea3e1.eml   [45613]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000396_ba996bb41f90b5.eml   [95857]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000397_b09d7261f9acf1.eml   [43364]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000398_d5650e179f94e0.eml   [121719]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000399_4aec3042f8952a.eml   [21585]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\2000039a_1f212c56a1318b.eml   [12255]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\2000039b_f5298f785d2e51.eml   [9356]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\2000039c_b0b112cbad9950.eml   [22906]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\2000039d_2775b674d6cb.eml   [35349]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\2000039e_4b0e62fd81a1d.eml   [32307]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\2000039f_ca5159584a4539.eml   [90850]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003a0_717dba043ee18.eml   [44389]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003a1_2e3b29ec21af8.eml   [85900]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003a2_3d49f2ac1c97ed.eml   [22699]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003a3_df6e8b2efe4b5d.eml   [107818]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003a4_d60f037b86734f.eml   [20674]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003a5_f09806ae46cc56.eml   [2353]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003a6_7b016d3de79051.eml   [43852]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003a7_bb8eea2d905f91.eml   [121716]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003a8_d0da4580f7e1b2.eml   [73681]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003a9_fe5520fd4c7fe2.eml   [102572]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003aa_196f88a68a766f.eml   [21334]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003ab_6b5e5168ce1a11.eml   [3847]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003ac_ba45121375f7cb.eml   [19732]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003ad_c111c91b137011.eml   [8671]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003ae_173ff67150c51b.eml   [10345]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:43 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\ad226b6f8088153b\120712-0049\UserTiles\d52e95b4bd4dba   [14055]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:43 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Microsoft.WindowsLive.People.etl   [393216]  =>.Microsoft Corporation
O61 - LFC: 11/01/2014 - 20:44:47 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Temp\74788_14351\crl-set   [1835]
O61 - LFC: 11/01/2014 - 20:44:47 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Temp\74788_14351\manifest.fingerprint   [12]
O61 - LFC: 11/01/2014 - 20:44:47 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Temp\74788_14351\manifest.json   [34]
O61 - LFC: 11/01/2014 - 20:44:48 ---A- . (...) -- C:\Users\vanvan\AppData\Roaming\Glarysoft\Glary Utilities 3\Backups\41650.825925925928   [3738]
O61 - LFC: 11/01/2014 - 20:44:48 ---A- . (...) -- C:\Users\vanvan\AppData\Roaming\Glarysoft\Glary Utilities 3\Backups\41650.825937499998   [0]
O61 - LFC: 11/01/2014 - 20:44:48 ---A- . (...) -- C:\Users\vanvan\AppData\Roaming\Glarysoft\Glary Utilities 3\Backups\41650.825949074075   [8405]
O61 - LFC: 11/01/2014 - 20:44:53 ---A- . (...) -- C:\Users\vanvan\Downloads\FW-3-0-16938-FR.exe   [598004]
O61 - LFC: 12/01/2014 - 20:44:29 ---A- . (...) -- C:\Users\vanvan\AppData\Local\ATI\ACE\Manifest.Bin   [28362]
O61 - LFC: 12/01/2014 - 20:44:29 ---A- . (...) -- C:\Users\vanvan\AppData\Local\ATI\ACE\Manifest.xml   [20471]
O61 - LFC: 12/01/2014 - 20:44:29 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Archived History   [57344]
O61 - LFC: 12/01/2014 - 20:44:29 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Archived History-journal   [512]
O61 - LFC: 12/01/2014 - 20:44:29 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old   [148]
O61 - LFC: 12/01/2014 - 20:44:29 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2   [1056768]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_3   [8192]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\GPUCache\index   [262512]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Last Session   [14113]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Last Tabs   [12532]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-devtools_devtools_0.localstorage   [3072]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-devtools_devtools_0.localstorage-journal   [3608]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.dailymotion.com_0.localstorage   [3072]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.dailymotion.com_0.localstorage-journal   [3608]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage   [3072]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage-journal   [3608]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs   [26624]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs-journal   [4640]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\NGAGRX4Y\adventori.com\cookie.sol   [94]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\NGAGRX4Y\macromedia.com\support\flashplayer\sys\#adventori.com\settings.sol   [83]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\NGAGRX4Y\macromedia.com\support\flashplayer\sys\#madevid.com\settings.sol   [81]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\NGAGRX4Y\macromedia.com\support\flashplayer\sys\#rutube.ru\settings.sol   [79]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\NGAGRX4Y\macromedia.com\support\flashplayer\sys\#youwatch.org\settings.sol   [82]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\NGAGRX4Y\macromedia.com\support\flashplayer\sys\settings.sol   [439]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\NGAGRX4Y\rutube.ru\rutube.cookies.sol   [57]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\NGAGRX4Y\youwatch.org\com.jeroenwijering.sol   [54]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old   [271]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Top Sites   [20480]
