~ Rapport de ZHPDiag v2013.10.2.3 - Nicolas Coolman (02/10/2013) ~ Lancé par marie (02/10/2013 21:16:50) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): ---\\ Navigateurs Internet MSIE: Internet Explorer v10.0.9200.16688 MFIE: Mozilla Firefox 24.0 (Defaut) GCIE: Google Chrome v29.0.1547.76 OPIE: Opera vStable 16.0.1196.73 ---\\ Informations sur les produits Windows ~ Langage: Français Windows 8 Home Premium Edition, 64-bit (Build 9200) Windows Server License Manager Script : OK Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système Norton Internet Security v20.4.0.40 Windows Defender W8 ---\\ Logiciels d'optimisation du système CCleaner v4.05 =>Piriform Ltd ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 11 Plugin ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel ~ Operating System: 64 Bits Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot) Total RAM: 3988 MB (76% free) System Restore: Activé (Enable) System drive C: has 377 GB (85%) free of 442 GB ---\\ Mode de connexion au système ~ Computer Name: PC-MARIE ~ User Name: marie ~ All Users Names: marie, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\marie\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\marie\AppData\Roaming\ ~ %Desktop% : C:\Users\marie\Desktop\ ~ %Favorites% : C:\Users\marie\Favorites\ ~ %LocalAppData% : C:\Users\marie\AppData\Local\ ~ %StartMenu% : C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 377 Go of 442 Go) D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 23 Go) E: CD-ROM drive (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 29 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280] [MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608] [MD5.6DBE239FF1C9650A794C974B8C7913D7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/08/2013 - 05:12:06.) -- C:\Windows\System32\wininet.dll [2241024] [MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.23/03/2013 - 22:51:31.) -- C:\Windows\System32\Winlogon.exe [517120] [MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408] [MD5.36D6A3201721558A8AFBCC09C2DA4C2C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.23/03/2013 - 22:57:21.) -- C:\Windows\system32\Drivers\AFD.sys [560640] [MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840] [MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544] [MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080] [MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784] [MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.23/03/2013 - 22:36:48.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168] [MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640] [MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920] [MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688] [MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776] [MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544] [MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984] [MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928] [MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712] [MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248] [MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/1634 ~ Mes Videos (My Videos) : 1/7 ~ Mes Favoris (My Favorites) : 1/7 ~ Mes Documents (My Documents) : 1/6 ~ Mon Bureau (My Desktop) : 1/6 ~ Menu demarrer (Programs) : 1/71 ~ Hidden Files: Scanned in 00mn 00s ---\\ Processus lancés [MD5.61484FC1984AE69B4F4E300135C2330F] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8034304] [PID.1728] ~ Processes Running: Scanned in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Preferences G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com ~ Google Browser: 1 Scanned in 00mn 02s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\marie\AppData\Roaming\Mozilla\Firefox\Profiles\w41zx5gs.default\prefs.js M2 - MFEP: prefs.js [marie - w41zx5gs.default\jid1-FCM5fDwCW5M3AQ@jetpack] [] Smart Display v1.2 (..) =>Spyware.SmartDisplay P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ~ Firefox Browser: 2 Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: SearchHook Class [64Bits] - {D8278076-BC68-4484-9233-6E7F1628B56C} . (...) (No version) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll ~ IE Browser: 12 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Ask Toolbar BHO [64Bits] - {42435041-332D-5637-00A7-7A786E7484D7} . (...) -- "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\BCPA3-V7\Passport.dll" (.not file.) =>Toolbar.Ask O2 - BHO: Norton Identity Protection [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection [64Bits] - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.dll O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google O2 - BHO: HP Network Check Helper [64Bits] - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} . (.Hewlett-Packard - HP Network Check IE Plug-in.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll ~ BHO: 6 Scanned in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{42435041-332D-5637-00A7-7A786E7484D7} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>Piriform Ltd O4 - GS\Desktop [Public]: e-Carte Bleue Société Générale.lnk . (.Orbiscom Ltd. All rights reserved. - ECBL Client.) -- C:\Program Files (x86)\e-Carte Bleue Société Générale\ecbl-sg.exe O4 - GS\Desktop [Public]: Encore plus de jeux.lnk - Clé orpheline O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\Desktop [Public]: HP Connected Music.lnk . (.Meridian Audio Ltd - HP Connected Music.) -- C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe O4 - GS\Desktop [Public]: HP Games.lnk . (.WildTangent - WildTangent Games App.) -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe O4 - GS\Desktop [Public]: HP Quick Start.lnk . (.Hewlett-Packard - HP Quick Start.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Start\HPQuickstart.exe O4 - GS\Desktop [Public]: IncrediMail.lnk . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe O4 - GS\Desktop [Public]: Jeux.lnk . (...) -- C:\Program Files (x86)\bfgclient\bfgclient.exe O4 - GS\Desktop [Public]: Jouer à Adelantado Trilogy - Book One.lnk . (...) -- C:\Program Files (x86)\Adelantado Trilogy - Book One\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Age of Adventure - Playing the Hero.lnk . (...) -- C:\Program Files (x86)\Age of Adventure - Playing the Hero\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Ancient Rome 2.lnk . (...) -- C:\Program Files (x86)\Ancient Rome 2\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Build-a-Lot - The Elizabethan Era.lnk . (...) -- C:\Program Files (x86)\Build-a-Lot - The Elizabethan Era\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Cate West - The Vanishing Files.lnk . (...) -- C:\Program Files (x86)\Cate West - The Vanishing Files\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Celtic Lore - Sidhe Hills.lnk . (...) -- C:\Program Files (x86)\Celtic Lore - Sidhe Hills\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Dark Dimensions - Le Musee de Cire.lnk . (...) -- C:\Program Files (x86)\Dark Dimensions - Le Musee de Cire\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Farm Frenzy Pizza Party.lnk . (...) -- C:\Program Files (x86)\Farm Frenzy Pizza Party\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Fate of the Pharaoh.lnk . (...) -- C:\Program Files (x86)\Fate of the Pharaoh\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Fishdom 3.lnk . (...) -- C:\Program Files (x86)\Fishdom 3\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Hodgepodge Hollow - A Potions Primer.lnk . (...) -- C:\Program Files (x86)\Hodgepodge Hollow - A Potions Primer\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Incredible Express.lnk . (...) -- C:\Program Files (x86)\Incredible Express\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à King's Legacy.lnk . (...) -- C:\Program Files (x86)\King's Legacy\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Les Secrets du Titanic.lnk . (...) -- C:\Program Files (x86)\Les Secrets du Titanic\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Mega World Smash.lnk . (...) -- C:\Program Files (x86)\Mega World Smash\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Mysteries of Magic Island.lnk . (...) -- C:\Program Files (x86)\Mysteries of Magic Island\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Plan It Green.lnk . (...) -- C:\Program Files (x86)\Plan It Green\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Spirits of Mystery - La Prophetie du Minotaure Edition Collector.lnk . (...) -- C:\Program Files (x86)\Spirits of Mystery - La Prophetie du Minotaure Edition Collector\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Sprill et Ritchie - Voyage a Travers le Temps.lnk . (...) -- C:\Program Files (x86)\Sprill et Ritchie - Voyage a Travers le Temps\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à The Lake House - Les Enfants du Silence Edition Collector.lnk . (...) -- C:\Program Files (x86)\The Lake House - Les Enfants du Silence Edition Collector\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à The Mystery of the Crystal Portal.lnk . (...) -- C:\Program Files (x86)\The Mystery of the Crystal Portal\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Townopolis - Gold.lnk . (...) -- C:\Program Files (x86)\Townopolis - Gold\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Turtle Odyssey 2.lnk . (...) -- C:\Program Files (x86)\Turtle Odyssey 2\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Twilight Phenomena - Les Pensionnaires de la Maison n 13 Edition Collector.lnk . (...) -- C:\Program Files (x86)\Twilight Phenomena - Les Pensionnaires de la Maison n 13 Edition Collector\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Twisted Lands - Les Origines.lnk . (...) -- C:\Program Files (x86)\Twisted Lands - Les Origines\LaunchGame.bfg O4 - GS\Desktop [Public]: Jouer à Weather Lord.lnk . (...) -- C:\Program Files (x86)\Weather Lord\LaunchGame.bfg O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\Desktop [Public]: Norton Internet Security.lnk . (.Symantec Corporation - Norton Protection Center UI Stub.) -- C:\Program Files (x86)\Norton Internet Security\Engine64\20.4.0.40\uistub.exe O4 - GS\Desktop [Public]: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe O4 - GS\Desktop [Public]: Photos Snapfish.lnk . (...) -- C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe O4 - GS\Desktop [Public]: VideoPlayer.lnk . (.Tuguu SL - VAFPlayer.) -- C:\Program Files (x86)\VideoPlayer\VAFPlayer.exe =>PUP.VAFPlayer O4 - GS\Program [Public]: Browser Choice.lnk . (...) -- C:\Windows\BrowserChoice\html\default.html O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline O4 - GS\Program [Public]: Encore plus de jeux.lnk - Clé orpheline O4 - GS\Program [Public]: Game Manager.lnk . (...) -- C:\Program Files (x86)\bfgclient\bfgclient.exe O4 - GS\Program [Public]: HP Connected Music.lnk . (.Meridian Audio Ltd - HP Connected Music.) -- C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe O4 - GS\Program [Public]: IncrediMail.lnk . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe O4 - GS\Program [Public]: Microsoft Office.lnk . (.Microsoft Corporation - Microsoft Office.) -- C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.exe O4 - GS\Program [Public]: Movie Maker.lnk . (.Microsoft Corporation - Movie Maker.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\Program [Public]: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe O4 - GS\Program [Public]: Photo Gallery.lnk . (.Microsoft Corporation - Photo Gallery.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Store.lnk . (...) -- C:\Windows\WinStore\WinStore.htm O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Math Input Panel.lnk . (...) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe (.not file.) O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\system32\mstsc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d’écran.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Enregistreur d’actions.) -- C:\Windows\system32\psr.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\system32\charmap.exe =>.Microsoft Corporation O4 - GS\QuickLaunch [marie]: e-Carte Bleue Société Générale.lnk . (.Orbiscom Ltd. All rights reserved. - ECBL Client.) -- C:\Program Files (x86)\e-Carte Bleue Société Générale\ecbl-sg.exe O4 - GS\QuickLaunch [marie]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\QuickLaunch [marie]: IncrediMail 2.0.lnk . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe O4 - GS\QuickLaunch [marie]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\TaskBar [marie]: File Explorer.lnk . (...) -- C:\Users\marie\AppData\Roaming\Microsoft\Windows\Libraries O4 - GS\TaskBar [marie]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\Program [marie]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Program [marie]: SkyDrive.lnk . (.Microsoft Corporation - Microsoft SkyDrive Setup.) -- C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe =>.Microsoft Corporation O4 - GS\Accessories [marie]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation O4 - GS\Desktop [marie]: Free Documents Opener.lnk . (...) -- C:\Users\marie\AppData\Roaming\Free Documents Opener\FreeDocumentsOpener.exe O4 - GS\Desktop [marie]: SeeSimilar02.lnk - Clé orpheline =>Adware.SeeSimilar O4 - GS\Desktop [marie]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman O4 - GS\Desktop [marie]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman ~ Global Startup: 80 Scanned in 00mn 02s ---\\ Applications lancées au démarrage du sytème (O4) O4 - GS\Startup [Public]: e-Carte Bleue Société Générale.lnk . (.Orbiscom Ltd. All rights reserved. - ECBL Client.) -- C:\Program Files (x86)\e-Carte Bleue Société Générale\ecbl-sg.exe O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) O4 - HKCU\..\Run: [Driver Pro] . (.PC Utilities Pro - Driver Pro - Update your drivers now!.) -- C:\Program Files (x86)\Driver Pro\DPLauncher.exe O4 - HKLM\..\Wow6432Node\Run: [HPMessageService] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe O4 - HKLM\..\Wow6432Node\Run: [HP CoolSense] . (.Hewlett-Packard Development Company, L.P. - HP CoolSense.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe O4 - HKUS\S-1-5-21-2641700954-3712719194-3779541605-1001\..