Rapport de ZHPDiag v2013.5.16.126 par Nicolas Coolman, Update du 16/05/2013
Run by anaisa at 17/05/2013 19:27:28
WebSite: http://nicolascoolman.wix.com/nicolascoolman
State : Version à jour.
WhiteList : Disable
High Elevated Privileges : OK
UAC : Deactivate by program


---\\ Web Browser
MSIE: Internet Explorer v10.0.9200.16540
GCIE: Google Chrome v26.0.1410.64 (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows 8 Home Premium Edition, 64-bit  (Build 9200)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : M4DHT
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Protection
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Internet Security Suite v11.6.477
Windows Defender W8

---\\ System Optimizer

---\\ Peer To Peer (P2P)

---\\ Software Update
Java 7 Update 21

---\\ System Information
~ Processor: AMD64 Family 20 Model 2 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3800 MB (64% free)
System Restore: Activé (Enable)
System drive C: has 785 GB (84%) free of 923 GB

---\\ Logged in mode
~ Computer Name: JOELAFRITE
~ User Name: anaisa
~ All Users Names: HomeGroupUser$, anaisa, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\anaisa\AppData\Roaming\
~ %Desktop% : C:\Users\anaisa\Desktop\
~ %Favorites% : C:\Users\anaisa\Favorites\
~ %LocalAppData% : C:\Users\anaisa\AppData\Local\
~ %StartMenu% : C:\Users\anaisa\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 785 Go of 923 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 924 Go of 924 Go)
E:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 27 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.E13A31D5254C25406A7946BDD9B06364] - (.Microsoft Corporation - Explorateur Windows.) (.11/10/2012 - 08:35:16.) -- C:\Windows\Explorer.exe [2380944]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.753C0848AE7872A3F59663078A517293] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/02/2013 - 11:15:07.) -- C:\Windows\System32\wininet.dll [2240512]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.36D6A3201721558A8AFBCC09C2DA4C2C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.06/11/2012 - 04:53:44.) -- C:\Windows\system32\Drivers\AFD.sys [560640]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.26/07/2012 - 05:57:09.) -- C:\Windows\system32\Drivers\volsnap.sys [332016]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes Favoris (My Favorites) : 1/7
~ Mes Documents (My Documents) : 1/4
~ Mon Bureau (My Desktop) : 2/1958
~ Menu demarrer (Programs) : 1/25
~ Hidden Files:  Scanned in 00mn 03s