O61 - LFC: 12/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal   [12824]
O61 - LFC: 12/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003f3_9a384d3bfec4db.eml   [16604]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003f4_cf7acebc451cdf.eml   [15987]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003f5_62564f99b704f5.eml   [28377]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003f6_fbf16ccc9117d.eml   [41149]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003f7_6a61b1e21fcbea.eml   [28488]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003f8_5d7d288829b834.eml   [93390]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003f9_d97dc80a751b4d.eml   [41291]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003fa_ce985eb57e3bf5.eml   [88810]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003fb_b70acdd571552.eml   [29369]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003fc_29c789ed57b837.eml   [58686]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:40 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003fd_16444bbb2d6759.eml   [43884]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003fe_5b9049aeb8befc.eml   [58608]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200003ff_754e79cf66c47.eml   [121249]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000400_ae8b37079929af.eml   [1992]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000400_bf5bdefa9a3ac.eml   [1992]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000401_28a2d45c54987.eml   [21302]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000401_5a8b92106c9c54.eml   [21302]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000402_bb2b1635d5664b.eml   [46524]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000402_fd82091e607ed4.eml   [46524]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000403_f06e135cf026f4.eml   [18926]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000404_b550e8de5cf1b3.eml   [1980]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000405_f3903dd2ea9232.eml   [29448]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000458_69713539e2ed15.eml   [2519]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000459_a6045df4cd47a9.eml   [1474]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\2000045a_1817fdedba899.eml   [17987]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\2000045b_22e3183ccd7a45.eml   [790]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\2000045c_8f091212c8eaef.eml   [786]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200004bd_1f2c8c6d9157d1.eml   [805]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\ad226b6f8088153b\120712-0049\People\SupPayload.xml   [816]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:42 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\ad226b6f8088153b\120712-0049\UserTiles\5f1c843011b265   [6370]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:43 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Microsoft.WindowsLive.Chat.etl   [655360]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:43 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Microsoft.WindowsLive.Mail.etl   [2752512]  =>.Microsoft Corporation
O61 - LFC: 12/01/2014 - 20:44:47 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Temp\11716_6148\crl-set   [757]
O61 - LFC: 12/01/2014 - 20:44:47 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Temp\11716_6148\manifest.fingerprint   [12]
O61 - LFC: 12/01/2014 - 20:44:47 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Temp\11716_6148\manifest.json   [34]
O61 - LFC: 12/01/2014 - 20:44:47 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Temp\qtsingleapp-FFDCAB-be4b-1-lockfile   [0]
O61 - LFC: 12/01/2014 - 20:44:47 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Temp\wmplog00.sqm   [2572]
O61 - LFC: 12/01/2014 - 20:44:51 ---A- . (...) -- C:\Users\vanvan\AppData\Roaming\ZHP\ZHPADSReport.txt   [351]  =>.Nicolas Coolman
O61 - LFC: 12/01/2014 - 20:44:51 ---A- . (...) -- C:\Users\vanvan\AppData\Roaming\ZHP\ZHPDiag.txt   [221115]  =>.Nicolas Coolman
O61 - LFC: 12/01/2014 - 20:44:51 ---A- . (...) -- C:\Users\vanvan\daemonprocess.txt   [15547]
O61 - LFC: 12/01/2014 - 20:44:52 ---A- . (...) -- C:\Users\vanvan\Downloads\adwcleaner.exe   [1236282]
O61 - LFC: 12/01/2014 - 20:44:53 ---A- . (.Malwarebytes Corporation.) -- C:\Users\vanvan\Downloads\mbam-setup-1.75.0.1300.exe   [10285040]
O61 - LFC: 13/01/2014 - 20:44:29 ---A- . (...) -- C:\Users\vanvan\AppData\Local\ATI\ACE\Profiles.xml   [18575]
O61 - LFC: 13/01/2014 - 20:44:29 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists   [267458]
O61 - LFC: 13/01/2014 - 20:44:29 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Cookies   [653312]
O61 - LFC: 13/01/2014 - 20:44:29 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal   [16384]
O61 - LFC: 13/01/2014 - 20:44:29 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Current Session   [112624]
O61 - LFC: 13/01/2014 - 20:44:29 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Current Tabs   [50687]
O61 - LFC: 13/01/2014 - 20:44:29 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT   [16]
O61 - LFC: 13/01/2014 - 20:44:29 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG   [148]
O61 - LFC: 13/01/2014 - 20:44:29 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000495   [521]
O61 - LFC: 13/01/2014 - 20:44:29 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Favicons   [980992]