\Run: [Driver Pro] . (.PC Utilities Pro - Driver Pro - Update your drivers now!.) -- C:\Program Files (x86)\Driver Pro\DPLauncher.exe ~ Application: Scanned in 00mn 00s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll ~ Winsock: 7 Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{5CD4F462-0342-4FE8-ADB1-02B14BE98BB4}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{6689818B-2CBF-4038-8CBC-FBB947CFA210}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{5CD4F462-0342-4FE8-ADB1-02B14BE98BB4}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{6689818B-2CBF-4038-8CBC-FBB947CFA210}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: GamesAppIntegrationService (GamesAppIntegrationService) . (.WildTangent - WildTangent Games App Integration Service.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co O23 - Service: oem16.inf (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\System32\Hpservice.exe O23 - Service: HPWMISVC (HPWMISVC) . (.Hewlett-Packard Development Company, L.P. - HP WMI Service.) - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) Capability Licensing Service In (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Dynamic Application Loader Host (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Norton Internet Security (NIS) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ~ Services: 15 Scanned in 00mn 02s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1080] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1084] ~ Scheduled Task: 3 Scanned in 00mn 00s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll ~ Active Setup: 9 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys O41 - Driver: (BHDrvx64) . (.Symantec Corporation - BASH Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130924.001\BHDrvx64.sys O41 - Driver: (ccSet_NIS) . (.Symantec Corporation - Common Client Settings Driver.) - C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: (CLVirtualDrive) . (.CyberLink - It is a virtual device driver which could c.) - C:\Windows\system32\DRIVERS\CLVirtualDrive.sys O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys O41 - Driver: (IDSVia64) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20131001.002\IDSvia64.sys O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (SRTSP) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\Drivers\NISx64\1404000.028\SRTSP64.sys O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.sys O41 - Driver: (SymIRON) . (.Symantec Corporation - Iron Driver.) - C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.sys O41 - Driver: (SymNetS) . (.Symantec Corporation - Network Security Driver.) - C:\Windows\system32\Drivers\NISx64\1404000.028\SYMNETS.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys ~ Drivers: 52 Scanned in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: Adelantado Trilogy: Book One - (...) [HKLM][64Bits] -- BFG-Adelantado Trilogy - Book One O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player O42 - Logiciel: Age of Adventure: Playing the Hero - (...) [HKLM][64Bits] -- BFG-Age of Adventure - Playing the Hero O42 - Logiciel: Aloha TriPeaks - (.WildTangent.) [HKLM][64Bits] -- WTA-75c24f49-c6d1-4432-8425-b7c9ea76cd3c O42 - Logiciel: Ancient Rome 2 - (...) [HKLM][64Bits] -- BFG-Ancient Rome 2 O42 - Logiciel: Ask Toolbar - (.APN, LLC.) [HKLM][64Bits] -- {42435041-332D-5637-00A7-A758B70C0300} =>Toolbar.Ask O42 - Logiciel: Bejeweled 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-f0985fe8-f511-4f6b-b9de-aa5089ae9630 O42 - Logiciel: Big Fish: Game Manager - (...) [HKLM][64Bits] -- BFGC O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} O42 - Logiciel: Build-a-Lot: The Elizabethan Era - (...) [HKLM][64Bits] -- BFG-Build-a-Lot - The Elizabethan Era O42 - Logiciel: Build-a-lot - (.WildTangent.) [HKLM][64Bits] -- WTA-4b58b382-b005-466c-9f54-af3ee7b1a01a O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>Piriform Ltd O42 - Logiciel: Cate West: The Vanishing Files - (...) [HKLM][64Bits] -- BFG-Cate West - The Vanishing Files O42 - Logiciel: Celtic Lore: Sidhe Hills - (...) [HKLM][64Bits] -- BFG-Celtic Lore - Sidhe Hills O42 - Logiciel: Cradle of Rome 2 - (.WildTangent.) [HKLM][64Bits] -- WTA-832a98c1-7159-4502-8ce6-713875a2a5e4 O42 - Logiciel: Crazy Chicken Soccer - (.WildTangent.) [HKLM][64Bits] -- WTA-485466c6-97e4-4228-bafd-4ea3ccf6a26d O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79} O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1fD-4101-A42B-0C564F9E8E79} O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2} O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- {2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2} O42 - Logiciel: CyberLink PowerDVD - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B} O42 - Logiciel: CyberLink PowerDVD - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B} O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32} O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {B0B4F6D2-F2AE-451A-9496-6F2F6A897B32} O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D} O42 - Logiciel: Cyberlink PhotoDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10} O42 - Logiciel: Cyberlink PhotoDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {39337565-330E-4ab6-A9AE-AC81E0720B10} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: DMUninstaller - (...) [HKLM][64Bits] -- DMUninstaller O42 - Logiciel: Dark Dimensions: Le Musée de Cire - (...) [HKLM][64Bits] -- BFG-Dark Dimensions - Le Musee de Cire O42 - Logiciel: Driver Pro v3.0 - (.PC Utilities Pro.) [HKLM][64Bits] -- Driver Pro_is1 O42 - Logiciel: Energy Star - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7} O42 - Logiciel: Farm Frenzy - (.WildTangent.) [HKLM][64Bits] -- WTA-86859bf8-9f82-47b4-be53-168e7a1086a7 O42 - Logiciel: Farm Frenzy Pizza Party - (...) [HKLM][64Bits] -- BFG-Farm Frenzy Pizza Party O42 - Logiciel: Fate of the Pharaoh - (...) [HKLM][64Bits] -- BFG-Fate of the Pharaoh O42 - Logiciel: Fishdom 3 - (...) [HKLM][64Bits] -- BFG-Fishdom 3 O42 - Logiciel: Free Documents Opener - (.Free Documents Opener.) [HKCU][64Bits] -- Free Documents Opener O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {446CC8CE-0E90-44F7-ADD0-774B243EF090} O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>Toolbar.Google O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google O42 - Logiciel: Governor of Poker 2 Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-f122acc0-35e7-4abe-91ce-4d48d7d4beaa O42 - Logiciel: HP 3D DriveGuard - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {F9E399CB-046F-45FD-A67F-CF399E2128E4} O42 - Logiciel: HP Connected Music (Meridian - installer) - (.Meridian Audio Ltd.) [HKLM][64Bits] -- StartHPConnectedMusic O42 - Logiciel: HP Connected Music (Meridian - player) - (.Meridian Audio Ltd.) [HKCU][64Bits] -- HPConnectedMusic O42 - Logiciel: HP CoolSense - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F} O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544} O42 - Logiciel: HP Documentation - (.Hewlett-Packard.) [HKLM][64Bits] -- {B41C6B3F-F752-46EA-BC46-F26D3AD147B8} O42 - Logiciel: HP Postscript Converter - (.Hewlett-Packard.) [HKLM][64Bits] -- {6E14E6D6-3175-4E1A-B934-CAB5A86367CD} O42 - Logiciel: HP Quick Start - (.Hewlett-Packard.) [HKLM][64Bits] -- {B9494F9E-5EA9-4C70-9F38-659F5E6C0BF3} O42 - Logiciel: HP Recovery Manager - (.Hewlett-Packard.) [HKLM][64Bits] -- {1AE37508-089E-41AC-95BD-99FF06887C2F} O42 - Logiciel: HP Registration Service - (.Hewlett-Packard.) [HKLM][64Bits] -- {D1E8F2D7-7794-4245-B286-87ED86C1893C} O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {EE202411-2C26-49E8-9784-1BC1DBF7DE96} =>.Hewlett-Packard Co O42 - Logiciel: HP System Event Utility - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {C27D60E4-3132-45A3-A71A-E3BD1DA3F794} O42 - Logiciel: HP Utility Center - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {73237EBB-B26F-4628-8754-4EFE563D72E9} O42 - Logiciel: HP Wireless Button Driver - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {941DE69D-6CEE-4171-8F1F-3D7E352AA498} O42 - Logiciel: Hewlett-Packard ACLM.NET v1.2.1.1 - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F} O42 - Logiciel: Hodgepodge Hollow: A Potions Primer - (...) [HKLM][64Bits] -- BFG-Hodgepodge Hollow - A Potions Primer O42 - Logiciel: IncrediMail - (.IncrediMail.) [HKLM][64Bits] -- {2CF22C94-1369-4C04-9A5F-A4BC6D91B508} O42 - Logiciel: IncrediMail 2.0 - (.IncrediMail Ltd..) [HKLM][64Bits] -- IncrediMail O42 - Logiciel: Incredible Express - (...) [HKLM][64Bits] -- BFG-Incredible Express O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140} O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {9D859F0D-B405-4B1F-9084-13BBF5D3DB32} O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {FA00A3CC-7440-4938-A271-F186F50DD40D} O42 - Logiciel: Jeux WildTangent - (.WildTangent.) [HKLM][64Bits] -- WildTangent wildgames Master Uninstall O42 - Logiciel: Jewel Match 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-ddce8a3c-b76a-46c0-b95a-2ec162792c99 O42 - Logiciel: Jewel Quest II - (.WildTangent.) [HKLM][64Bits] -- WTA-12bdd843-056d-49a4-9ae9-bbba2f37c2d5 O42 - Logiciel: King's Legacy - (...) [HKLM][64Bits] -- BFG-King's Legacy O42 - Logiciel: Les Secrets du Titanic - (...) [HKLM][64Bits] -- BFG-Les Secrets du Titanic O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77} O42 - Logiciel: Mahjongg Artifacts - (.WildTangent.) [HKLM][64Bits] -- WTA-fbb39c7d-48d5-412a-a45b-c151a1e04f04 O42 - Logiciel: Mega World Smash - (...) [HKLM][64Bits] -- BFG-Mega World Smash O42 - Logiciel: Mozilla Firefox 24.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 24.0 (x86 fr) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService O42 - Logiciel: Mysteries of Magic Island - (...) [HKLM][64Bits] -- BFG-Mysteries of Magic Island O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM][64Bits] -- NIS O42 - Logiciel: Opera Stable 16.0.1196.73 - (.Opera Software ASA.) [HKLM][64Bits] -- Opera 16.0.1196.73 O42 - Logiciel: Plan It Green - (...) [HKLM][64Bits] -- BFG-Plan It Green O42 - Logiciel: Plants vs. Zombies - Game of the Year - (.WildTangent.) [HKLM][64Bits] -- WTA-620b05a9-e93e-4b04-8c77-3f35f8cfb233 O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WTA-1e876c2e-891a-4448-927e-4f9465c63b4f O42 - Logiciel: REALTEK Wireless LAN Driver - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- {A5107464-AA9B-4177-8129-5FF2F42DD322} O42 - Logiciel: Ranch Rush 2 - Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-610ce7d9-eb81-42bd-adf9-1c8e9de3b34d O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Realtek PCIE Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {BCDA54F6-C4B6-4519-A09E-FA064A6B4098} O42 - Logiciel: Royal Envoy 2 Collector's Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-a5723063-35e1-44d0-8ef0-b14b427eaaad O42 - Logiciel: Spirits of Mystery: La Prophétie du Minotaure Edition Collector - (...) [HKLM][64Bits] -- BFG-Spirits of Mystery - La Prophetie du Minotaure Edition Collector O42 - Logiciel: Sprill et Ritchie: Voyage à Travers le Temps - (...) [HKLM][64Bits] -- BFG-Sprill et Ritchie - Voyage a Travers le Temps O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey O42 - Logiciel: The Lake House: Les Enfants du Silence Edition Collector - (...) [HKLM][64Bits] -- BFG-The Lake House - Les Enfants du Silence Edition Collector O42 - Logiciel: The Mystery of the Crystal Portal - (...) [HKLM][64Bits] -- BFG-The Mystery of the Crystal Portal O42 - Logiciel: Townopolis: Gold - (...) [HKLM][64Bits] -- BFG-Townopolis - Gold O42 - Logiciel: Trinklit Supreme - (.WildTangent.) [HKLM][64Bits] -- WTA-d6ce9f86-e2d8-4bfb-bb1b-5e88fbec0759 O42 - Logiciel: Turtle Odyssey 2 - (...) [HKLM][64Bits] -- BFG-Turtle Odyssey 2 O42 - Logiciel: Twilight Phenomena: Les Pensionnaires de la Maison n° 13 Edition Collector - (...) [HKLM][64Bits] -- BFG-Twilight Phenomena - Les Pensionnaires de la Maison n 13 Edition Collector O42 - Logiciel: Twisted Lands: Les Origines - (...) [HKLM][64Bits] -- BFG-Twisted Lands - Les Origines O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App O42 - Logiciel: Vacation Quest™ - Australia - (.WildTangent.) [HKLM][64Bits] -- WTA-7878638a-c4a2-449e-8701-cc71ed2901a3 O42 - Logiciel: VideoPlayer v2.0.6 - (.TUGUU SL.) [HKLM][64Bits] -- VideoPlayer =>PUP.VAFPlayer O42 - Logiciel: Virtual Families - (.WildTangent.) [HKLM][64Bits] -- WTA-749ee3e1-1717-4bfb-806d-4a517d3cbef4 O42 - Logiciel: Weather Lord - (...) [HKLM][64Bits] -- BFG-Weather Lord O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM][64Bits] -- WTA-4f3fdbcc-4bee-4e58-8900-818255f47c4a O42 - Logiciel: WildTangent Games App (HP Games) - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp O42 - Logiciel: Youda Jewel Shop - (.WildTangent.) [HKLM][64Bits] -- WTA-7e746035-18b6-4036-8be3-83e7a6289cd0 O42 - Logiciel: Zuma's Revenge - (.WildTangent.) [HKLM][64Bits] -- WTA-5c1eca73-8991-40e0-9343-48ac1d68a5f8 O42 - Logiciel: e-Carte Bleue Société Générale - (...) [HKLM][64Bits] -- {EC3CAFA6-1CDC-46D1-AD8D-B66CFDE59EE0} O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} ~ Logic: 215 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow] [HKCU\Software\Big Fish Games] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CyberLink] [HKCU\Software\Driver Pro] [HKCU\Software\Google] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IncrediMail] [HKCU\Software\Intel] [HKCU\Software\Lake] [HKCU\Software\Licenses] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Norton] [HKCU\Software\Opera Software] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\RegisteredApplications] [HKCU\Software\Software] [HKCU\Software\Symantec] [HKCU\Software\Synaptics] [HKCU\Software\TeleCharger] [HKCU\Software\WildTangent] [HKCU\Software\Wow6432Node] [HKLM\Software\ATI Technologies] [HKLM\Software\Apple Inc.] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\HPQ] [HKLM\Software\Hewlett-Packard] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Macromedia] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Norton] [HKLM\Software\ODBC] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\RTLSetup] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\Symantec] [HKLM\Software\Synaptics] [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\AdwCleaner] [HKLM\Software\Wow6432Node\AppDataLow] [HKLM\Software\Wow6432Node\Apple Inc.] [HKLM\Software\Wow6432Node\Big Fish Games] [HKLM\Software\Wow6432Node\Caphyon] [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\CyberLink] [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\Hewlett-Packard] [HKLM\Software\Wow6432Node\Insyde] [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\Khronos] [HKLM\Software\Wow6432Node\Lake] [HKLM\Software\Wow6432Node\Licenses] [HKLM\Software\Wow6432Node\Loader] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\Norton] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.] [HKLM\Software\Wow6432Node\Realtek] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\RtWLan] [HKLM\Software\Wow6432Node\Software] [HKLM\Software\Wow6432Node\Symantec] [HKLM\Software\Wow6432Node\Uniblue] [HKLM\Software\Wow6432Node\Vittalia] [HKLM\Software\Wow6432Node\WildTangent] [HKLM\Software\Wow6432Node\dotNetInstaller] [HKLM\Software\Wow6432Node\e-Carte Bleue Société Générale] [HKLM\Software\Wow6432Node\mozilla.org] [HKLM\Software\Wow6432Node] ~ Key Software: 194 Scanned in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 09/09/2013 - 17:44:25 - [136,996] ----D C:\Program Files (x86)\Adelantado Trilogy - Book One O43 - CFD: 09/09/2013 - 17:39:51 - [45,286] ----D C:\Program Files (x86)\Age of Adventure - Playing the Hero O43 - CFD: 13/09/2013 - 06:22:03 - [0] ----D C:\Program Files (x86)\Amazon O43 - CFD: 09/09/2013 - 16:46:54 - [160,865] ----D C:\Program Files (x86)\Ancient Rome 2 O43 - CFD: 09/09/2013 - 16:38:54 - [11,301] ----D C:\Program Files (x86)\bfgclient O43 - CFD: 30/09/2013 - 18:41:16 - [0,602] ----D C:\Program Files (x86)\Bonjour O43 - CFD: 09/09/2013 - 16:51:44 - [116,511] ----D C:\Program Files (x86)\Build-a-Lot - The Elizabethan Era O43 - CFD: 09/09/2013 - 17:08:19 - [75,628] ----D C:\Program Files (x86)\Cate West - The Vanishing Files O43 - CFD: 09/09/2013 - 17:39:03 - [307,122] ----D C:\Program Files (x86)\Celtic Lore - Sidhe Hills O43 - CFD: 14/09/2013 - 20:17:38 - [341,657] ----D C:\Program Files (x86)\Common Files O43 - CFD: 01/10/2013 - 18:23:04 - [-1319,868] ----D C:\Program Files (x86)\CyberLink O43 - CFD: 09/09/2013 - 17:30:19 - [641,527] ----D C:\Program Files (x86)\Dark Dimensions - Le Musee de Cire O43 - CFD: 21/09/2013 - 15:25:55 - [19,444] ----D C:\Program Files (x86)\Driver Pro O43 - CFD: 12/09/2013 - 21:00:55 - [0,463] ----D C:\Program Files (x86)\e-Carte Bleue Société Générale O43 - CFD: 09/09/2013 - 23:30:52 - [53,112] ----D C:\Program Files (x86)\Farm Frenzy Pizza Party O43 - CFD: 09/09/2013 - 17:46:41 - [124,255] ----D C:\Program Files (x86)\Fate of the Pharaoh O43 - CFD: 09/09/2013 - 17:49:52 - [210,415] ----D C:\Program Files (x86)\Fishdom 3 O43 - CFD: 19/09/2013 - 06:10:52 - [403,966] ----D C:\Program Files (x86)\Google O43 - CFD: 15/06/2013 - 07:57:34 - [352,002] ----D C:\Program Files (x86)\Hewlett-Packard O43 - CFD: 09/09/2013 - 17:54:02 - [86,069] ----D C:\Program Files (x86)\Hodgepodge Hollow - A Potions Primer O43 - CFD: 23/03/2013 - 15:49:29 - [0,828] ----D C:\Program Files (x86)\HPConnectedMusic O43 - CFD: 09/09/2013 - 16:44:36 - [138,299] ----D C:\Program Files (x86)\Incredible Express O43 - CFD: 09/09/2013 - 18:57:12 - [26,257] ----D C:\Program Files (x86)\IncrediMail O43 - CFD: 12/09/2013 - 21:00:54 - [197,006] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 15/06/2013 - 07:20:27 - [156,099] ----D C:\Program Files (x86)\Intel O43 - CFD: 13/09/2013 - 01:49:34 - [4,624] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 09/09/2013 - 18:09:44 - [103,649] ----D C:\Program Files (x86)\King's Legacy O43 - CFD: 09/09/2013 - 18:18:11 - [275,520] ----D C:\Program Files (x86)\Les Secrets du Titanic O43 - CFD: 09/09/2013 - 18:20:37 - [118,037] ----D C:\Program Files (x86)\Mega World Smash O43 - CFD: 23/03/2013 - 15:41:25 - [2,168] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 23/03/2013 - 15:45:36 - [5,397] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation O43 - CFD: 23/03/2013 - 15:46:23 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 26/07/2012 - 10:12:59 - [0,023] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 30/09/2013 - 15:52:43 - [48,679] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 30/09/2013 - 15:52:37 - [0,216] ----D C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 04/08/2012 - 00:37:58 - [0,025] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 09/09/2013 - 18:28:57 - [245,751] ----D C:\Program Files (x86)\Mysteries of Magic Island O43 - CFD: 15/06/2013 - 07:54:58 - [370,014] ----D C:\Program Files (x86)\Norton Internet Security O43 - CFD: 11/09/2013 - 18:15:25 - [21,734] ----D C:\Program Files (x86)\NortonInstaller O43 - CFD: 09/09/2013 - 14:29:07 - [1,566] R---D C:\Program Files (x86)\Online Services O43 - CFD: 09/09/2013 - 16:50:59 - [98,277] ----D C:\Program Files (x86)\Opera O43 - CFD: 09/09/2013 - 18:46:52 - [96,676] ----D C:\Program Files (x86)\Plan It Green O43 - CFD: 15/06/2013 - 07:25:04 - [36,017] ----D C:\Program Files (x86)\Realtek O43 - CFD: 04/08/2012 - 00:37:58 - [36,536] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 09/09/2013 - 19:25:40 - [874,473] ----D C:\Program Files (x86)\Spirits of Mystery - La Prophetie du Minotaure Edition Collector O43 - CFD: 09/09/2013 - 19:29:12 - [349,673] ----D C:\Program Files (x86)\Sprill et Ritchie - Voyage a Travers le Temps O43 - CFD: 15/06/2013 - 07:56:20 - [2,444] ----D C:\Program Files (x86)\SymSilent O43 - CFD: 15/06/2013 - 07:24:00 - [0] --H-D C:\Program Files (x86)\Temp O43 - CFD: 09/09/2013 - 19:49:25 - [1023,709] ----D C:\Program Files (x86)\The Lake House - Les Enfants du Silence Edition Collector O43 - CFD: 09/09/2013 - 20:06:14 - [82,369] ----D C:\Program Files (x86)\The Mystery of the Crystal Portal O43 - CFD: 09/09/2013 - 20:06:48 - [36,713] ----D C:\Program Files (x86)\Townopolis - Gold O43 - CFD: 09/09/2013 - 20:07:34 - [84,957] ----D C:\Program Files (x86)\Turtle Odyssey 2 O43 - CFD: 09/09/2013 - 20:29:36 - [605,548] ----D C:\Program Files (x86)\Twilight Phenomena - Les Pensionnaires de la Maison n 13 Edition Collector O43 - CFD: 09/09/2013 - 20:47:52 - [601,660] ----D C:\Program Files (x86)\Twisted Lands - Les Origines O43 - CFD: 21/09/2013 - 01:30:07 - [8,644] ----D C:\Program Files (x86)\VideoPlayer O43 - CFD: 09/09/2013 - 20:52:04 - [157,080] ----D C:\Program Files (x86)\Weather Lord O43 - CFD: 23/03/2013 - 15:59:56 - [-1749,817] ----D C:\Program Files (x86)\WildGames O43 - CFD: 13/09/2013 - 01:19:46 - [33,861] ----D C:\Program Files (x86)\WildTangent Games O43 - CFD: 13/09/2013 - 01:49:12 - [1,038] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 23/03/2013 - 15:46:22 - [86,829] ----D C:\Program Files (x86)\Windows Live O43 - CFD: 13/09/2013 - 01:44:04 - [5,466] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 13/09/2013 - 01:44:04 - [3,494] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 26/07/2012 - 10:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 26/07/2012 - 10:12:59 - [7,243] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 22/09/2013 - 01:46:54 - [5,226] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 26/07/2012 - 10:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 26/07/2012 - 10:12:59 - [0] -SH-D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 02/10/2013 - 20:04:45 - [16,945] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman O43 - CFD: 15/06/2013 - 07:41:58 - [0,091] ----D C:\Program Files (x86)\Common Files\CyberLink O43 - CFD: 15/06/2013 - 07:20:53 - [2,009] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 15/06/2013 - 07:19:07 - [0,178] ----D C:\Program Files (x86)\Common Files\Intel Corporation O43 - CFD: 13/09/2013 - 01:49:18 - [327,771] ----D C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 15/06/2013 - 07:53:26 - [1,416] ----D C:\Program Files (x86)\Common Files\Nikon O43 - CFD: 15/06/2013 - 07:19:03 - [0,187] ----D C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 26/07/2012 - 10:13:01 - [0,003] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 09/09/2013 - 15:44:47 - [0,596] ----D C:\Program Files (x86)\Common Files\Symantec Shared O43 - CFD: 13/09/2013 - 01:44:02 - [9,406] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 23/03/2013 - 15:45:14 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 15/06/2013 - 07:25:45 - [2,558] ----D C:\ProgramData\Apple O43 - CFD: 26/07/2012 - 09:22:08 - [0] -SH-D C:\ProgramData\Application Data O43 - CFD: 09/09/2013 - 16:37:15 - [113,807] ----D C:\ProgramData\Big Fish O43 - CFD: 09/09/2013 - 16:25:21 - [0] ----D C:\ProgramData\Big Fish Games O43 - CFD: 09/09/2013 - 12:03:11 - [0] -SH-D C:\ProgramData\Bureau O43 - CFD: 01/10/2013 - 18:24:34 - [50,251] ----D C:\ProgramData\CyberLink O43 - CFD: 26/07/2012 - 09:22:08 - [0] -SH-D C:\ProgramData\Desktop O43 - CFD: 26/07/2012 - 09:22:08 - [0] -SH-D C:\ProgramData\Documents O43 - CFD: 10/09/2013 - 13:50:56 - [0,027] ----D C:\ProgramData\FarmFrenzy-PizzaParty O43 - CFD: 19/09/2013 - 06:10:56 - [0,012] ----D C:\ProgramData\Google O43 - CFD: 15/06/2013 - 07:57:35 - [8,353] ----D C:\ProgramData\Hewlett-Packard O43 - CFD: 09/09/2013 - 15:20:33 - [0] ----D C:\ProgramData\IM O43 - CFD: 09/09/2013 - 15:19:57 - [6,574] ----D C:\ProgramData\IncrediMail O43 - CFD: 15/06/2013 - 07:52:11 - [0,159] ----D C:\ProgramData\install_clap O43 - CFD: 15/06/2013 - 07:18:41 - [9,213] ----D C:\ProgramData\Intel O43 - CFD: 01/10/2013 - 20:54:12 - [1,840] ----D C:\ProgramData\Malwarebytes O43 - CFD: 09/09/2013 - 12:03:12 - [0] -SH-D C:\ProgramData\Menu Démarrer O43 - CFD: 27/09/2013 - 22:27:29 - [1597,163] -S--D C:\ProgramData\Microsoft O43 - CFD: 23/03/2013 - 15:45:23 - [0] ----D C:\ProgramData\Microsoft SkyDrive =>.Microsoft Corporation O43 - CFD: 09/09/2013 - 12:03:12 - [0] -SH-D C:\ProgramData\Modèles O43 - CFD: 30/09/2013 - 15:52:37 - [0] ----D C:\ProgramData\Mozilla O43 - CFD: 09/09/2013 - 14:26:09 - [823,159] ----D C:\ProgramData\Norton O43 - CFD: 11/09/2013 - 18:15:43 - [1,655] ----D C:\ProgramData\NortonInstaller O43 - CFD: 16/09/2013 - 04:04:17 - [0,071] ----D C:\ProgramData\Playrix Entertainment O43 - CFD: 13/09/2013 - 02:50:19 - [0,120] ----D C:\ProgramData\PRICache O43 - CFD: 15/06/2013 - 16:06:42 - [0,002] ----D C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 26/07/2012 - 09:22:08 - [0] -SH-D C:\ProgramData\Start Menu O43 - CFD: 15/06/2013 - 07:29:52 - [0,002] ----D C:\ProgramData\Synaptics O43 - CFD: 01/10/2013 - 18:30:13 - [2,690] ---AD C:\ProgramData\Temp O43 - CFD: 26/07/2012 - 09:22:08 - [0] -SH-D C:\ProgramData\Templates O43 - CFD: 02/10/2013 - 12:41:13 - [0] ----D C:\ProgramData\Uniblue O43 - CFD: 13/09/2013 - 01:24:46 - [-1706,827] ----D C:\ProgramData\WildTangent O43 - CFD: 23/03/2013 - 15:50:43 - [39,643] ----D C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF} O43 - CFD: 09/09/2013 - 14:29:08 - [0,544] ----D C:\Users\marie\AppData\Roaming\Adobe O43 - CFD: 22/09/2013 - 09:20:50 - [0,002] ----D C:\Users\marie\AppData\Roaming\AlawarEntertainment O43 - CFD: 12/09/2013 - 08:41:08 - [0,382] ----D C:\Users\marie\AppData\Roaming\Daedalic Entertainment O43 - CFD: 21/09/2013 - 15:26:08 - [83,781] ----D C:\Users\marie\AppData\Roaming\Driver Pro O43 - CFD: 09/09/2013 - 19:28:59 - [15,319] ----D C:\Users\marie\AppData\Roaming\Free Documents Opener O43 - CFD: 09/09/2013 - 16:26:00 - [0] ----D C:\Users\marie\AppData\Roaming\Hewlett-Packard O43 - CFD: 09/09/2013 - 15:42:10 - [0] ----D C:\Users\marie\AppData\Roaming\hpqlog O43 - CFD: 10/09/2013 - 17:12:40 - [0] ----D C:\Users\marie\AppData\Roaming\Identities O43 - CFD: 09/09/2013 - 23:36:33 - [0,009] ----D C:\Users\marie\AppData\Roaming\island_tribe_4_bfg_fr O43 - CFD: 16/09/2013 - 12:48:23 - [0,031] ----D C:\Users\marie\AppData\Roaming\LegacyInteractive O43 - CFD: 09/09/2013 - 14:40:34 - [0,001] ----D C:\Users\marie\AppData\Roaming\Macromedia O43 - CFD: 01/10/2013 - 20:54:23 - [162,980] ----D C:\Users\marie\AppData\Roaming\Malwarebytes O43 - CFD: 02/10/2013 - 18:32:10 - [1,044] -S--D C:\Users\marie\AppData\Roaming\Microsoft O43 - CFD: 30/09/2013 - 15:52:49 - [25,500] ----D C:\Users\marie\AppData\Roaming\Mozilla O43 - CFD: 09/09/2013 - 16:51:10 - [5,603] ----D C:\Users\marie\AppData\Roaming\Opera Software O43 - CFD: 09/09/2013 - 14:27:27 - [0] ----D C:\Users\marie\AppData\Roaming\Synaptics O43 - CFD: 17/09/2013 - 00:30:40 - [0,014] ----D C:\Users\marie\AppData\Roaming\Vast Studios O43 - CFD: 10/09/2013 - 06:50:14 - [3,125] ----D C:\Users\marie\AppData\Roaming\WildTangent O43 - CFD: 02/10/2013 - 21:17:02 - [0,001] ----D C:\Users\marie\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 09/09/2013 - 14:25:13 - [0] -SH-D C:\Users\marie\AppData\Local\Application Data O43 - CFD: 09/09/2013 - 14:44:31 - [1,579] ----D C:\Users\marie\AppData\Local\Apps O43 - CFD: 13/09/2013 - 01:24:38 - [0,114] ----D C:\Users\marie\AppData\Local\avgchrome O43 - CFD: 09/09/2013 - 16:38:57 - [0,019] ----D C:\Users\marie\AppData\Local\Big Fish O43 - CFD: 01/10/2013 - 23:29:48 - [0] ----D C:\Users\marie\AppData\Local\CrashDumps O43 - CFD: 09/09/2013 - 14:44:51 - [0] ----D C:\Users\marie\AppData\Local\Deployment O43 - CFD: 30/09/2013 - 19:25:27 - [0,174] ----D C:\Users\marie\AppData\Local\Diagnostics O43 - CFD: 09/09/2013 - 14:46:30 - [56,115] ----D C:\Users\marie\AppData\Local\Google O43 - CFD: 11/09/2013 - 08:29:28 - [0,002] ----D C:\Users\marie\AppData\Local\Hewlett-Packard O43 - CFD: 09/09/2013 - 14:25:13 - [0] -SH-D C:\Users\marie\AppData\Local\Historique O43 - CFD: 09/09/2013 - 17:47:53 - [0,002] ----D C:\Users\marie\AppData\Local\HP O43 - CFD: 09/09/2013 - 16:22:35 - [0] ----D C:\Users\marie\AppData\Local\HP Quick Start O43 - CFD: 13/09/2013 - 05:15:43 - [121,127] ----D C:\Users\marie\AppData\Local\HPConnectedMusic O43 - CFD: 09/09/2013 - 15:23:16 - [40,214] ----D C:\Users\marie\AppData\Local\IM O43 - CFD: 02/10/2013 - 13:12:32 - [0,002] ----D C:\Users\marie\AppData\Local\Intel_Corporation O43 - CFD: 02/10/2013 - 18:32:10 - [0] ----D C:\Users\marie\AppData\Local\Macromedia O43 - CFD: 02/10/2013 - 18:32:10 - [270,107] ----D C:\Users\marie\AppData\Local\Microsoft O43 - CFD: 01/10/2013 - 20:48:26 - [70,546] ----D C:\Users\marie\AppData\Local\Mozilla O43 - CFD: 09/09/2013 - 16:51:10 - [0] ----D C:\Users\marie\AppData\Local\Opera Software O43 - CFD: 23/09/2013 - 03:31:31 - [332,359] ----D C:\Users\marie\AppData\Local\Packages O43 - CFD: 09/09/2013 - 14:27:34 - [0,039] ----D C:\Users\marie\AppData\Local\Power2Go8 O43 - CFD: 13/09/2013 - 01:24:37 - [0] ----D C:\Users\marie\AppData\Local\Programs O43 - CFD: 14/09/2013 - 20:15:57 - [0] ----D C:\Users\marie\AppData\Local\Software O43 - CFD: 02/10/2013 - 21:02:27 - [38,931] ----D C:\Users\marie\AppData\Local\Temp O43 - CFD: 09/09/2013 - 14:25:13 - [0] -SH-D C:\Users\marie\AppData\Local\Temporary Internet Files O43 - CFD: 09/09/2013 - 14:25:56 - [0] ----D C:\Users\marie\AppData\Local\VirtualStore O43 - CFD: 15/09/2013 - 02:23:54 - [62,207] ----D C:\Users\marie\AppData\Local\Wild Tangent O43 - CFD: 14/09/2013 - 20:18:25 - [0,759] ----D C:\Users\marie\AppData\Local\YappyzUninstall O43 - CFD: 26/07/2012 - 10:13:00 - [0,004] R---D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 26/07/2012 - 10:13:00 - [0,001] R---D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 09/09/2013 - 17:44:19 - [0,004] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adelantado Trilogy - Book One O43 - CFD: 22/09/2013 - 02:56:51 - [0] R---D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 09/09/2013 - 17:39:45 - [0,004] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Age of Adventure - Playing the Hero O43 - CFD: 09/09/2013 - 16:46:36 - [0,003] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ancient Rome 2 O43 - CFD: 09/09/2013 - 16:51:27 - [0,004] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Build-a-Lot - The Elizabethan Era O43 - CFD: 09/09/2013 - 17:08:15 - [0,004] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cate West - The Vanishing Files O43 - CFD: 09/09/2013 - 17:38:24 - [0,004] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Celtic Lore - Sidhe Hills O43 - CFD: 09/09/2013 - 17:28:53 - [0,004] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dark Dimensions - Le Musee de Cire O43 - CFD: 09/09/2013 - 17:46:31 - [0,003] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fate of the Pharaoh O43 - CFD: 09/09/2013 - 17:49:36 - [0,003] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fishdom 3 O43 - CFD: 09/09/2013 - 19:28:01 - [0,002] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Documents Opener O43 - CFD: 09/09/2013 - 17:53:49 - [0,004] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hodgepodge Hollow - A Potions Primer O43 - CFD: 09/09/2013 - 16:44:20 - [0,003] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Incredible Express O43 - CFD: 09/09/2013 - 18:09:30 - [0,003] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\King's Legacy O43 - CFD: 09/09/2013 - 18:17:34 - [0,004] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Les Secrets du Titanic O43 - CFD: 26/07/2012 - 10:13:00 - [0] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 09/09/2013 - 18:20:21 - [0,003] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mega World Smash O43 - CFD: 09/09/2013 - 18:28:13 - [0,004] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mysteries of Magic Island O43 - CFD: 09/09/2013 - 18:46:40 - [0,003] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plan It Green O43 - CFD: 09/09/2013 - 19:23:39 - [0,004] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spirits of Mystery - La Prophetie du Minotaure Edition Collector O43 - CFD: 09/09/2013 - 19:28:33 - [0,004] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sprill et Ritchie - Voyage a Travers le Temps O43 - CFD: 01/10/2013 - 22:54:29 - [0] R---D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 26/07/2012 - 10:13:00 - [0,005] R---D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 09/09/2013 - 19:48:12 - [0,004] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Lake House - Les Enfants du Silence Edition Collector O43 - CFD: 09/09/2013 - 20:06:10 - [0,004] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Mystery of the Crystal Portal O43 - CFD: 09/09/2013 - 20:06:43 - [0,003] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Townopolis - Gold O43 - CFD: 09/09/2013 - 20:27:54 - [0,004] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twilight Phenomena - Les Pensionnaires de la Maison n 13 Edition Collector O43 - CFD: 09/09/2013 - 20:46:41 - [0,004] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twisted Lands - Les Origines O43 - CFD: 09/09/2013 - 20:51:43 - [0,003] ----D C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Weather Lord ~ Program Folder: 189 Scanned in 01mn 09s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/10/2013 - 15:55:25 ---A- . (...) -- C:\Windows\SysNative\HP_ActiveX_Patch_NOT_DETECTED.txt [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/10/2013 - 15:55:25 ---A- . (...) -- C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt [0] O44 - LFC:[MD5.A28F0C52B909BFEF5F2279911E9AFBD6] - 01/10/2013 - 16:24:13 ---A- . (.Synaptics Incorporated - SynCOM.) -- C:\Windows\SysNative\SynCOM.dll [1060080] O44 - LFC:[MD5.A28F0C52B909BFEF5F2279911E9AFBD6] - 01/10/2013 - 16:24:13 ---A- . (.Synaptics Incorporated - SynCOM.) -- C:\Windows\System32\SynCOM.dll [1060080] O44 - LFC:[MD5.410F4660C8472873818A288EBBE1FC8A] - 01/10/2013 - 16:24:13 ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_Intel.sys [33008] O44 - LFC:[MD5.4EC8ECD0B3975E572FFB0070943C8904] - 01/10/2013 - 16:24:14 ---A- . (.Synaptics Incorporated - SynTPAPI.) -- C:\Windows\SysNative\SynTPAPI.dll [264432] O44 - LFC:[MD5.4EC8ECD0B3975E572FFB0070943C8904] - 01/10/2013 - 16:24:14 ---A- . (.Synaptics Incorporated - SynTPAPI.) -- C:\Windows\System32\SynTPAPI.dll [264432] O44 - LFC:[MD5.6E6279866916CF566E415D96D8AEDD86] - 01/10/2013 - 16:24:14 ---A- . (.Synaptics Incorporated - Synaptics Pointing Device Driver Co-Install.) -- C:\Windows\SysNative\SynTPCo18.dll [192240] O44 - LFC:[MD5.6E6279866916CF566E415D96D8AEDD86] - 01/10/2013 - 16:24:14 ---A- . (.Synaptics Incorporated - Synaptics Pointing Device Driver Co-Install.) -- C:\Windows\System32\SynTPCo18.dll [192240] O44 - LFC:[MD5.0F34FE968C91D02CE30D76C257F2BDA0] - 01/10/2013 - 16:24:14 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [495856] O44 - LFC:[MD5.EE328AF9D0EE740B2F9A3C58FEFA558C] - 02/10/2013 - 11:42:44 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [291392] O44 - LFC:[MD5.EE328AF9D0EE740B2F9A3C58FEFA558C] - 02/10/2013 - 11:42:44 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [291392] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/10/2013 - 17:45:26 ---A- . (...) -- C:\Windows\setuperr.log [0] O44 - LFC:[MD5.9C0C73F6C5E2271AC091180433093FF8] - 02/10/2013 - 17:45:45 ---A- . (...) -- C:\Windows\setupact.log [780] O44 - LFC:[MD5.F218A464D3B8E464D1178035C248D301] - 02/10/2013 - 17:46:49 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1997848] O44 - LFC:[MD5.F82D5CDA92346D047BB1A9E67B600C44] - 02/10/2013 - 17:46:49 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [158770] O44 - LFC:[MD5.ED6700911F231EB5C4B0AAD16FBCE203] - 02/10/2013 - 17:46:49 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [188684] O44 - LFC:[MD5.3BA114DF556D19D35351D13C1506EFE9] - 02/10/2013 - 17:46:49 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [775758] O44 - LFC:[MD5.8B37A28EF6BEDC3A0CE804D50BCAFB37] - 02/10/2013 - 17:46:49 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [875886] O44 - LFC:[MD5.F218A464D3B8E464D1178035C248D301] - 02/10/2013 - 17:46:49 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1997848] O44 - LFC:[MD5.F82D5CDA92346D047BB1A9E67B600C44] - 02/10/2013 - 17:46:49 ---A- . (...) -- C:\Windows\System32\perfc009.dat [158770] O44 - LFC:[MD5.ED6700911F231EB5C4B0AAD16FBCE203] - 02/10/2013 - 17:46:49 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [188684] O44 - LFC:[MD5.3BA114DF556D19D35351D13C1506EFE9] - 02/10/2013 - 17:46:49 ---A- . (...) -- C:\Windows\System32\perfh009.dat [775758] O44 - LFC:[MD5.8B37A28EF6BEDC3A0CE804D50BCAFB37] - 02/10/2013 - 17:46:49 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [875886] O44 - LFC:[MD5.37C3A17D7DDCBD67FB043EBD61CD9196] - 02/10/2013 - 20:12:33 ---A- . (...) -- C:\Windows\WindowsUpdate.log [118462] O44 - LFC:[MD5.5F92AC471922112E2395EB60637CDEA9] - 02/10/2013 - 20:15:33 ---A- . (...) -- C:\Windows\ntbtlog.txt [109860] O44 - LFC:[MD5.A90FCE85D6AA34F9613463EB0AEBBD66] - 02/10/2013 - 20:17:06 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.49A79382551888CA8F0EE02220F45F94] - 17/09/2013 - 23:46:53 ---A- . (.Microsoft Corporation - Central Kurdish Keyboard Layout.) -- C:\Windows\SysNative\KBDKURD.DLL [7168] O44 - LFC:[MD5.49A79382551888CA8F0EE02220F45F94] - 17/09/2013 - 23:46:53 ---A- . (.Microsoft Corporation - Central Kurdish Keyboard Layout.) -- C:\Windows\System32\KBDKURD.DLL [7168] O44 - LFC:[MD5.BBF7D04F71182799EAF280CE3397926B] - 17/09/2013 - 23:46:53 ---A- . (.Microsoft Corporation - Panneau de configuration d’affichage.) -- C:\Windows\SysNative\Display.dll [1184256] O44 - LFC:[MD5.BBF7D04F71182799EAF280CE3397926B] - 17/09/2013 - 23:46:53 ---A- . (.Microsoft Corporation - Panneau de configuration d’affichage.) -- C:\Windows\System32\Display.dll [1184256] O44 - LFC:[MD5.6695200F455E251F0BCC9CE4D0978D59] - 18/09/2013 - 00:58:13 ---A- . (.Microsoft Corporation - HID de contrôle à distance audio/vidéo Blue.) -- C:\Windows\System32\Drivers\BthAvrcpTg.sys [37632] O44 - LFC:[MD5.DF3E9EE1B400FA42839B80D9EF991C12] - 18/09/2013 - 00:58:14 ---A- . (.Microsoft Corporation - Bibliothèque d’utilitaires du service de di.) -- C:\Windows\SysNative\vdsutil.dll [190976] O44 - LFC:[MD5.DF3E9EE1B400FA42839B80D9EF991C12] - 18/09/2013 - 00:58:14 ---A- . (.Microsoft Corporation - Bibliothèque d’utilitaires du service de di.) -- C:\Windows\System32\vdsutil.dll [190976] O44 - LFC:[MD5.F87F4AAAF6664906248D11D5E579A53B] - 18/09/2013 - 00:58:15 ---A- . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\SysNative\DeviceSetupManager.dll [207872] O44 - LFC:[MD5.F87F4AAAF6664906248D11D5E579A53B] - 18/09/2013 - 00:58:15 ---A- . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [207872] O44 - LFC:[MD5.C52F0F33CCED69FC4C3F921198084F24] - 18/09/2013 - 00:58:15 ---A- . (.Microsoft Corporation - Tâche de l’analyseur d’expérience de compte.) -- C:\Windows\SysNative\MbaeParserTask.exe [80896] O44 - LFC:[MD5.C52F0F33CCED69FC4C3F921198084F24] - 18/09/2013 - 00:58:15 ---A- . (.Microsoft Corporation - Tâche de l’analyseur d’expérience de compte.) -- C:\Windows\System32\MbaeParserTask.exe [80896] O44 - LFC:[MD5.1ADCF0A490C2845637B334626669CD6F] - 18/09/2013 - 00:58:15 ---A- . (.Microsoft Corporation - USB XHCI Driver.) -- C:\Windows\System32\Drivers\USBXHCI.SYS [337152] O44 - LFC:[MD5.75BC56C8BDCDE2B22F8141F1ED8D9B63] - 18/09/2013 - 00:58:16 ---A- . (.Microsoft Corporation - Media Foundation ASF Source and Sink DLL.) -- C:\Windows\SysNative\mfasfsrcsnk.dll [1048576] O44 - LFC:[MD5.75BC56C8BDCDE2B22F8141F1ED8D9B63] - 18/09/2013 - 00:58:16 ---A- . (.Microsoft Corporation - Media Foundation ASF Source and Sink DLL.) -- C:\Windows\System32\mfasfsrcsnk.dll [1048576] O44 - LFC:[MD5.246612D5622F7BA13E87BA08D2F7489A] - 18/09/2013 - 00:58:16 ---A- . (.Microsoft Corporation - SAM Library DLL.) -- C:\Windows\SysNative\samlib.dll [106496] O44 - LFC:[MD5.246612D5622F7BA13E87BA08D2F7489A] - 18/09/2013 - 00:58:16 ---A- . (.Microsoft Corporation - SAM Library DLL.) -- C:\Windows\System32\samlib.dll [106496] O44 - LFC:[MD5.599B3F685A263A114FFAF3BE29C49C75] - 18/09/2013 - 00:58:16 ---A- . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\SysNative\audiosrv.dll [785408] O44 - LFC:[MD5.599B3F685A263A114FFAF3BE29C49C75] - 18/09/2013 - 00:58:16 ---A- . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\audiosrv.dll [785408] O44 - LFC:[MD5.4834158B8D06A153FADAB6B85320FBBE] - 18/09/2013 - 00:58:16 ---A- . (.Microsoft Corporation - USB Controller Extension.) -- C:\Windows\System32\Drivers\UCX01000.SYS [213248] O44 - LFC:[MD5.D16B3878E6401BE9720B6BF2515B8A69] - 18/09/2013 - 00:58:17 ---A- . (.Microsoft Corporation - Application de démarrage Reprise à partir d.) -- C:\Windows\SysNative\winresume.efi [1217352] O44 - LFC:[MD5.167A972F34BA572E34BB5225EE01B9BF] - 18/09/2013 - 00:58:17 ---A- . (.Microsoft Corporation - Application de démarrage Reprise à partir d.) -- C:\Windows\SysNative\winresume.exe [1093904] O44 - LFC:[MD5.D16B3878E6401BE9720B6BF2515B8A69] - 18/09/2013 - 00:58:17 ---A- . (.Microsoft Corporation - Application de démarrage Reprise à partir d.) -- C:\Windows\System32\winresume.efi [1217352] O44 - LFC:[MD5.167A972F34BA572E34BB5225EE01B9BF] - 18/09/2013 - 00:58:17 ---A- . (.Microsoft Corporation - Application de démarrage Reprise à partir d.) -- C:\Windows\System32\winresume.exe [1093904] O44 - LFC:[MD5.270030FDFF0E4020ADBCB67146FD154C] - 18/09/2013 - 00:58:17 ---A- . (.Microsoft Corporation - DLL du système de correspondance de couleur.) -- C:\Windows\SysNative\mscms.dll [583168] O44 - LFC:[MD5.270030FDFF0E4020ADBCB67146FD154C] - 18/09/2013 - 00:58:17 ---A- . (.Microsoft Corporation - DLL du système de correspondance de couleur.) -- C:\Windows\System32\mscms.dll [583168] O44 - LFC:[MD5.1B4488988E5E7512E6C5CD1255E9E973] - 18/09/2013 - 00:58:17 ---A- . (.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\SysNative\vds.exe [680960] O44 - LFC:[MD5.1B4488988E5E7512E6C5CD1255E9E973] - 18/09/2013 - 00:58:17 ---A- . (.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\System32\vds.exe [680960] O44 - LFC:[MD5.565F8845C182F3F6F885F66FAC3B1CFA] - 18/09/2013 - 00:58:18 ---A- . (.Microsoft Corporation - OS Loader.) -- C:\Windows\SysNative\winload.efi [1403296] O44 - LFC:[MD5.1392E73041AA8521F276428236C9FD1A] - 18/09/2013 - 00:58:18 ---A- . (.Microsoft Corporation - OS Loader.) -- C:\Windows\SysNative\winload.exe [1271584] O44 - LFC:[MD5.565F8845C182F3F6F885F66FAC3B1CFA] - 18/09/2013 - 00:58:18 ---A- . (.Microsoft Corporation - OS Loader.) -- C:\Windows\System32\winload.efi [1403296] O44 - LFC:[MD5.1392E73041AA8521F276428236C9FD1A] - 18/09/2013 - 00:58:18 ---A- . (.Microsoft Corporation - OS Loader.) -- C:\Windows\System32\winload.exe [1271584] O44 - LFC:[MD5.24F001EA87D6C0FF69922B7FB468B13C] - 18/09/2013 - 00:58:18 ---A- . (.Microsoft Corporation - XPS to GDI Converter.) -- C:\Windows\SysNative\XpsGdiConverter.dll [523264] O44 - LFC:[MD5.24F001EA87D6C0FF69922B7FB468B13C] - 18/09/2013 - 00:58:18 ---A- . (.Microsoft Corporation - XPS to GDI Converter.) -- C:\Windows\System32\XpsGdiConverter.dll [523264] O44 - LFC:[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - 18/09/2013 - 00:58:19 ---A- . (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\Windows\System32\Drivers\volsnap.sys [327936] O44 - LFC:[MD5.F51618F0CBA3D733560D816AF43AEE29] - 18/09/2013 - 00:58:20 ---A- . (.Microsoft Corporation - DLL Serveur SAM.) -- C:\Windows\SysNative\samsrv.dll [729600] O44 - LFC:[MD5.F51618F0CBA3D733560D816AF43AEE29] - 18/09/2013 - 00:58:20 ---A- . (.Microsoft Corporation - DLL Serveur SAM.) -- C:\Windows\System32\samsrv.dll [729600] O44 - LFC:[MD5.1B00B3C7FB636953B1059705290B502A] - 18/09/2013 - 00:58:20 ---A- . (.Microsoft Corporation - Media Foundation Core DLL.) -- C:\Windows\SysNative\mfcore.dll [1527808] O44 - LFC:[MD5.1B00B3C7FB636953B1059705290B502A] - 18/09/2013 - 00:58:20 ---A- . (.Microsoft Corporation - Media Foundation Core DLL.) -- C:\Windows\System32\mfcore.dll [1527808] O44 - LFC:[MD5.CA89380719E6F142366E1D5A74FAC928] - 18/09/2013 - 00:58:21 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\SysNative\ntoskrnl.exe [6987008] O44 - LFC:[MD5.CA89380719E6F142366E1D5A74FAC928] - 18/09/2013 - 00:58:21 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe [6987008] O44 - LFC:[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - 18/09/2013 - 00:58:22 ---A- . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe [2391280] O44 - LFC:[MD5.5170FF8948D9FBFA5386E7AC915B7A66] - 18/09/2013 - 00:58:24 ---A- . (.Microsoft Corporation - Bibliothèque principale du Gestionnaire de.) -- C:\Windows\SysNative\dwmcore.dll [2219520] O44 - LFC:[MD5.5170FF8948D9FBFA5386E7AC915B7A66] - 18/09/2013 - 00:58:24 ---A- . (.Microsoft Corporation - Bibliothèque principale du Gestionnaire de.) -- C:\Windows\System32\dwmcore.dll [2219520] O44 - LFC:[MD5.A10E176F3B2BF83EDE7B5C4658C93B66] - 19/09/2013 - 08:45:21 ---A- . (.Microsoft Corporation - Pilote NDIS 6.30.) -- C:\Windows\System32\Drivers\ndis.sys [997632] O44 - LFC:[MD5.2A3D9B20506EA5A940CBBD9940E4E738] - 22/09/2013 - 05:22:41 ---A- . (...) -- C:\{05D4050F-032A-4489-A59E-61F0779DD9CA} [2976] O44 - LFC:[MD5.F2B9635BDFB6C2715556626656883489] - 22/09/2013 - 06:12:55 ---A- . (...) -- C:\{8B6B87DC-942E-4595-8994-A7EB60D342DE} [2888] O44 - LFC:[MD5.21149AEBBA3EC069BCC8F47D0DE2F617] - 22/09/2013 - 07:05:10 ---A- . (...) -- C:\{12A1B4AB-66CE-4F4F-8B06-47CFB8D109E6} [2640] ~ Files: 74 Scanned in 00mn 05s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.0861EB781FC945B0C46CBE1A587FD8C4] - 01/10/2013 - 05:49:39 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-4DB88ADA.pf O45 - LFCP:[MD5.2C1DE33ABB37823D05E0818245605BE0] - 01/10/2013 - 05:49:44 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-CD4E002C.pf O45 - LFCP:[MD5.E69720B23DA83BCB01AF9EAF3544709C] - 01/10/2013 - 06:45:05 ---A- - C:\Windows\Prefetch\INCMAIL.EXE-32F9B55A.pf O45 - LFCP:[MD5.AA0A9A47861A5029D1B6C25E43446E88] - 01/10/2013 - 15:54:17 ---A- - C:\Windows\Prefetch\TASKKILL.EXE-ECD4FD3D.pf O45 - LFCP:[MD5.E59ED2DAFBE912A880E27C48B3E2C423] - 01/10/2013 - 15:55:23 ---A- - C:\Windows\Prefetch\HPSAOBJUTIL.EXE-654DEED6.pf O45 - LFCP:[MD5.DB398FDC4E8AB7A385177E52F068639D] - 01/10/2013 - 15:55:25 ---A- - C:\Windows\Prefetch\HPSAOBJUTIL7.EXE-BE8A4479.pf O45 - LFCP:[MD5.2E515746EF39178F6F5722E68CE6F9AF] - 01/10/2013 - 16:04:34 ---A- - C:\Windows\Prefetch\MOUNTVOL.EXE-84487FEE.pf O45 - LFCP:[MD5.8B58863A0C4F905A303555D03F98D17E] - 01/10/2013 - 16:39:08 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf O45 - LFCP:[MD5.46136BBDDC262AA462C7BD48956306AE] - 01/10/2013 - 16:39:08 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf O45 - LFCP:[MD5.095C3BEC4F6AD39F6246AE5206CBD78D] - 01/10/2013 - 16:39:08 ---A- - C:\Windows\Prefetch\LYRICSBUDDY-1-BG.EXE-859895F1.pf =>Adware.AddLyrics O45 - LFCP:[MD5.A124344BBEBF51412ED0266598B4AF5B] - 01/10/2013 - 17:02:26 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-94CE7668.pf O45 - LFCP:[MD5.B23F0A7CC05899E6CB4031F9B9DB4A36] - 01/10/2013 - 17:25:24 ---A- - C:\Windows\Prefetch\FARMFRENZYPIZZAPARTY.EXE-E4F4A29F.pf O45 - LFCP:[MD5.74F642581F8F27CCD7603D5D7EABC7DD] - 01/10/2013 - 17:30:18 ---A- - C:\Windows\Prefetch\BFGCLIENT.EXE-1BB4B44F.pf O45 - LFCP:[MD5.96AEA3A8A5C7E7B0E44AE05A8FE1B357] - 01/10/2013 - 17:30:42 ---A- - C:\Windows\Prefetch\MSPAINT.EXE-512C7E1E.pf O45 - LFCP:[MD5.B6F49934A546E41E0C6523DED681753E] - 01/10/2013 - 17:31:20 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-41C08A31.pf O45 - LFCP:[MD5.1550068242E9988D65F94E8A27848415] - 01/10/2013 - 17:32:12 ---A- - C:\Windows\Prefetch\WLSTARTUP.EXE-9F0A892A.pf O45 - LFCP:[MD5.994FD964AE62A08E64D2F5049D80B4F8] - 01/10/2013 - 17:33:04 ---A- - C:\Windows\Prefetch\OPENWITH.EXE-BA0DC300.pf O45 - LFCP:[MD5.76A739FC32D15A65D425F63C608260C5] - 01/10/2013 - 19:46:32 ---A- - C:\Windows\Prefetch\IMINENT.MESSENGERS.EXE-71459735.pf =>Adware.IMBooster O45 - LFCP:[MD5.0C1BA22F26C6B9A5E53FAE21D1D04728] - 01/10/2013 - 19:54:09 ---A- - C:\Windows\Prefetch\MBAM-SETUP-1.75.0.1300.TMP-4FD3C148.pf O45 - LFCP:[MD5.5B9F5D8E10F796FC67AA0417ED01B4F1] - 01/10/2013 - 19:54:11 ---A- - C:\Windows\Prefetch\MBAM-SETUP-1.75.0.1300.TMP-C9852190.pf O45 - LFCP:[MD5.047D4A46A775F676F0A420339D8C51FB] - 01/10/2013 - 19:59:56 ---A- - C:\Windows\Prefetch\MBAM.EXE-125A28F9.pf O45 - LFCP:[MD5.B0CB642A8C1CE8C95D21F5D1BFB52A5C] - 01/10/2013 - 20:07:33 ---A- - C:\Windows\Prefetch\SYSTEMSETTINGS.EXE-D8CC3B5E.pf O45 - LFCP:[MD5.F6BE03254F56DC424C247D17A6A3F889] - 01/10/2013 - 20:09:39 ---A- - C:\Windows\Prefetch\WLXPHOTOGALLERY.EXE-55FF63A1.pf O45 - LFCP:[MD5.93AAC305817387BDADC98444BA922C6C] - 01/10/2013 - 20:10:23 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-29741569.pf O45 - LFCP:[MD5.27E34FEA07AD6686E7322CF00109027C] - 01/10/2013 - 21:45:21 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-44194444.pf O45 - LFCP:[MD5.C0A6F33F70C8EF7A67F1310BB47DD969] - 01/10/2013 - 21:45:55 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-1A4CC1C3.pf O45 - LFCP:[MD5.D3466D1B90AEE0D38595F12FCF5D216D] - 01/10/2013 - 21:56:59 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-39AABA37.pf O45 - LFCP:[MD5.3CC2451B3A2FA0BE0CD25B7FD1C6EF0D] - 01/10/2013 - 22:00:33 ---A- - C:\Windows\Prefetch\DRIVERSCANNER.EXE-B0057537.pf O45 - LFCP:[MD5.37F6E56BF4D4B697108F591E2CFD3BE1] - 01/10/2013 - 22:05:35 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-5F7F692E.pf O45 - LFCP:[MD5.A57557E3CCA4679F5EB4D20075A0488F] - 01/10/2013 - 22:20:36 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-5B40D0F5.pf O45 - LFCP:[MD5.BE63CD4C172EA24C7F03BBB172904E2E] - 01/10/2013 - 22:20:43 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-27A5455F.pf O45 - LFCP:[MD5.F95A5319CB6E81F035D71DA22A0148DA] - 01/10/2013 - 22:43:25 ---A- - C:\Windows\Prefetch\CSRSS.EXE-A7A2B218.pf O45 - LFCP:[MD5.62B5C84E5F788E578CA11A1D2B526571] - 01/10/2013 - 22:43:26 ---A- - C:\Windows\Prefetch\SMSS.EXE-81AD91F0.pf O45 - LFCP:[MD5.B2EB454CDA1F7DED0D24A195B1294A3E] - 01/10/2013 - 22:43:36 ---A- - C:\Windows\Prefetch\WINLOGON.EXE-0D9AB72B.pf O45 - LFCP:[MD5.FAA957AA29AC02276D6C5EB3A629ABFC] - 02/10/2013 - 07:05:02 ---A- - C:\Windows\Prefetch\DWM.EXE-F29FE9E2.pf O45 - LFCP:[MD5.6C2954BE33875B0583B1DF806F0F659C] - 02/10/2013 - 07:05:04 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-F2C7AEBC.pf O45 - LFCP:[MD5.03BD8ADC84A47813D308147250272361] - 02/10/2013 - 07:05:32 ---A- - C:\Windows\Prefetch\SOFTWARECRASHHANDLER.EXE-5F240164.pf O45 - LFCP:[MD5.FEBC050CA6FBCCD39E6B67E3CCC91FA8] - 02/10/2013 - 07:06:00 ---A- - C:\Windows\Prefetch\TBNOTIFIER.EXE-7924204A.pf O45 - LFCP:[MD5.8C4F040485A4D12C6C848D9551E926F6] - 02/10/2013 - 07:06:41 ---A- - C:\Windows\Prefetch\AgCx_SC5.db O45 - LFCP:[MD5.3BD7DECF58CA00C71736B4896D5A8425] - 02/10/2013 - 07:21:01 ---A- - C:\Windows\Prefetch\SOFTWAREUPDATE.EXE-39F79F3B.pf O45 - LFCP:[MD5.9D4D6A03CDE15294EDC2550218F0CD01] - 02/10/2013 - 11:35:39 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-8D368B00.pf O45 - LFCP:[MD5.9BCE44AAB1E82B5BE057EFE71B95CBC2] - 02/10/2013 - 11:38:18 ---A- - C:\Windows\Prefetch\CCLEANER64.EXE-1137D9AC.pf =>Piriform Ltd O45 - LFCP:[MD5.4E3F0052EDCE8C3B39EA4DBB6072F92D] - 02/10/2013 - 11:40:47 ---A- - C:\Windows\Prefetch\ADWCLEANER.EXE-58A35F92.pf O45 - LFCP:[MD5.F35A146CF4B1B908BDCB60C1B0A128E3] - 02/10/2013 - 11:41:27 ---A- - C:\Windows\Prefetch\REG.EXE-6A8B6960.pf O45 - LFCP:[MD5.31328EB87FDFB514959699F14461738D] - 02/10/2013 - 11:44:19 ---A- - C:\Windows\Prefetch\UISTUB.EXE-6FEA6240.pf O45 - LFCP:[MD5.7F6096EDE835879A6A9E37ED74BDFF79] - 02/10/2013 - 11:48:57 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-79F0A261.pf O45 - LFCP:[MD5.10FACE06932B971499B19A03A32B74F1] - 02/10/2013 - 11:49:04 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-9047D469.pf O45 - LFCP:[MD5.7B5413FC9C6489DC6C1FF0188402CED8] - 02/10/2013 - 12:11:51 ---A- - C:\Windows\Prefetch\GFXUIEX.EXE-9CA5FF42.pf O45 - LFCP:[MD5.EF80F4DEECB98E4B5C0446FC505C2D84] - 02/10/2013 - 12:15:26 ---A- - C:\Windows\Prefetch\WINVER.EXE-9A71C259.pf O45 - LFCP:[MD5.1F6B01BD91EA662FFDBB5B8CF922C4D8] - 02/10/2013 - 12:49:30 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-443892C3.pf O45 - LFCP:[MD5.B315D8B83C8711FEA308878435643509] - 02/10/2013 - 12:49:30 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-BC5A91AB.pf O45 - LFCP:[MD5.50AE0B890C540DE1EC96DFD31D5936A6] - 02/10/2013 - 17:30:07 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-276AC160.pf O45 - LFCP:[MD5.BA16E3B503CF4C283021C82DAAB11120] - 02/10/2013 - 17:31:43 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5B401A7E.pf O45 - LFCP:[MD5.EB078DCA60EE63735E5AF3B14571EEC3] - 02/10/2013 - 17:31:57 ---A- - C:\Windows\Prefetch\FP_PL_PFS_INSTALLER.EXE-945154D7.pf O45 - LFCP:[MD5.A7BE0A93554E285890622F68B3AF0C92] - 02/10/2013 - 17:32:00 ---A- - C:\Windows\Prefetch\CMD.EXE-CD245F9E.pf O45 - LFCP:[MD5.131DFB763DE382271D064F628B1D19E4] - 02/10/2013 - 17:32:00 ---A- - C:\Windows\Prefetch\INSTALLFLASHPLAYER.EXE-6AE830D7.pf O45 - LFCP:[MD5.FCF70B340E886B0A5B8442062824B1E5] - 02/10/2013 - 17:32:08 ---A- - C:\Windows\Prefetch\CMD.EXE-2EB3E6E2.pf O45 - LFCP:[MD5.F99F5CAE2CBE2903B1B85C9F4343E446] - 02/10/2013 - 17:32:19 ---A- - C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-E510713D.pf O45 - LFCP:[MD5.C7D9A186B176B700392A8D054B684BF8] - 02/10/2013 - 17:32:20 ---A- - C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_8_800_16-B0E978DF.pf O45 - LFCP:[MD5.8EB145FE9536D373718898164E629726] - 02/10/2013 - 17:42:57 ---A- - C:\Windows\Prefetch\CLTRT.EXE-CE1303C7.pf O45 - LFCP:[MD5.DEEC6DA18024D6FE2E2E8485B976CE68] - 02/10/2013 - 17:45:34 ---A- - C:\Windows\Prefetch\DRVINST.EXE-26FFA444.pf O45 - LFCP:[MD5.0D132DA8C65585168371FB40284CD4C1] - 02/10/2013 - 17:45:34 ---A- - C:\Windows\Prefetch\DSMUSERTASK.EXE-D4A83970.pf O45 - LFCP:[MD5.E2DC7C50B13F6C40FA557B105179B6F0] - 02/10/2013 - 17:46:50 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-E35F76FB.pf O45 - LFCP:[MD5.1815619F4587902C9F92D95952E4305C] - 02/10/2013 - 17:46:55 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-574A519D.pf O45 - LFCP:[MD5.8D929319A9BE43D0608CEB6C0986F1F1] - 02/10/2013 - 17:46:55 ---A- - C:\Windows\Prefetch\VSSVC.EXE-206E55B3.pf O45 - LFCP:[MD5.A39D5419403F358CCD83A64387A4CA12] - 02/10/2013 - 17:46:57 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-4A7CF88B.pf O45 - LFCP:[MD5.9CE550D702B5A6AC47F65C589F005435] - 02/10/2013 - 17:47:01 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-7D20CFB0.pf O45 - LFCP:[MD5.5B656582A4EEE01D3CA9444BA28B42E9] - 02/10/2013 - 17:48:07 ---A- - C:\Windows\Prefetch\VCREDIST_X86.EXE-47CCD9CF.pf O45 - LFCP:[MD5.B6E6E06B03E9E4D9842325F7FF988D1A] - 02/10/2013 - 17:48:10 ---A- - C:\Windows\Prefetch\INSTALL.EXE-233FE0EF.pf O45 - LFCP:[MD5.A9ED044BE8223299E9DF17CF3D0FD3C8] - 02/10/2013 - 17:54:35 ---A- - C:\Windows\Prefetch\COOLSENSE.EXE-73AEAC0D.pf O45 - LFCP:[MD5.95785A4F3312A1B56CE38594B27B87F6] - 02/10/2013 - 17:54:42 ---A- - C:\Windows\Prefetch\Op-EXPLORER.EXE-03C49D11-000000F5.pf O45 - LFCP:[MD5.9B09D8AFEAF5C1C6CBED7E1D5D5EEAE0] - 02/10/2013 - 17:56:48 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-B331F1D0.pf O45 - LFCP:[MD5.7A6CA5DB426805A381920FD804948F9C] - 02/10/2013 - 17:58:37 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EE2FB4D9.pf O45 - LFCP:[MD5.842A67A4F3D45D0BA41CC20490BC9224] - 02/10/2013 - 18:01:30 ---A- - C:\Windows\Prefetch\WUDFHOST.EXE-0D78D366.pf O45 - LFCP:[MD5.3A76871504F41F3B11783B6B410D1BE3] - 02/10/2013 - 18:02:02 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-B28CC291.pf O45 - LFCP:[MD5.7AA4E133EF00ECF67C3C055F82B61BD0] - 02/10/2013 - 18:04:14 ---A- - C:\Windows\Prefetch\RAVBG64.EXE-B555701F.pf O45 - LFCP:[MD5.7B5A1740AEAAF9F015F9B0EEBA5E0DDA] - 02/10/2013 - 18:04:15 ---A- - C:\Windows\Prefetch\ATBROKER.EXE-8B8F7F7C.pf O45 - LFCP:[MD5.5959791EB11C2EAF4D9DDD2F06410434] - 02/10/2013 - 18:04:24 ---A- - C:\Windows\Prefetch\USERINIT.EXE-7FD17ED1.pf O45 - LFCP:[MD5.9F3673F91F46EB47B2D7B041B08EEC6A] - 02/10/2013 - 18:04:29 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf O45 - LFCP:[MD5.3E94A9A3D05BD694807B60121666EE57] - 02/10/2013 - 18:04:37 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-E874B0D0.pf O45 - LFCP:[MD5.8AABF215EF08F8C5B632A3E5D2FE46B0] - 02/10/2013 - 18:04:48 ---A- - C:\Windows\Prefetch\ECBL-SG.EXE-C6CFF3DD.pf O45 - LFCP:[MD5.3086D4A118F2B2411C9E65BDE51147B2] - 02/10/2013 - 18:07:30 ---A- - C:\Windows\Prefetch\SETTINGSYNCHOST.EXE-DD400067.pf O45 - LFCP:[MD5.5382AE489F7ED47EE6304A99BC019DB5] - 02/10/2013 - 18:10:47 ---A- - C:\Windows\Prefetch\CLTLMH.EXE-810A302E.pf O45 - LFCP:[MD5.3F7FDF2CBE7FCBBAB897FB985FDBED3B] - 02/10/2013 - 18:14:12 ---A- - C:\Windows\Prefetch\TASKHOSTEX.EXE-7356AAC0.pf O45 - LFCP:[MD5.2E5A22F9FE583767AD1272A1E0BCDB28] - 02/10/2013 - 18:14:17 ---A- - C:\Windows\Prefetch\Layout.ini O45 - LFCP:[MD5.B23832F558654579F24BFDBD0FBB26E7] - 02/10/2013 - 18:18:22 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-985C34E6.pf O45 - LFCP:[MD5.B98E1A1C451A6563E3770BE71F46FC51] - 02/10/2013 - 18:19:20 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C1C2EFBE.pf O45 - LFCP:[MD5.AA05BA0710D60F134045D3C13EB2F4C1] - 02/10/2013 - 18:26:01 ---A- - C:\Windows\Prefetch\PRESENTATIONFONTCACHE.EXE-E2702CF2.pf O45 - LFCP:[MD5.18213E3385FE027CD64AFD83D5168690] - 02/10/2013 - 18:29:29 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-23868455.pf O45 - LFCP:[MD5.AA619E400AA530CB6A5ABB79EF7E63F6] - 02/10/2013 - 18:29:29 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-56CF237D.pf O45 - LFCP:[MD5.E9C52F577457654BDC560BC9D31DAA2C] - 02/10/2013 - 18:39:54 ---A- - C:\Windows\Prefetch\CONTROL.EXE-5BCB0217.pf O45 - LFCP:[MD5.1DD37B2A4432C1883F0954FE478864FE] - 02/10/2013 - 18:39:54 ---A- - C:\Windows\Prefetch\SLUI.EXE-0A399C03.pf O45 - LFCP:[MD5.E7690382F6A76FCA3D02B0371B464046] - 02/10/2013 - 18:51:05 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C7028A70.pf O45 - LFCP:[MD5.B330CF6F18CDC5EC2FB8D0D86EA3DC12] - 02/10/2013 - 18:55:53 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-D687BE54.pf O45 - LFCP:[MD5.13B2206FB012737BB0C40C89C859684D] - 02/10/2013 - 18:57:44 ---A- - C:\Windows\Prefetch\SYMERR.EXE-E8E6C194.pf O45 - LFCP:[MD5.5B80759DE13CDBED4D63C6CC61B348D7] - 02/10/2013 - 19:04:42 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-9848A323.pf O45 - LFCP:[MD5.F3AE3C52FB763D304C9A0D5256D93FD8] - 02/10/2013 - 19:04:42 ---A- - C:\Windows\Prefetch\ZHPDIAG2-2013.10.2.3.TMP-9A597A53.pf O45 - LFCP:[MD5.572066A9FC916B94B974832FD8D4E1D4] - 02/10/2013 - 19:04:44 ---A- - C:\Windows\Prefetch\ZHPDIAG2-2013.10.2.3.EXE-B1E89FB8.pf O45 - LFCP:[MD5.B9FEB3035EB34D22C4187AA096C5256B] - 02/10/2013 - 19:04:44 ---A- - C:\Windows\Prefetch\ZHPDIAG2-2013.10.2.3.TMP-B080A82E.pf O45 - LFCP:[MD5.3DF40052E153355E1FF8F1B2795F0D52] - 02/10/2013 - 19:04:49 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-210D3DBE.pf O45 - LFCP:[MD5.7CD670BEFABF73D13DFE7DF7AD7442ED] - 02/10/2013 - 19:04:51 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-38926D07.pf O45 - LFCP:[MD5.F5D64B2B45AD0649C5CFF058F7ED9E68] - 02/10/2013 - 19:15:33 ---A- - C:\Windows\Prefetch\ASOELNCH.EXE-186E13A3.pf O45 - LFCP:[MD5.C01D593BF4592198E1A6058EC75C36BE] - 02/10/2013 - 19:16:04 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5511E724.pf O45 - LFCP:[MD5.A61035DEF922FE35A7857D08B1AC41DF] - 02/10/2013 - 19:20:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-23205583.pf O45 - LFCP:[MD5.E612E494960AE5A42B22A86292267A4B] - 02/10/2013 - 19:24:37 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-B018CCBF.pf O45 - LFCP:[MD5.39D122BD26026F1CC68B00CCBCADD987] - 02/10/2013 - 19:24:38 ---A- - C:\Windows\Prefetch\TIWORKER.EXE-375F3D59.pf O45 - LFCP:[MD5.746A015FB08C93D286D8B50B8A4BD53C] - 02/10/2013 - 19:25:05 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-E0E5E52F.pf O45 - LFCP:[MD5.2545A6F17A50200DEF50060C09220C44] - 02/10/2013 - 19:50:17 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx O45 - LFCP:[MD5.6BB6DBED119D9B7EF4368487E9659E42] - 02/10/2013 - 19:51:17 ---A- - C:\Windows\Prefetch\AgCx_SC1.db O45 - LFCP:[MD5.6443E9143DF892AC979DB539436ED6EC] - 02/10/2013 - 19:54:19 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2641700954-3712719194-3779541605-1001.db O45 - LFCP:[MD5.F6D4248585747BFB982674F5C240E1E2] - 02/10/2013 - 19:54:19 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2641700954-3712719194-3779541605-1001.db O45 - LFCP:[MD5.C582368EE49FA988594530AF45C177D1] - 02/10/2013 - 19:58:10 ---A- - C:\Windows\Prefetch\THUMBNAILEXTRACTIONHOST.EXE-C3FB8861.pf O45 - LFCP:[MD5.CCBBCFCA1440D742B2BCFA6E7F38E2BA] - 02/10/2013 - 19:58:12 ---A- - C:\Windows\Prefetch\IGFXTRAY.EXE-21BDFE68.pf O45 - LFCP:[MD5.3E07EEB011CF75BD8F6F57F25F97C829] - 02/10/2013 - 19:58:12 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-EF8503D3.pf O45 - LFCP:[MD5.794A68055BA4D56E289B5AE73FAB9B6B] - 02/10/2013 - 19:58:13 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-C6CFE2A8.pf O45 - LFCP:[MD5.74245E09B8304640C72C3769F669EB81] - 02/10/2013 - 19:58:20 ---A- - C:\Windows\Prefetch\IGFXSRVC.EXE-F41E6E8E.pf O45 - LFCP:[MD5.0B382AA0DA26C19CD5D3F8F3C027ED22] - 02/10/2013 - 19:58:21 ---A- - C:\Windows\Prefetch\HKCMD.EXE-15DC91D5.pf O45 - LFCP:[MD5.B60820503B11855BA20120D62035C92C] - 02/10/2013 - 19:58:21 ---A- - C:\Windows\Prefetch\SMRTADPTR.EXE-9A49AE8F.pf O45 - LFCP:[MD5.5B2E984A020DDCE57C93D0B2EC1A7631] - 02/10/2013 - 19:58:22 ---A- - C:\Windows\Prefetch\IGFXPERS.EXE-82C794F2.pf O45 - LFCP:[MD5.252E357860A24D0DF9041F1738A2992E] - 02/10/2013 - 19:58:23 ---A- - C:\Windows\Prefetch\ICCPROXY.EXE-68151F3B.pf O45 - LFCP:[MD5.2CFDD04294A5367A45C4FB02C31C69E1] - 02/10/2013 - 19:58:23 ---A- - C:\Windows\Prefetch\RTKNGUI64.EXE-9E7DB4C9.pf O45 - LFCP:[MD5.7561785D0B877BB23B1E41B2D631A719] - 02/10/2013 - 19:58:24 ---A- - C:\Windows\Prefetch\SYNTPENH.EXE-2DD080ED.pf O45 - LFCP:[MD5.5772A4F3948945EA5B358E8E6BE0FED6] - 02/10/2013 - 19:58:30 ---A- - C:\Windows\Prefetch\HPQWMIEX.EXE-8CE5A739.pf O45 - LFCP:[MD5.3A496474151ABF0B17B98A63826B4538] - 02/10/2013 - 19:58:31 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-528BC649.pf O45 - LFCP:[MD5.B3F7DE1944CDDF1954912218A0D2B55C] - 02/10/2013 - 19:58:34 ---A- - C:\Windows\Prefetch\RUNTIMEBROKER.EXE-17E2786F.pf O45 - LFCP:[MD5.0B6E78D943A1B00834D0961F8CCBFAF3] - 02/10/2013 - 19:58:36 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6AA5D6C5.pf O45 - LFCP:[MD5.96F2B5DA39DE695A8E1389CC750550FC] - 02/10/2013 - 19:58:57 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-29D61DAB.pf O45 - LFCP:[MD5.561A6F26C72C0D6C72EDDDA1735CDB2C] - 02/10/2013 - 19:59:02 ---A- - C:\Windows\Prefetch\AgCx_SC4.db O45 - LFCP:[MD5.2D5A9549802DA3BE0942630F20318AA9] - 02/10/2013 - 19:59:12 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-62E5E10F.pf O45 - LFCP:[MD5.7012B852B4DFFEACCB93CB330735B35D] - 02/10/2013 - 19:59:20 ---A- - C:\Windows\Prefetch\GAMESAPPINTEGRATIONSERVICE.EX-D44D8C89.pf O45 - LFCP:[MD5.A70E37AFD145991F518E211EA842A0D6] - 02/10/2013 - 19:59:22 ---A- - C:\Windows\Prefetch\HPSA_SERVICE.EXE-1776F51A.pf O45 - LFCP:[MD5.65B68D09E465C8771EFF7EB5740F1A68] - 02/10/2013 - 19:59:25 ---A- - C:\Windows\Prefetch\IASTORDATAMGRSVC.EXE-9F640626.pf O45 - LFCP:[MD5.0505374A48DB25AAF3A17BA3D87BBBE9] - 02/10/2013 - 19:59:25 ---A- - C:\Windows\Prefetch\INTELMEFWSERVICE.EXE-265333D9.pf O45 - LFCP:[MD5.D725D82055E0577DB7599C1AF4A0BFAF] - 02/10/2013 - 19:59:29 ---A- - C:\Windows\Prefetch\LMS.EXE-409EDB07.pf O45 - LFCP:[MD5.B5A19022A8C2338BF1B728B95851F19F] - 02/10/2013 - 19:59:32 ---A- - C:\Windows\Prefetch\CCSVCHST.EXE-DFB7FC90.pf O45 - LFCP:[MD5.94E6FD7AD37DB225E590872589C1F8C1] - 02/10/2013 - 19:59:33 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-7B160CA5.pf O45 - LFCP:[MD5.A1026941A250DA92F22828A042577450] - 02/10/2013 - 19:59:39 ---A- - C:\Windows\Prefetch\CONHOST.EXE-F98A1078.pf O45 - LFCP:[MD5.BD3CC6DAFB1FA007D1C2EBC0A7B2606D] - 02/10/2013 - 19:59:39 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-6520183E.pf O45 - LFCP:[MD5.1DF19B510A6D390EF6D4A70CBA6B8571] - 02/10/2013 - 19:59:44 ---A- - C:\Windows\Prefetch\CCSVCHST.EXE-DFB7FC8F.pf O45 - LFCP:[MD5.85E137273559F34CD3B6F6C66CEB1F3F] - 02/10/2013 - 19:59:46 ---A- - C:\Windows\Prefetch\UNS.EXE-9B1279FB.pf O45 - LFCP:[MD5.10A6E28387391A8B534209964103D0F5] - 02/10/2013 - 19:59:49 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-13D172B9.pf O45 - LFCP:[MD5.D72851666D45056297F379B9849F2C66] - 02/10/2013 - 20:01:09 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-7D63BB4C.pf O45 - LFCP:[MD5.EFDC416302251006CF40CCC1D0B228D0] - 02/10/2013 - 20:01:15 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-10E4267C.pf O45 - LFCP:[MD5.F7156CBA02BA7080253695034C8BFEFA] - 02/10/2013 - 20:02:17 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-BB49B536.pf O45 - LFCP:[MD5.D3E684AAE16D1720A006A3E0828042F2] - 02/10/2013 - 20:02:34 ---A- - C:\Windows\Prefetch\CONSENT.EXE-2D674CE4.pf O45 - LFCP:[MD5.90595B4D768881A628F11357B7A86FAC] - 02/10/2013 - 20:02:39 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50AF0BCC.pf O45 - LFCP:[MD5.0D07007D9012732FF3993FA00BC117EA] - 02/10/2013 - 20:02:44 ---A- - C:\Windows\Prefetch\MSCONFIG.EXE-97CC4E38.pf O45 - LFCP:[MD5.343865F5AFDB66548F7F83628AEF1AF4] - 02/10/2013 - 20:03:00 ---A- - C:\Windows\Prefetch\AgRobust.db O45 - LFCP:[MD5.C99EF165136C73C57D40396BB23218F9] - 02/10/2013 - 20:03:00 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin O45 - LFCP:[MD5.04409D2D48381764E004E469CBCC8A43] - 02/10/2013 - 20:03:01 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db O45 - LFCP:[MD5.FE2ED754D392F968482B4B2D7AFB0E21] - 02/10/2013 - 20:03:01 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db O45 - LFCP:[MD5.BAE7787156611D558330F7B235C1420C] - 02/10/2013 - 20:03:02 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db O45 - LFCP:[MD5.F92FAAADDB9A7F879AD2E324A8A03CAE] - 09/09/2013 - 11:06:34 ---A- - C:\Windows\Prefetch\AgAppLaunch.db O45 - LFCP:[MD5.DD9E3A8CD78187E0A1C0A1F72AE768A8] - 15/09/2013 - 16:55:51 ---A- - C:\Windows\Prefetch\AgCx_SC2.db O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 18/08/2143 - 21:21:34 ----D - C:\Windows\Prefetch\ReadyBoot O45 - LFCP:[MD5.A3689684D52124869489C15EBFF0425E] - 19/09/2013 - 01:59:56 ---A- - C:\Windows\Prefetch\JEU_LOGIC_O_TRESOR.EXE-461545ED.pf O45 - LFCP:[MD5.18912F8D70B9414F1944E94AD68101F9] - 19/09/2013 - 02:02:03 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-6E21F4B4.pf O45 - LFCP:[MD5.B9C313E867587527BA791D7F4341E6B2] - 19/09/2013 - 05:10:27 ---A- - C:\Windows\Prefetch\CCLEANER_4-05-4250_FR_14492 (-5061CA02.pf =>Piriform Ltd O45 - LFCP:[MD5.14D9BA7EE00031241B71E177743739E6] - 21/09/2013 - 00:29:04 ---A- - C:\Windows\Prefetch\SETUP.EXE-8CB0D306.pf O45 - LFCP:[MD5.D63DD7513A5D7E4139F639E1AF22A067] - 21/09/2013 - 00:29:25 ---A- - C:\Windows\Prefetch\SETUP.EXE-8D503696.pf O45 - LFCP:[MD5.0B9011AF2F2DE18E1CD2B22655BA3314] - 21/09/2013 - 00:29:59 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC.TMP-503CC896.pf =>Rogue.SpeedUpMyPC O45 - LFCP:[MD5.4B09E0A205483FDA44DFD239FB29B337] - 21/09/2013 - 00:30:09 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-1043E700.pf O45 - LFCP:[MD5.6F263A88BB133E699157A3B02C9158A7] - 21/09/2013 - 00:30:41 ---A- - C:\Windows\Prefetch\MYDELTATB.EXE-60AC3C5B.pf =>Toolbar.DeltaSearch O45 - LFCP:[MD5.65B9853D878912FACBD9EA24DB7CDC1F] - 21/09/2013 - 14:22:24 ---A- - C:\Windows\Prefetch\SETUP (1).EXE-DAFD4428.pf O45 - LFCP:[MD5.5EB2DAFD362E0FC0772D080915F68E76] - 21/09/2013 - 14:23:10 ---A- - C:\Windows\Prefetch\PRICEPEEP_1.EXE-7BB45C5A.pf =>Adware.PricePeep O45 - LFCP:[MD5.7F4E89044E0D8D12A4E3979F414489DE] - 21/09/2013 - 14:23:20 ---A- - C:\Windows\Prefetch\DRIVERSCANNER.TMP-208BA48F.pf O45 - LFCP:[MD5.A18066800A32DDC2F82B3CB5BFD5262D] - 21/09/2013 - 14:25:24 ---A- - C:\Windows\Prefetch\SETUP (2).EXE-406FB565.pf O45 - LFCP:[MD5.D1FDBB89B0B9239F043D71B4FD3A9B84] - 21/09/2013 - 14:25:33 ---A- - C:\Windows\Prefetch\SETUP (2).EXE-4A4900EC.pf O45 - LFCP:[MD5.6E1DB4D94E0499E5A7F26CFDFA1B1BF8] - 21/09/2013 - 14:25:50 ---A- - C:\Windows\Prefetch\DEALPLY.EXE-D97ADC7A.pf =>PUP.DealPly O45 - LFCP:[MD5.26499FA41EB6C0D989133CD5DF7EEFC3] - 21/09/2013 - 14:25:53 ---A- - C:\Windows\Prefetch\UNINST.EXE-380B4DC7.pf O45 - LFCP:[MD5.D38EF9545B628FDB0C4DB24C5343FF33] - 21/09/2013 - 14:25:55 ---A- - C:\Windows\Prefetch\DRIVERPRO.TMP-A30DA7B8.pf O45 - LFCP:[MD5.2179A167B6E3AE2F40BC3B9917DEB7A9] - 21/09/2013 - 18:30:55 ---A- - C:\Windows\Prefetch\DRIVERPRO.EXE-F535C3DD.pf O45 - LFCP:[MD5.EFE65215D74E703B96E37DA714847C5C] - 21/09/2013 - 23:50:34 ---A- - C:\Windows\Prefetch\JEU_PETIT_BAC_SOLO_FREE.EXE-6A55E109.pf O45 - LFCP:[MD5.4648000DCE05E4D9DA1866572311069E] - 23/09/2013 - 02:32:44 ---A- - C:\Windows\Prefetch\CRAZYEIGHTS.EXE-C4A19A8B.pf O45 - LFCP:[MD5.3F1E809F804D95545DD557EBD649465A] - 23/09/2013 - 02:36:50 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-7CDC3CC2.pf O45 - LFCP:[MD5.D747C2B40C1C882094EED721E6392434] - 23/09/2013 - 04:43:41 ---A- - C:\Windows\Prefetch\SIGNUP WIZARD.EXE-9554BD21.pf O45 - LFCP:[MD5.76808CB5A5ACE3F38666F37197FAE67D] - 23/09/2013 - 04:45:05 ---A- - C:\Windows\Prefetch\MYPC BACKUP.EXE-D2D9F9B9.pf =>PUP.MyPCBackup O45 - LFCP:[MD5.0C4B291B2789A786851F8C5F87047B04] - 23/09/2013 - 06:18:10 ---A- - C:\Windows\Prefetch\AGEOFADVENTURE_PLAYINGTHEHERO-939A65F5.pf O45 - LFCP:[MD5.DB9F7E19B12A667BF41DD10B7F792C7D] - 24/09/2013 - 08:12:53 ---A- - C:\Windows\Prefetch\BU_.EXE-722DCF7A.pf O45 - LFCP:[MD5.6C3DB8A7E7FCFD7D43A3521CF71A1FC8] - 25/09/2013 - 04:48:16 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-F0516D55.pf O45 - LFCP:[MD5.A576CB61DAB0BF90B06D5DF8AF379502] - 26/09/2013 - 07:41:39 ---A- - C:\Windows\Prefetch\SETUP.EXE-F7FCC127.pf O45 - LFCP:[MD5.E23D72080418B3C87E8CAE11DA2D60F2] - 26/09/2013 - 07:41:53 ---A- - C:\Windows\Prefetch\SETUP.EXE-D49AEA31.pf O45 - LFCP:[MD5.86C12A2BD98B59D39D49DECDFD7E805D] - 26/09/2013 - 07:42:44 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC.TMP-F2ED843F.pf =>Rogue.SpeedUpMyPC O45 - LFCP:[MD5.8F953495E6AEB7B3B3260135CD79EE99] - 26/09/2013 - 07:43:16 ---A- - C:\Windows\Prefetch\SETUP.EXE-2A39FF86.pf O45 - LFCP:[MD5.07EB6EB1D4226B4EEC698B093D7C837B] - 26/09/2013 - 07:43:33 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC-STANDALONE-SETUP.-DC19391F.pf =>Rogue.SpeedUpMyPC O45 - LFCP:[MD5.21787B8EF3C42D6B9B89AF767335C013] - 26/09/2013 - 23:24:38 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-9178D9A9.pf O45 - LFCP:[MD5.D7594BA6341B9BD608D6563C3E97760F] - 26/09/2013 - 23:25:34 ---A- - C:\Windows\Prefetch\CRAZYEIGHTS.EXE-66915D35.pf O45 - LFCP:[MD5.A6C72B04F787D4C20661FDCC3E42A83D] - 29/09/2013 - 19:54:31 ---A- - C:\Windows\Prefetch\GLCND.EXE-E78A3D46.pf O45 - LFCP:[MD5.B5182E545C6AA86A89A482C5762272B2] - 30/09/2013 - 14:15:11 ---A- - C:\Windows\Prefetch\dynreservedpri.db O45 - LFCP:[MD5.42ED572EE04C216F3C234C3B56B67F48] - 30/09/2013 - 14:42:55 ---A- - C:\Windows\Prefetch\SYSTEMPROPERTIESADVANCED.EXE-E62A92DA.pf O45 - LFCP:[MD5.6EF47820076075F5FC61216161DD80EB] - 30/09/2013 - 14:43:05 ---A- - C:\Windows\Prefetch\SYSTEMPROPERTIESPROTECTION.EX-9E926287.pf O45 - LFCP:[MD5.5D0B30C6C33B102E1CBB4D823D1EA862] - 30/09/2013 - 14:43:11 ---A- - C:\Windows\Prefetch\SYSTEMPROPERTIESREMOTE.EXE-A8B3EF40.pf O45 - LFCP:[MD5.8C485BEEF914A44D70032A8E27D6FFE6] - 30/09/2013 - 14:49:50 ---A- - C:\Windows\Prefetch\FILESCOUT.EXE-81AF65D1.pf O45 - LFCP:[MD5.986B10818C82946E2F0E355AD2CE6B41] - 30/09/2013 - 14:52:01 ---A- - C:\Windows\Prefetch\SETUP-STUB.EXE-91F642F8.pf O45 - LFCP:[MD5.F68438C21C994A5650DD20D1B6D330CE] - 30/09/2013 - 14:52:37 ---A- - C:\Windows\Prefetch\MAINTENANCESERVICE_INSTALLER.