---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe   [532040] [PID.2632]
[MD5.280B64F6BFCEDE6D67D261EB808AA617] - (.Acer Incorporated - Hotkey Utility.) -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe   [524944] [PID.3100]
[MD5.D9C8DC2D7EC28E3FF25C99EF17C8631A] - (...) -- C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe   [2787280] [PID.1548]   =>Toolbar.Babylon
[MD5.2A6C01BAC0F8AA9143D61AE1E28E263A] - (.Yontoo LLC - Yontoo Desktop.) -- C:\Users\anaisa\AppData\Roaming\Yontoo\YontooDesktop.exe   [42784] [PID.4224]   =>PUP.Yontoo
[MD5.8B9C04225DBB4AF1F55F325FBE2BDDB2] - (.Smartbar - Smartbar.) -- C:\Users\anaisa\AppData\Local\Smartbar\Application\QuickShare.exe   [20248] [PID.4420]   =>Hijacker.SmartBar
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [253816] [PID.4756]
[MD5.A1B303E029EE731119B1D985677FFAD2] - (.Ask - Ask Updater.) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe   [1646216] [PID.4808]
[MD5.E659E38D2D51DF5817C91D7386920C7E] - (.CyberLink - MediaEspresso DeviceDetector.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe   [995856] [PID.1800]
[MD5.4E9592BB2C100E571F82640E59E9ECD5] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [1312720] [PID.5600]
[MD5.5E8F572B4F267FB2B7E05F62A3537B3F] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [7363072] [PID.1204]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://feed.snap.do   =>Hijacker.SmartBar
G0 - GCSP: Preference [User Data\Default] http://www.google.fr
G2 - GCE: Preference [User Data\Default] [aaaaojmikegpiepcfdkkjaplodkpfmlo] Ask Toolbar v.7.15.23.42079 (Désactivé)   =>Toolbar.Ask
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Chrome Web Store v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Documents Google v.0.5 (Activé)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [egljojpdbafibmmbdcemkdcdahloclop] Gouttes de pluie(Lite) v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [fheoggkfdfchfphceeifdbepaooicaho] SiteAdvisor v.3.60.126.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)
~ Google Browser: 16 Scanned in 00mn 19s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\mcafee\msc\npMcSnFFPl64.dll
~ Firefox Browser: 1 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snap.do   =>Hijacker.SmartBar
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do   =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do   =>Hijacker.SmartBar
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 13 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: QuickShare WidgetEngine [64Bits] - {31ad400d-1b06-4e33-a59a-90c2c140cba0} . (...) -- mscoree.dll (.not file.)   =>PUP.QuickShare
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: McAfee SiteAdvisor BHO [64Bits] - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
O2 - BHO: Ask Toolbar BHO [64Bits] - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll   =>Toolbar.Ask
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers [64Bits] - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} . (.Yontoo LLC - Yontoo Runtime.) -- C:\Program Files (x86)\Yontoo\YontooIEClient.dll   =>PUP.Yontoo
~ BHO: 6 Scanned in 00mn 01s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: McAfee SiteAdvisor Toolbar [64Bits] - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
O3 - Toolbar: QuickShare Widget [64Bits] - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll   =>PUP.QuickShare
~ Toolbar:  Scanned in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 
O4 - HKCU\..\Run: [Yontoo Desktop] . (.Yontoo LLC - Yontoo Desktop.) -- C:\Users\anaisa\AppData\Roaming\Yontoo\YontooDesktop.exe   =>PUP.Yontoo
O4 - HKCU\..\Run: [Browser Infrastructure Helper] . (.Smartbar - Smartbar.) -- C:\Users\anaisa\AppData\Local\Smartbar\Application\QuickShare.exe   =>Hijacker.SmartBar
O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe 
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe 
O4 - HKLM\..\Wow6432Node\Run: [Norton Online Backup] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe 
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 
O4 - HKLM\..\Wow6432Node\Run: [ApnUpdater] . (.Ask - Ask Updater.) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe 
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe 
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe 
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe 
O4 - HKUS\S-1-5-21-1106754654-3922961964-2480603745-1001\..\Run: [Yontoo Desktop] . (.Yontoo LLC - Yontoo Desktop.) -- C:\Users\anaisa\AppData\Roaming\Yontoo\YontooDesktop.exe   =>PUP.Yontoo
O4 - HKUS\S-1-5-21-1106754654-3922961964-2480603745-1001\..\Run: [Browser Infrastructure Helper] . (.Smartbar - Smartbar.) -- C:\Users\anaisa\AppData\Local\Smartbar\Application\QuickShare.exe   =>Hijacker.SmartBar
~ Application:  Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{26783010-BD78-4B77-BDA0-740AC7B786CD}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{48DA6262-177D-432D-AB59-E19ED2F6B8BA}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{26783010-BD78-4B77-BDA0-740AC7B786CD}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{48DA6262-177D-432D-AB59-E19ED2F6B8BA}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service:  (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: BrowserProtect (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe   =>Toolbar.Babylon