O61 - LFC: 13/01/2014 - 20:44:29 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal   [16384]
O61 - LFC: 13/01/2014 - 20:44:29 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0   [45056]
O61 - LFC: 13/01/2014 - 20:44:29 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1   [270336]
O61 - LFC: 13/01/2014 - 20:44:29 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt   [4]
O61 - LFC: 13/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\History   [790528]
O61 - LFC: 13/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache   [54100]
O61 - LFC: 13/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\History-journal   [16384]
O61 - LFC: 13/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor   [52224]
O61 - LFC: 13/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal   [16384]
O61 - LFC: 13/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Preferences   [65437]
O61 - LFC: 13/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000829.ldb   [147]
O61 - LFC: 13/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT   [16]
O61 - LFC: 13/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG   [779]
O61 - LFC: 13/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000826   [404]  =>.Google Inc
O61 - LFC: 13/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Shortcuts   [24576]
O61 - LFC: 13/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal   [12824]
O61 - LFC: 13/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity   [1924]
O61 - LFC: 13/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Visited Links   [131072]
O61 - LFC: 13/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Web Data   [182272]
O61 - LFC: 13/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal   [14904]
O61 - LFC: 13/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Local State   [50469]
O61 - LFC: 13/01/2014 - 20:44:30 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\en-US-3-0.bdic   [440949]
O61 - LFC: 13/01/2014 - 20:44:31 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom   [8008064]
O61 - LFC: 13/01/2014 - 20:44:31 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set   [1451278]
O61 - LFC: 13/01/2014 - 20:44:31 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies   [6144]
O61 - LFC: 13/01/2014 - 20:44:31 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal   [2576]
O61 - LFC: 13/01/2014 - 20:44:31 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist   [135496]
O61 - LFC: 13/01/2014 - 20:44:31 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Safe Browsing Download   [936924]
O61 - LFC: 13/01/2014 - 20:44:31 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist   [19504]
O61 - LFC: 13/01/2014 - 20:44:31 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist   [6928]
O61 - LFC: 13/01/2014 - 20:44:31 --HA- . (...) -- C:\Users\vanvan\AppData\Local\IconCache.db   [119410]
O61 - LFC: 13/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200004be_b15f1e5794104b.eml   [20752]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200004bf_35babbed83ce78.eml   [87840]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200004c0_f6eb995be15559.eml   [90744]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200004c1_8716daf11bc8a5.eml   [30654]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200004c2_3c20179ac1353c.eml   [30235]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200004c3_4ea39c418b2fad.eml   [30893]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200004c4_f673c17bf44917.eml   [60699]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200004c5_fb540ba9678294.eml   [14979]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200004c6_79ea076be3ef66.eml   [26689]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200004c7_916b0faf89181e.eml   [10800]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200004c8_a973452b5798d3.eml   [43344]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\200004c9_8205a152ba2818.eml   [871]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000522_1f63afdf823d7f.eml   [24763]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000523_7423193b61eea.eml   [14033]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000524_175d973d4f5aed.eml   [12683]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000525_5dbfb388a1d8f5.eml   [3790]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000526_f8f01bd739c8b.eml   [24323]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\ad226b6f8088153b\120712-0049\Mail\19\1d00001b\20000527_1d2cbd54c4c55c.eml   [129263]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:41 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\ad226b6f8088153b\120712-0049\DBStore\edb.chk   [8192]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:43 ----- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm.etl   [0]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:43 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveCommLast.etl   [1441792]  =>.Microsoft Corporation
O61 - LFC: 13/01/2014 - 20:44:47 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Temp\4172_10110\crl-set   [686]
O61 - LFC: 13/01/2014 - 20:44:47 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Temp\4172_10110\manifest.fingerprint   [12]
O61 - LFC: 13/01/2014 - 20:44:47 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Temp\4172_10110\manifest.json   [34]
O61 - LFC: 13/01/2014 - 20:44:47 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Temp\~gu3-ver.dat   [106]
O61 - LFC: 13/01/2014 - 20:44:47 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Temp\~upgrade.dat   [1094]
O61 - LFC: 13/01/2014 - 20:44:47 ---A- . (...) -- C:\Users\vanvan\AppData\Local\Toshiba\PCDiag\log.txt   [85]
O61 - LFC: 13/01/2014 - 20:44:48 ---A- . (...) -- C:\Users\vanvan\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2014-01-12 (23-37-01).txt   [7516]