-A809585F.pf O45 - LFCP:[MD5.2013323E3ED34E8CAE9F2B0D256E1B1D] - 30/09/2013 - 17:04:37 ---A- - C:\Windows\Prefetch\UNINS000.EXE-8FFE38A7.pf O45 - LFCP:[MD5.0C9257912A2CB4451934654CD253B47F] - 30/09/2013 - 17:04:37 ---A- - C:\Windows\Prefetch\_IU14D2N.TMP-8901CCAA.pf O45 - LFCP:[MD5.6539ED49A6E5622287F882FE96AEE613] - 30/09/2013 - 17:14:26 ---A- - C:\Windows\Prefetch\DEVICEPAIRINGWIZARD.EXE-177F0FF1.pf O45 - LFCP:[MD5.ED590ECB88258572F01DF104267D311A] - 30/09/2013 - 17:15:14 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-8423D9C3.pf O45 - LFCP:[MD5.B64BE127609DC585FEE77373B5661385] - 30/09/2013 - 17:15:46 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-AC024951.pf O45 - LFCP:[MD5.841847EE2432C936244819A8533E68A2] - 30/09/2013 - 17:19:34 ---A- - C:\Windows\Prefetch\OPTIONALFEATURES.EXE-C0AF40DB.pf O45 - LFCP:[MD5.D33E97DCADFE404D1D841FF2BA25CF5F] - 30/09/2013 - 17:26:55 ---A- - C:\Windows\Prefetch\COLORCPL.EXE-E82188C0.pf O45 - LFCP:[MD5.3F3DE8A9C36A99C2C3357F8870FFB31E] - 30/09/2013 - 17:37:24 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-26794071.pf O45 - LFCP:[MD5.6CDAE6A3E84D17BC5CAE10FC783E34DD] - 30/09/2013 - 17:38:17 ---A- - C:\Windows\Prefetch\PHOTOSCREENSAVER.SCR-57F154DF.pf O45 - LFCP:[MD5.4DB473A8A42FE35B172D221458D9E84E] - 30/09/2013 - 17:42:16 ---A- - C:\Windows\Prefetch\AU_.EXE-F12E4045.pf O45 - LFCP:[MD5.C23FF61571080419A3F859842F76C9C3] - 30/09/2013 - 17:49:26 ---A- - C:\Windows\Prefetch\SNIPPINGTOOL.EXE-74818B88.pf O45 - LFCP:[MD5.D6C38FE42A1A0C0EEDC3781CDB356460] - 30/09/2013 - 18:24:54 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-E9A1C1E9.pf O45 - LFCP:[MD5.2FA8147058AF934EB8736BCEE0ACDFB7] - 30/09/2013 - 18:24:59 ---A- - C:\Windows\Prefetch\USERACCOUNTCONTROLSETTINGS.EX-550E3008.pf O45 - LFCP:[MD5.E73E0CFF32D23EE4709901442E4E174D] - 30/09/2013 - 18:25:40 ---A- - C:\Windows\Prefetch\MSDT.EXE-A16F1692.pf O45 - LFCP:[MD5.3431379BB2A232808E172ECECEEAEE44] - 30/09/2013 - 18:26:31 ---A- - C:\Windows\Prefetch\MBLCTR.EXE-F3BFFABE.pf O45 - LFCP:[MD5.A87686D06BA14D6DEAC8BBD80A9EB959] - 30/09/2013 - 18:28:03 ---A- - C:\Windows\Prefetch\HELPPANE.EXE-5A92E3D5.pf O45 - LFCP:[MD5.A722B6AD3FE149C95AB6F3141156D9F1] - 30/09/2013 - 18:36:00 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-8F219C2F.pf O45 - LFCP:[MD5.23BC2FD381DF3A447EB85DA6F67D8389] - 30/09/2013 - 18:41:39 ---A- - C:\Windows\Prefetch\LAUNCHER.EXE-5771ECC8.pf O45 - LFCP:[MD5.7B101A8F4CECC072F7899D326A1DE9ED] - 30/09/2013 - 18:52:24 ---A- - C:\Windows\Prefetch\OPERA.EXE-90AE2409.pf O45 - LFCP:[MD5.E88ADE1D47496E1079AA227CAEAB0C52] - 30/09/2013 - 18:58:39 ---A- - C:\Windows\Prefetch\MMC.EXE-57FA7470.pf ~ Prefetcher: 215 Scanned in 00mn 03s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll ~ LSA: 9 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 17 Scanned in 00mn 00s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 17 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 ~ MWPE Keys: 3 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.4F18D4C7EA14F11A7211F60D553C03DB] - 26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [106736] ~ Drivers: 17 Scanned in 00mn 00s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 02/10/2013 - 07:14:14 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\AD2F1837.GettingStartedwithWindows8_v10z8vjag6ke6\Settings\settings.dat [8192] O61 - LFC: 02/10/2013 - 07:14:14 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\AD2F1837.HPConnectedPhotopoweredbySnapfish_v10z8vjag6ke6\Settings\settings.dat [8192] O61 - LFC: 02/10/2013 - 07:14:15 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\AD2F1837.HPGames_v10z8vjag6ke6\Settings\settings.dat [262144] O61 - LFC: 02/10/2013 - 07:14:16 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\AD2F1837.HPRegistration_v10z8vjag6ke6\Settings\settings.dat [8192] O61 - LFC: 02/10/2013 - 07:14:17 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\CyberLinkCorp.hs.YouCamforHP_06qsbagp91rvg\Settings\settings.dat [8192] O61 - LFC: 02/10/2013 - 07:14:18 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\eBayInc.eBay_1618n3s9xq8tw\Settings\settings.dat [8192] O61 - LFC: 02/10/2013 - 07:14:20 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\Settings\settings.dat [262144] O61 - LFC: 02/10/2013 - 07:14:20 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 02/10/2013 - 07:14:21 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 02/10/2013 - 07:14:22 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 02/10/2013 - 07:14:23 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 02/10/2013 - 07:14:23 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 02/10/2013 - 07:14:24 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 02/10/2013 - 07:14:25 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\Microsoft.Camera_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 02/10/2013 - 07:14:25 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\Microsoft.Media.PlayReadyClient_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 02/10/2013 - 07:14:26 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\microsoft.microsoftskydrive_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 02/10/2013 - 07:14:28 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\Settings\settings.dat [262144] O61 - LFC: 02/10/2013 - 07:14:28 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\Settings\settings.dat [8192] O61 - LFC: 02/10/2013 - 07:14:29 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\Microsoft.VCLibs.110.00_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 02/10/2013 - 07:14:30 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\Microsoft.WinJS.1.0_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 02/10/2013 - 07:14:31 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\Settings\settings.dat [262144] O61 - LFC: 02/10/2013 - 07:14:31 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\Settings\settings.dat [262144] O61 - LFC: 02/10/2013 - 07:14:32 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\Settings\settings.dat [262144] O61 - LFC: 02/10/2013 - 07:14:32 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\SymantecCorporation.NortonStudio_v68kp9n051hdp\Settings\settings.dat [8192] O61 - LFC: 02/10/2013 - 07:14:33 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\Settings\settings.dat [8192] O61 - LFC: 02/10/2013 - 07:14:34 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\WinStore_cw5n1h2txyewy\Settings\settings.dat [8192] O61 - LFC: 02/10/2013 - 11:38:47 ---A- . (...) -- C:\Users\marie\AppData\Roaming\Opera Software\Opera Stable\History [299008] O61 - LFC: 02/10/2013 - 11:38:48 ---A- . (...) -- C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\History [311296] O61 - LFC: 02/10/2013 - 11:40:26 ---A- . (...) -- C:\Users\marie\Downloads\adwcleaner.exe [1045226] O61 - LFC: 02/10/2013 - 11:41:27 ---A- . (...) -- C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\preferences [143835] O61 - LFC: 02/10/2013 - 11:43:46 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\23659c5108c2d2a3\120712-0049\DBStore\edb.chk [8192] O61 - LFC: 02/10/2013 - 12:12:32 ---A- . (...) -- C:\Users\marie\AppData\Local\Intel_Corporation\GfxUIEx.exe_Url_pid13cxzvy1ivbtinqdinsz1omfrwsew\8.15.10.3055\user.config [1913] O61 - LFC: 02/10/2013 - 17:31:27 ---A- . (.Adobe Systems Incorporated.) -- C:\Users\marie\AppData\Local\Temp\fp_pl_pfs_installer.exe [17750408] O61 - LFC: 02/10/2013 - 17:57:08 ---A- . (...) -- C:\Users\marie\AppData\Local\Temp\MicroImageDir\023.JPG [470336] O61 - LFC: 02/10/2013 - 19:04:15 ---A- . (.Nicolas Coolman.) -- C:\Users\marie\Downloads\ZHPDiag2-2013.10.2.3.exe [6827699] =>.Nicolas Coolman O61 - LFC: 02/10/2013 - 19:54:23 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveCommLast.etl [262144] O61 - LFC: 02/10/2013 - 20:02:57 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm.etl [131072] O61 - LFC: 02/10/2013 - 20:02:57 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\23659c5108c2d2a3\120712-0049\DBStore\livecomm.edb [6307840] O61 - LFC: 02/10/2013 - 20:02:57 ---A- . (...) -- C:\Users\marie\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Settings\settings.dat [262144] O61 - LFC: 02/10/2013 - 20:16:25 -SHA- . (...) -- C:\Users\marie\AppData\Roaming\Microsoft\Protect\S-1-5-21-2641700954-3712719194-3779541605-1001\fe4f729f-8be7-4fde-874f-d12ba87f2e39 [468] ~ 2 Fichiers temporaires (Temporary files) ~ Files: 40 Scanned in 00mn 09s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ FASS Keys: 19 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {CF3274AF-D165-43D1-BC19-F94B03539B53} - (Ask Search) - http://www.search.ask.com O69 - SBI: SearchScopes [HKCU] {D944BB61-2E34-4DBF-A683-47E505C587DC} - (eBay) - http://rover.ebay.com O69 - SBI: SearchScopes [HKCU] {E5F4546E-1A7F-43D2-A784-EBA409F750F9} - (Propositions de recherche Amazon.fr) - http://www.amazon.fr ~ Keys: Scanned in 00mn 00s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [190976] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [309248] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1366016] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1156096] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99840] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll [358400] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [107520] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [62976] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [438784] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [305664] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [3275776] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [826368] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [565760] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [894464] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [151552] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [105472] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1285632] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [219648] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [80896] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [134144] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [291328] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84992] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [97792] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [190976] O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1964544] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [47104] O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [207872] O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll [161792] O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [180224] ~ Services: 34 Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.171F1BB73D0238A7A56126D3459ECDCD] [SPRF][15/10/2008] (...) -- C:\Users\marie\AppData\Local\Temp\Extract.exe [50432] [MD5.B8A414CEB3D448EDCD7E6041EB92B452] [SPRF][02/10/2013] (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller 11.8 r800.) -- C:\Users\marie\AppData\Local\Temp\fp_pl_pfs_installer.exe [17750408] [MD5.9182C3ECAB695D72C5937499705D68FB] [SPRF][01/10/2013] (...) -- C:\Users\marie\AppData\Local\Temp\Quarantine.exe [344601] [MD5.972032F9CA03B3DA1EF34E3E9BD43F71] [SPRF][14/09/2013] (.FLVMPlayer - FLV Media Player Setup.) -- C:\Users\marie\Desktop\FLVMPlayer.exe [4953944] ~ Files: 4 Scanned in 00mn 00s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "vm-monitoring-rpc" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "vm-monitoring-dcom" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Netlogon-TCP-RPC-In" | In - None - P6 - FALSE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "ProximityUxHost-Sharing-In-TCP-NoScope" | In - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe O87 - FAEL: "ProximityUxHost-Sharing-Out-TCP-NoScope" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-DAS-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnPHost-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-DAS-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PlayTo-In-UDP-NoScope" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-In-UDP-LocalSubnetScope" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-Out-UDP-NoScope" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-Out-UDP-LocalSubnetScope" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-In-RTSP-NoScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-In-RTSP-LocalSubnetScope" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-In-RTSP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-SSDP-Discovery-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PlayTo-QWave-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PlayTo-QWave-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PlayTo-QWave-In-TCP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PlayTo-QWave-Out-TCP-PlayToScope" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "TPMVSCMGR-Server-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe O87 - FAEL: "TPMVSCMGR-Server-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "TPMVSCMGR-Server-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe O87 - FAEL: "TPMVSCMGR-Server-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-TERMSRV-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{A26EE119-BA23-4306-88C7-8291B3751065}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe O87 - FAEL: "{E095A28A-6253-43AA-BE6B-92458A6BA38C}" | Out - None - P6 - TRUE | .(.Meridian Audio Ltd - HP Connected Music.) -- C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe O87 - FAEL: "{9E4649D1-2BE3-474F-B045-51C04B18D2CC}" | In - None - P6 - TRUE | .