O61 - LFC: 13/01/2014 - 20:44:51 ---A- . (...) -- C:\Users\vanvan\AppData\Roaming\ZHP\Log.txt   [104800]  =>.Nicolas Coolman
O61 - LFC: 13/01/2014 - 20:44:51 ---A- . (...) -- C:\Users\vanvan\AppData\Roaming\ZHP\TestsZHPDiag.txt   [2852]  =>.Nicolas Coolman
~ 13 Fichiers temporaires (Temporary files)
~ Files: 185 Scanned in 00mn 26s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- c:\program files (x86)\google\chrome\application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\program files\internet explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [190976]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [149504]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [149504]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [309248]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [1366016]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [1160192]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [99840]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll   [358400]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [107520]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [62976]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [438784]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [305664]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [3279872]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [826368]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [565760]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [894464]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [151552]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [105472]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [1285632]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [219648]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [80896]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [209920]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [291328]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [190976]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll   [1964544]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [47104]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll   [207872]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll   [161792]
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll   [180224]

~ Services: 34 Scanned in 00mn 01s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.6D09D7018421739690B8C57AF7761AAF] [SPRF][13/01/2014] (...) -- C:\Users\vanvan\AppData\Local\Temp\~gu3-ver.dat   [106]
[MD5.7902EF8D44D57F0608E52FAA0528610F] [SPRF][13/01/2014] (...) -- C:\Users\vanvan\AppData\Local\Temp\~upgrade.dat   [1094]
[MD5.D886D5C5F401DCCFD4CF9FC1EC5BE4BE] [SPRF][06/11/2013] (...) -- C:\Users\vanvan\Desktop\gu3setup.exe   [13763848]
~ Files: 3 Scanned in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "vm-monitoring-rpc" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "vm-monitoring-dcom" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe
O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Netlogon-TCP-RPC-In" | In - None - P6 - FALSE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "ProximityUxHost-Sharing-In-TCP-NoScope" | In - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe
O87 - FAEL: "ProximityUxHost-Sharing-Out-TCP-NoScope" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-DAS-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-DAS-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PlayTo-In-UDP-NoScope" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-UDP-LocalSubnetScope" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-NoScope" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-LocalSubnetScope" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-NoScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-LocalSubnetScope" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-SSDP-Discovery-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PlayTo-QWave-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PlayTo-QWave-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PlayTo-QWave-In-TCP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PlayTo-QWave-Out-TCP-PlayToScope" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "TPMVSCMGR-Server-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-Server-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "TPMVSCMGR-Server-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-Server-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" |In - None - P6 - TRUE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-In-TCP" |In - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-TERMSRV-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-Prov-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcx2prov.exe (.not file.)
O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-McrMgr-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcrmgr.exe (.not file.)
O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "{D44B4255-D310-457F-B60D-9562C978A6A3}" | In - None - P6 - TRUE | .(.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
O87 - FAEL: "{6C050A42-3EF1-4DBC-B274-3CCCC21E83BF}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spotify\spotify.exe (.not file.)
O87 - FAEL: "{1B0B4533-54F4-4367-86C5-7951C40E4232}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Spotify\spotify.exe (.not file.)
O87 - FAEL: "{B95FBD44-3C36-4C3B-B1CE-4A7BF2F7B7CB}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (.not file.)
O87 - FAEL: "{DBBA0F10-5599-482C-ACF7-46ECB2769EC5}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (.not file.)
O87 - FAEL: "{C0894DD7-38FD-44EC-99E9-973EA4A2DF34}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe (.not file.)
O87 - FAEL: "{B68F90BB-E399-495B-87EA-7D1EB8E2FCBE}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe (.not file.)
O87 - FAEL: "{F709B448-21B3-4A25-8E90-86504EF942C4}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{923437C5-01EC-48B5-96B0-DF6985AEA30B}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{4868C99C-D13D-4AD2-84FF-0EF3E613F5A3}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "{E05CE43D-F9AE-4213-88AD-160E64C73ECA}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{0B06935A-6A2D-4BF4-BB19-14F104F3AA2E}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{F6BB3CEE-0826-4700-9FD5-39067FE6A9B1}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{2E8C3A23-3220-47B4-9C3D-17094F03E673}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{F9F61BBC-7DF4-4C03-B655-C9E3709F2FE3}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "{BA426DAA-A1DA-4244-934F-BC4429262B4D}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "{4A44D496-10FB-47A2-BFD4-4663DBE5216C}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "{9CA72D26-1133-4F36-903F-9BF8BFBBB295}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "{291220E9-3F3E-48A3-A4EB-89BE015A22C7}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{F50197A9-9ECA-4DFA-B9EA-3C3D88AD759D}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{816A7FA0-55CF-4F57-911A-6ECCE39F7DFA}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{0E5E11FF-89C1-4355-A97F-6EF42AFE1E02}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{5724045B-938D-400C-A238-D5B443BAEEA9}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{A2B02EA1-E441-4D2D-B9C8-6F79E09941A5}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{C5472340-0F60-4312-B150-621B6BE8773B}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{70E0A671-19BD-4114-9C8A-E666CCC8E698}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{9CC625DB-D1B5-4ABA-B22A-1C726FC9B299}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{869C4CDB-194C-46C4-96BB-11A685034DEC}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\vanvan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe  =>.Microsoft Corporation
O87 - FAEL: "{2BC9BCC5-5E96-41CE-AC14-3BD08490E9B1}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe (.not file.)
O87 - FAEL: "{0103928C-0521-4DE9-B9AE-518E713E9D20}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe (.not file.)
O87 - FAEL: "{695AEDF6-F443-4C58-9E6A-B6FF3EFECA15}" | In - Domain - P6 - TRUE | .(...) -- C:\PVSW\Bin\w3dbsmgr.exe
O87 - FAEL: "{F31B6B99-B3BC-4074-9493-E29C11303A2C}" | In - Domain - P17 - TRUE | .(...) -- C:\PVSW\Bin\w3dbsmgr.exe
O87 - FAEL: "{86372D6F-DA2F-4774-BB1F-61C8AE8CF1AB}" | In - Private - P6 - TRUE | .(...) -- C:\PVSW\Bin\w3dbsmgr.exe
O87 - FAEL: "{3165D91A-493E-4A83-B93F-A29CFC7B5F2C}" | In - Private - P17 - TRUE | .(...) -- C:\PVSW\Bin\w3dbsmgr.exe
O87 - FAEL: "{6C1F27C7-7D79-4D82-B946-2F885E242575}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
O87 - FAEL: "{F9C74B28-744E-447D-B00D-9A722B8ACC46}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Microsoft SharePoint Workspace.) -- C:\Program Files\Microsoft Office\Office14\GROOVE.exe
O87 - FAEL: "{95666A0F-E2E0-4E22-97EA-5EE5D376BC8C}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft SharePoint Workspace.) -- C:\Program Files\Microsoft Office\Office14\GROOVE.exe
O87 - FAEL: "{90A18D41-CB81-4416-8C1A-4C9B044E57DC}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files\Microsoft Office\Office14\ONENOTE.exe  =>.Microsoft Corporation
O87 - FAEL: "{BF0E19CA-8840-47AC-A481-9F1B351718DA}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files\Microsoft Office\Office14\ONENOTE.exe  =>.Microsoft Corporation
O87 - FAEL: "{21BD7286-B67B-43EA-A4B7-3C13AEA99873}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files\Microsoft Office\Office14\outlook.exe