(.Meridian Audio Ltd - HP Connected Music.) -- C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe O87 - FAEL: "{F111DB7B-3E4A-4F0C-B028-BD2638292206}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector 10.) -- C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exe O87 - FAEL: "{CC10019E-4A31-41EB-A708-A7D710BE141A}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{E056B158-EF81-4957-AFB6-B02D467C9743}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{5D486E78-8372-4FE0-9EAD-5BCA1AE46C5B}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "{CD2E7C15-5512-4A06-BC17-D83FE0E68CF7}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{16EE8AE7-3B9C-4D01-A951-60BA542CBE17}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{849ECC16-3109-461D-BCDB-55F3EF1B38ED}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{D31363B1-DD50-4712-9805-C3D00E58492B}" | Out - Private - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{97A47485-A08D-404B-8A94-3282F646A9F0}" |Out - Private - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{0EDF6AF2-5933-4A08-BBE6-EE3797FD0E47}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{50603480-CC0F-4640-9468-8749F2145AC3}" |Out - Private - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{9F862091-0504-40FF-92D3-9DF93A7F0658}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{2023B065-20EC-49C4-B423-D571E6FB9518}" | Out - Private - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{C2929908-293A-4B2A-B808-143179A63F16}" | Out - Private - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{46E069C6-5968-45EA-ABC9-1796D8C5AFF8}" | In - Private - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{F61EBA3D-50B4-4249-AC50-C303D47D3249}" | Out - Private - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{DA9F85ED-896C-4EF0-8F98-83A80D23B712}" | In - Private - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{61C8234F-9347-4453-93BF-BF4581FC436E}" | Out - Private - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{42DEA56C-AB83-4F36-BCBC-D43E296A6759}" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{1DD55870-57FC-4D6D-A485-A27D568D3BF1}" | Out - Private - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{0AC86B13-0C64-49AB-AD9F-E834D1C693A2}" | In - Private - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{24D9CCA1-B7F0-4322-8C64-F4DE19EF5EF9}" | In - Private - P6 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe O87 - FAEL: "{96BE028C-52D3-4783-8979-21B5E1866478}" | In - Private - P17 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe O87 - FAEL: "{B8D49D74-22EB-4DDC-B047-3A7110AE4531}" | In - Private - P6 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe O87 - FAEL: "{EA1D4728-433F-4D59-9D25-FAC4618223F6}" | In - Private - P17 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe O87 - FAEL: "{9DB86424-6C10-42B9-B421-0823D27EC14A}" | In - Private - P6 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe O87 - FAEL: "{22D79AFC-E57E-48B7-884D-982D68E10597}" | In - Private - P17 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe O87 - FAEL: "{51E24A45-59E6-448F-B981-BDC10B580015}" | In - Private - P6 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Tray Application.) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe O87 - FAEL: "{C1B052ED-DE73-4914-85EB-6FA8FB51133D}" | In - Private - P17 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Tray Application.) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe O87 - FAEL: "{6A74DAD7-535B-4AB6-8D48-365EE8290F14}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "{C729AD61-BDFD-4317-A33A-FB993C8BE682}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "{92BB0D23-CF15-4FFE-BE45-D6F9F744B5B2}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe O87 - FAEL: "{460CFC2C-270F-4D4E-BFEA-0D8176464687}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe O87 - FAEL: "{36BBA7B8-A9A7-458A-BC48-D7020A99499E}" | In - None - P17 - TRUE | .(.Hewlett-Packard Company - HP Device Detection.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe O87 - FAEL: "{C18A0D4C-933B-4DB5-BBAA-BED58F399D3B}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDVD 10.0.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.exe ~ Firewall: 226 Scanned in 00mn 01s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "00005109831090400000000000F01FEC" . (.Microsoft Office.) -- C:\windows\Installer\{90150000-0138-0409-0000-0000000FF1CE}\firstrun.exe O90 - PUC: "0694AF70830BBE9498B1F95939A05A44" . (.HP Customer Experience Enhancements.) -- C:\windows\Installer\{07FA4960-B038-49EB-891B-9F95930AA544}\ARPPRODUCTICON.exe O90 - PUC: "114202EE62C28E947948B11CBD7FED69" . (.HP Support Assistant.) -- C:\windows\Installer\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\ARPPRODUCTICON.exe =>.Hewlett-Packard Co O90 - PUC: "14053424D2337365007A7A857BC03000" . (.Ask Toolbar.) -- C:\Windows\Installer\{42435041-332D-5637-00A7-A758B70C0300}\ToolbarIcon.exe =>Toolbar.Ask O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon O90 - PUC: "2B0163E6D0340BE4183EB2758E9BEDD8" . (.Bonjour.) -- C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\Bonjour.ico O90 - PUC: "2D6F4B0BEA2FA1544969F6F2A698B723" . (.PowerDirector.) -- C:\Windows\Installer\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\ARPPRODUCTICON.exe O90 - PUC: "42C6FBF1Df1C10144AB2C065F4E9E897" . (.Media Suite.) -- C:\Windows\Installer\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\ARPPRODUCTICON.exe O90 - PUC: "49C22FC2963140C4A9F54ACBD6195B80" . (.IncrediMail.) -- C:\Windows\Installer\{2CF22C94-1369-4C04-9A5F-A4BC6D91B508}\ARPPRODUCTICON.exe O90 - PUC: "4E06D72C23133A547AA13EDBD13A7F49" . (.HP System Event Utility.) -- C:\windows\Installer\{C27D60E4-3132-45A3-A71A-E3BD1DA3F794}\_853F67D554F05449430E7E.exe O90 - PUC: "56573393E0336ba49AEACA180E27B001" . (.PhotoDirector.) -- C:\Windows\Installer\{39337565-330E-4ab6-A9AE-AC81E0720B10}\ARPPRODUCTICON.exe O90 - PUC: "69A9FA1138D6B3C4D8BC61AEA253E8F3" . (.HP CoolSense.) -- C:\windows\Installer\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}\_853F67D554F05449430E7E.exe O90 - PUC: "701043F6AA9F6C745BC43C1AF91155F3" . (.Hewlett-Packard ACLM.NET v1.2.1.1.) -- C:\windows\Installer\{6F340107-F9AA-47C6-B54C-C3A19F11553F}\ARPPRODUCTICON.exe O90 - PUC: "7C43C21609E58D74B9C5F017D78D7262" . (.swMSM.) -- C:\windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe O90 - PUC: "7D2F8E1D497754242B6878DE681C98C3" . (.HP Registration Service.) -- C:\Windows\Installer\{D1E8F2D7-7794-4245-B286-87ED86C1893C}\ARPPRODUCTICON.exe O90 - PUC: "80573EA1E980CA1459DB99FF6088C7F2" . (.HP Recovery Manager.) -- C:\windows\Installer\{1AE37508-089E-41AC-95BD-99FF06887C2F}\_853F67D554F05449430E7E.exe O90 - PUC: "8994BF104C33134458DE70E9E3FE7ED5" . (.YouCam.) -- C:\Windows\Installer\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\ARPPRODUCTICON.exe O90 - PUC: "B05CCF18F0593604E8A49DC9AAF4BBF1" . (.Iminent.) -- C:\Windows\Installer\{81FCC50B-950F-4063-8E4A-D99CAA4FBB1F}\imbooster.ico =>Adware.IMBooster O90 - PUC: "BBE73237F62B82647845E4EF65D3279E" . (.HP Utility Center.) -- C:\Windows\Installer\{73237EBB-B26F-4628-8754-4EFE563D72E9}\_853F67D554F05449430E7E.exe O90 - PUC: "BC993E9FF640DF546AF7FC93E912824E" . (.HP 3D DriveGuard.) -- C:\Windows\Installer\{F9E399CB-046F-45FD-A67F-CF399E2128E4}\controlPanelIcon.exe O90 - PUC: "C971C95CD8669A946BAE1012CCCF2134" . (.LabelPrint.) -- C:\Windows\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe O90 - PUC: "D4ADA0CF5AF82544A8FF0F0AAB9CE77F" . (.Energy Star.) -- C:\Windows\Installer\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}\_853F67D554F05449430E7E.exe O90 - PUC: "D84D78A2FDF3df1479DC1A3E07FEFF2E" . (.Power2Go.) -- C:\Windows\Installer\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\ARPPRODUCTICON.exe O90 - PUC: "D96ED149EEC61714F8F1D3E753A24A89" . (.HP Wireless Button Driver.) -- C:\Windows\Installer\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}\ARPPRODUCTICON.exe O90 - PUC: "DE532CED4A8571542A874CE1D8EABAB3" . (.PowerDVD.) -- C:\Windows\Installer\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\ARPPRODUCTICON.exe O90 - PUC: "DF42B2AC01EE9B240B94AA0862E8E712" . (.Boxore Client.) -- C:\Windows\Installer\{CA2B24FD-EE10-42B9-B049-AA80268E7E21}\boxore.ico =>Adware.Boxore O90 - PUC: "E9F4949B9AE507C4F98356F9E5C6B03F" . (.HP Quick Start.) -- C:\Windows\Installer\{B9494F9E-5EA9-4C70-9F38-659F5E6C0BF3}\HPQuickLaunchIcon O90 - PUC: "F3B6C14B257FAE64CB642FD6A31D748B" . (.HP Documentation.) -- C:\Windows\Installer\{B41C6B3F-F752-46EA-BC46-F26D3AD147B8}\NotebookDocs.exe ~ Update Products: 68 Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.C84C35B3ED26F11A04F50874B40AA5E8] [WIS][09/09/2013] (.IncrediMail - IncrediMail.) -- C:\Windows\Installer\10ab3a4.msi [2687488] [MD5.AF4D3E3C14A82065B15E1DE0DE29F79C] [WIS][16/08/2013] (.APN, LLC - Ask Toolbar.) -- C:\Windows\Installer\12a8519.msi [461312] =>Toolbar.Ask [MD5.B30273F8BC9043B004778D133ADC7655] [WIS][19/09/2013] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\1f19e3e9.msi [28672] =>Toolbar.Google ~ WIS: 66 Scanned in 00mn 05s ---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 02/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Auto 18/11/2009 98208 | (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe SS - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SS - | Demand 12/03/2013 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe SS - | Auto 06/09/2013 240736 | (GamesAppIntegrationService) . (.WildTangent.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe SS - | Auto 09/09/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 09/09/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 19/09/2013 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Auto 27/09/2012 86528 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co SS - | Demand 05/11/2012 1001376 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe SS - | Auto 24/09/2012 31040 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe SS - | Auto 01/02/2013 1039160 | (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe SS - | Auto 10/04/2013 15344 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe SS - | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe SS - | Auto 10/12/2012 732160 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe SS - | Demand 10/12/2012 803872 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe SS - | Auto 14/01/2013 131032 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe SS - | Auto 14/01/2013 165336 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe SS - | Auto 14/01/2013 279000 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe SS - | Demand 11/09/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Auto 21/05/2013 144368 | (NIS) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe SS - | Auto 20/02/2013 239176 | (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe SS - | Auto 14/01/2013 366040 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe SS - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SS - | Auto 23/03/2013 29696 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 08s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Run by marie at 02/10/2013 21:19:30 ~ OS 64 not supported by MBR tool ~ MBR: 0 Scanned in 00mn 00s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by marie at 02/10/2013 21:19:32 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 12932 - (02/10/2013) Clés trouvées (Keys found) : 18 Valeurs trouvées (Values found) : 1 Dossiers trouvés (Folders found) : 7 Fichiers trouvés (Files found) : 16 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42435041-332D-5637-00A7-7A786E7484D7}] =>Toolbar.Ask^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4D91-8333-CF10577473F7}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{42435041-332D-5637-00A7-A758B70C0300}] =>Toolbar.Ask^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VideoPlayer] =>PUP.VAFPlayer^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster [HKLM\Software\Classes\IncrediSpooler.DeltaSync] =>Toolbar.DeltaSearch [HKLM\Software\Classes\IncrediSpooler.DeltaSync.1] =>Toolbar.DeltaSearch [HKLM\Software\Wow6432Node\Classes\IncrediSpooler.DeltaSync] =>Toolbar.DeltaSearch [HKLM\Software\Wow6432Node\Classes\IncrediSpooler.DeltaSync.1] =>Toolbar.DeltaSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^ [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^ C:\Users\marie\AppData\Roaming\Mozilla\Firefox\Profiles\w41zx5gs.default\jid1-FCM5fDwCW5M3AQ@jetpack =>Spyware.SmartDisplay^ C:\Users\marie\AppData\Local\Software =>Adware.Boxore C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb =>Adware.PricePeep C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa =>Spyware.SmartDisplay C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp =>Toolbar.Wajam C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn =>Adware.Downware C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google^ C:\Program Files (x86)\VideoPlayer\VAFPlayer.exe =>PUP.VAFPlayer^ C:\Windows\Prefetch\LYRICSBUDDY-1-BG.EXE-859895F1.pf =>Adware.AddLyrics^ C:\Windows\Prefetch\IMINENT.MESSENGERS.EXE-71459735.pf =>Adware.IMBooster^ C:\Windows\Prefetch\SPEEDUPMYPC.TMP-503CC896.pf =>Rogue.SpeedUpMyPC^ C:\Windows\Prefetch\MYDELTATB.EXE-60AC3C5B.pf =>Toolbar.DeltaSearch^ C:\Windows\Prefetch\PRICEPEEP_1.EXE-7BB45C5A.pf =>Adware.PricePeep^ C:\Windows\Prefetch\DEALPLY.EXE-D97ADC7A.pf =>PUP.DealPly^ C:\Windows\Prefetch\MYPC BACKUP.EXE-D2D9F9B9.pf =>PUP.MyPCBackup^ C:\Windows\Prefetch\SPEEDUPMYPC.TMP-F2ED843F.pf =>Rogue.SpeedUpMyPC^ C:\Windows\Prefetch\SPEEDUPMYPC-STANDALONE-SETUP.-DC19391F.pf =>Rogue.SpeedUpMyPC^ C:\Windows\Installer\{42435041-332D-5637-00A7-A758B70C0300}\ToolbarIcon.exe =>Toolbar.Ask^ C:\Windows\Installer\{81FCC50B-950F-4063-8E4A-D99CAA4FBB1F}\imbooster.ico =>Adware.IMBooster^ C:\Windows\Installer\{CA2B24FD-EE10-42B9-B049-AA80268E7E21}\boxore.ico =>Adware.Boxore^ C:\Windows\Installer\12a8519.msi =>Toolbar.Ask^ C:\Windows\Installer\1f19e3e9.msi =>Toolbar.Google^ ~ Additionnel Scan: 296307 Items scanned in 00mn 12s ---\\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/32662245-spyware-smartdisplay =>Spyware.SmartDisplay ~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask ~ http://nicolascoolman.webs.com/apps/blog/show/32384220-toolbar-google =>Toolbar.Google ~ http://nicolascoolman.webs.com/apps/blog/show/30392620-pup-vafplayer =>PUP.VAFPlayer ~ http://nicolascoolman.webs.com/apps/blog/show/31473015-adware-seesimilar =>Adware.SeeSimilar ~ http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics =>Adware.AddLyrics ~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster ~ http://nicolascoolman.webs.com/apps/blog/show/33047509-rogue-speedupmypc =>Rogue.SpeedUpMyPC ~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch ~ http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply =>PUP.DealPly ~ http://nicolascoolman.webs.com/apps/blog/show/32174815-pup-mypcbackup =>PUP.MyPCBackup ~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore ~ http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd ~ http://nicolascoolman.webs.com/apps/blog/show/27379491-toolbar-wajam =>Toolbar.Wajam ~ http://nicolascoolman.webs.com/apps/blog/show/26690384-adware-downware =>Adware.Downware ~ MSI: 15 link(s) detected in 00mn 12s End of the scan (1764 lines in 02mn 56s)(0)