~ Firewall: 244 Scanned in 00mn 04s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "09A26561CB170A148B099DB1C0621702" . (.TOSHIBA Function Key.) -- C:\windows\Installer\{16562A90-71BC-41A0-B890-D91B0C267120}\ARPPRODUCTICON.exe
O90 - PUC: "0FCACC59D0100F5428FB5868348DCB20" . (.TOSHIBA Desktop Assist.) -- C:\Windows\Installer\{95CCACF0-010D-45F0-82BF-858643D8BC02}\ARPPRODUCTICON.exe
O90 - PUC: "1A69A6E1BAB2FE340878033457396CC6" . (.TOSHIBA System Driver.) -- C:\windows\Installer\{1E6A96A1-2BAB-43EF-8087-30437593C66C}\ARPPRODUCTICON.exe
O90 - PUC: "3EE2997EEB9CD132E0DAA83C2031E43B" . (.AMD Start Now.) -- C:\windows\Installer\{E7992EE3-C9BE-231D-0EAD-8AC302134EB3}\ARPPRODUCTICON.exe
O90 - PUC: "41F9166B667F0004CBA825D2C44C4EF4" . (.TOSHIBA Display Utility.) -- C:\windows\Installer\{B6619F14-F766-4000-BC8A-522D4CC4E44F}\ARPPRODUCTICON.exe
O90 - PUC: "498E99468F34B854EA5327F47423CBED" . (.TOSHIBA Service Station.) -- C:\windows\Installer\{6499E894-43F8-458B-AE35-724F4732BCDE}\Main.ico  =>.Toshiba Corporation
O90 - PUC: "4D9B4495A2C3ED8439E1623B71412A7F" . (.TOSHIBA eco Utility.) -- C:\windows\Installer\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}\ARPPRODUCTICON.exe  =>.Toshiba Corporation
O90 - PUC: "72955A50B9BD62E4AB4428E8FB8F920F" . (.TOSHIBA System Settings.) -- C:\windows\Installer\{05A55927-DB9B-4E26-BA44-828EBFF829F0}\ARPPRODUCTICON.exe
O90 - PUC: "77283D42E6EC21E42AEE4F86234AAFF2" . (.Catalyst Control Center - Branding.) -- C:\windows\Installer\{24D38277-CE6E-4E12-A2EE-F46832A4FA2F}\ARPPRODUCTICON.exe
O90 - PUC: "8DBFFA6A600DF76915FA10020F620108" . (.AMD Accelerated Video Transcoding.) -- C:\windows\Installer\{A6AFFBD8-D006-967F-51AF-0120F0261080}\ARPPRODUCTICON.exe
O90 - PUC: "9F0DCED98E3D0B843A09C10FF9453E4A" . (.TOSHIBA PC Health Monitor.) -- C:\windows\Installer\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}\ARPPRODUCTICON.exe
O90 - PUC: "A74E08809CAB4F8E93C9A3B0DC27B3AE" . (.ccc-utility64.) -- C:\windows\Installer\{0880E47A-BAC9-E8F4-399C-3A0BCD723BEA}\ARPPRODUCTICON.exe
O90 - PUC: "AF390C5275EA3A0531C1680E716DE48B" . (.Catalyst Control Center Graphics Previews Common.) -- C:\windows\Installer\{25C093FA-AE57-50A3-131C-86E017D64EB8}\ARPPRODUCTICON.exe
O90 - PUC: "B889B13937905FD03C7B7592533DD4DC" . (.AMD Catalyst Install Manager.) -- C:\windows\Installer\{931B988B-0973-0DF5-C3B7-572935D34DCD}\ARPPRODUCTICON.exe
O90 - PUC: "BB86BB6239FC21A4CBD63A6B5FA38C9D" . (.TOSHIBA Password Utility.) -- C:\Windows\Installer\{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}\ARPPRODUCTICON.exe
O90 - PUC: "C87CFCF5A834D4F42B663EB24886ABCF" . (.Pervasive.SQL V8 Workgroup (v8.6).) -- C:\windows\Installer\{5FCFC78C-438A-4F4D-B266-E32B8468BAFC}\ARPPRODUCTICON.exe
O90 - PUC: "CB9AAF7A3B4C5C600F0113D892937F65" . (.AMD VISION Engine Control Center.) -- C:\windows\Installer\{A7FAA9BC-C4B3-06C5-F010-318D2939F756}\ARPPRODUCTICON.exe
O90 - PUC: "CFF8BE8F535C1A948AD4CC57BCD2A6AD" . (.DTS Sound.) -- C:\windows\Installer\{F8EB8FFC-C535-49A1-A84D-CC75CB2D6ADA}\ARPPRODUCTICON.exe
O90 - PUC: "E146BF6D469B77A3B2C7A5706A0C9EE5" . (.Catalyst Control Center InstallProxy.) -- C:\windows\Installer\{D6FB641E-B964-3A77-2B7C-5A07A6C0E95E}\ARPPRODUCTICON.exe
O90 - PUC: "E40670FF068C9E042A033EF74AF101A3" . (.TOSHIBA VIDEO PLAYER.) -- C:\windows\Installer\{FF07604E-C860-40E9-A230-E37FA41F103A}\ARPPRODUCTICON.exe
O90 - PUC: "E9172B098D6E2E4E7C110BC6BA95C4C9" . (.Catalyst Control Center Localization All.) -- C:\windows\Installer\{90B2719E-E6D8-E4E2-C711-B06CAB594C9C}\ARPPRODUCTICON.exe
~ Update Products: 81 Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.56136281D2441E213380AA902F5B3566] [WIS][01/02/2007] (.Pervasive Software - WGE msi project.) -- C:\Windows\Installer\4ae7614.msi   [29354496]
[MD5.FDCD54807C623FDF85EAF401B489DFFE] [WIS][08/08/2013] (.DTS, Inc. - DTS Premium Sound.) -- C:\Windows\Installer\5847e.msi   [7396352]
[MD5.A1112F970B3875166E69D640D1E1DAD2] [WIS][22/10/2013] (.EBP AH - Compta Flash 2008.) -- C:\Windows\Installer\5854d25.msi   [338944]
[MD5.9C45BA7493231F4CB8A8E458CD2323A6] [WIS][22/10/2013] (.EBP-AH - Installation légère de Pervasive.) -- C:\Windows\Installer\5854d29.msi   [300544]
~ WIS: 80 Scanned in 00mn 15s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/10/2010 206072 |  (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Demand 17/10/2013 116648 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 17/10/2013 116648 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 03/04/2005 69632 |  (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 04/01/2013 116240 |  (TemproMonitoringService) . (.Toshiba Europe GmbH.) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe  =>.Toshiba Corporation
SS - | Demand 19/03/2013 53864 |  (TMachInfo) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe  =>.Toshiba Corporation
SS - | Disabled 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation

SR - | Auto 13/03/2013 103424 |  (AdaptiveSleepService) . (...) - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
SR - | Auto 12/03/2013 241152 |  (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 28/11/2013 50344 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 12/12/2012 205560 |  (CxAudMsg) . (.Conexant Systems Inc..) - C:\windows\system32\CxAudMsg64.exe
SR - | Auto 15/04/2013 16720 |  (dts_apo_service) . (...) - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
SR - | Auto 07/12/2006 32768 |  (EBP Pervasive.SQL) . (...) - C:\PVSW\Bin\WGE_SRV.exe
SR - | Auto 07/12/2006 32768 |  (Pervasive.SQL Workgroup) . (...) - C:\PVSW\bin\WGE_SRV.exe
SR - | Auto 28/07/2009 140632 |  (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe
SR - | Auto 04/03/2013 324448 |  (TOSHIBA eco Utility Service) . (.Toshiba Corporation.) - C:\Program Files\Toshiba\Teco\TecoService.exe  =>.Toshiba Corporation
SR - | Demand 29/03/2013 447840 |  (TPCHSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
SR - | Demand 10/07/1658 0 |  (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services:  Scanned in 00mn 18s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by vanvan at 13/01/2014 20:46:46
~ OS 64 not supported by MBR tool

~ MBR: 0 Scanned in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by vanvan at 13/01/2014 20:46:48

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR:  Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13013 - (29/12/2013)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 4
Fichiers trouvés  (Files found) : 0

[HKLM\Software\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp]   =>PUP.Wajam^
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\TBSBrowser.exe]   =>Toolbar.Agent
C:\Users\vanvan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp   =>PUP.Wajam^
C:\Program Files (x86)\Discount Dragon   =>PUP.DiscountDragon^
C:\Program Files (x86)\eBay   =>Toolbar.eBay^
C:\Users\vanvan\AppData\Local\Discount Dragon   =>PUP.DiscountDragon^
~ Additionnel Scan: 201735 Items scanned in 01mn 03s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27379491-toolbar-wajam   =>PUP.Wajam
~ http://nicolascoolman.webs.com/apps/blog/show/27480243-adware-socialskinz   =>Adware.SocialSkinz
~ http://nicolascoolman.webs.com/apps/blog/show/32771797-trojan-staser   =>Trojan.Staser
~ MSI: 3 link(s) detected in 01mn 04s



End of the scan (1741 lines in 06mn 20s)(0)