O23 - Service: CCDMonitorService (CCDMonitorService) . (.Acer Incorporated - CCD Monitor Service.) - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Patch Tool..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service:  (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service:  (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
O23 - Service: McAfee Application Statistics Service (MfeASUM) . (.McAfee, Inc. - McAfee Application Statistics Service.) - C:\Program Files\McAfee\AppStats\MfeASUM.exe
O23 - Service: McAfee Firewall Core Service (mfefire) . (.McAfee, Inc. - McAfee Core Firewall Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Servi (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\windows\system32\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service:  (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Norton Online Backup (NOBU) . (.Symantec Corporation - Norton Online Backup Service.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: Software Updater (SrvUpdater) . (.Pas de propriétaire - Updater.) - C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe   =>PUP.Eorezo
O23 - Service:  (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (.not file.)
~ Services: 21 Scanned in 00mn 11s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job   [1086]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1090]
[MD5.B1298BDD59EC1F6FA718FE475FA17798] [APT] [ALU] (...) -- C:\Program Files (x86)\Acer\Live Updater\updater.exe   [3331216]
[MD5.BD0BA490E0300E859DB99DA3AB024371] [APT] [ALUAgent] (...) -- C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe   [39568]
[MD5.E659E38D2D51DF5817C91D7386920C7E] [APT] [DeviceDetector] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe   [995856]
[MD5.4942FBE3BA93C1536EC775A0104C11E9] [APT] [EgisUpdate] (.Egis Technology Inc..) -- C:\Program Files\EgisTec IPS\EgisUpdate.exe   [202832]
[MD5.65F00E976FCF8C01D5C2B5295AEC41A6] [APT] [GoforFilesUpdate] (.http://www.goforfiles.com/.) -- C:\Program Files (x86)\GoforFiles\GFFUpdater.exe   [364112]   =>P2P.GoforFiles
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [116648]
[MD5.280B64F6BFCEDE6D67D261EB808AA617] [APT] [Hotkey Utility] (.Acer Incorporated.) -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe   [524944]
[MD5.773C84EA68CF5359A6B4C82D6A96A938] [APT] [PMMUpdate] (.Egis Technology Inc..) -- C:\Program Files\EgisTec IPS\PMMUpdate.exe   [467024]
[MD5.5659ADFFA101D3AC0C62CED889991357] [APT] [Power Management] (.Acer Incorporated.) -- C:\Program Files\Acer\Acer Power Management\ePowerTray.exe   [5294736]
[MD5.AEF195FC98A19DB3BAF3A88D8708AFBF] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe   [137864]   =>Toolbar.Ask
[MD5.8604A437D7D02F522957F69A381CFC26] [APT] [Notification] (.Acer Incorporated.) -- C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe   [521872]
~ Scheduled Task: 15 Scanned in 00mn 06s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver:  (ccSet_NARA) . (.Symantec Corporation - Common Client Settings Driver.) - C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver:  (MfeASKM) . (.McAfee, Inc. - McAfee Application Statistics Device Driver.) - C:\Program Files\McAfee\AppStats\MfeASKM.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver:  (mwlPSDFilter) . (.Egis Technology Inc. - PSD Mini Filter Driver.) - C:\Windows\System32\DRIVERS\mwlPSDFilter.sys
O41 - Driver:  (mwlPSDNServ) . (.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) - C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
O41 - Driver:  (mwlPSDVDisk) . (.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) - C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Drivers: 44 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.20 - (...) [HKLM][64Bits] -- 7-Zip
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {19CB64EB-ACFE-681D-B571-A8A3398F1943}
O42 - Logiciel: Acer Power Management - (.Acer Incorporated.) [HKLM][64Bits] -- {91F52DE4-B789-42B0-9311-A349F10E5479}
O42 - Logiciel: Acer Recovery Management - (.Acer Incorporated.) [HKLM][64Bits] -- {07F2005A-8CAC-4A4B-83A2-DA98A722CA61}
O42 - Logiciel: AcerCloud - (.Acer Incorporated.) [HKLM][64Bits] -- {A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
O42 - Logiciel: AcerCloud Docs - (.Acer Incorporated.) [HKLM][64Bits] -- {CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}
O42 - Logiciel: Agatha Christie - Death on the Nile - (.WildTangent.) [HKLM][64Bits] -- WTA-80723e2b-603a-45c5-91bf-eaece55ed6cd
O42 - Logiciel: Aloha TriPeaks - (.WildTangent.) [HKLM][64Bits] -- WTA-f7575c8f-459f-4bf6-8e7e-9f84ae2cdb0c
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM][64Bits] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE}   =>Toolbar.Ask
O42 - Logiciel: Bejeweled 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-025a6bf4-6200-4aae-95fe-36569d749000
O42 - Logiciel: BrowserProtect - (.Bit89 Inc.) [HKLM][64Bits] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}   =>Toolbar.Babylon
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {EBE0919B-F97B-4D58-9B1D-9EEA3003718D}
O42 - Logiciel: CyberLink MediaEspresso 6.5 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}
O42 - Logiciel: CyberLink MediaEspresso 6.5 - (.CyberLink Corp..) [HKLM][64Bits] -- {E3739848-5329-48E3-8D28-5BBD6E8BE384}
O42 - Logiciel: Delicious: Emily's True Love Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-6cb7f618-b98f-4558-809b-0b6cddc18071
O42 - Logiciel: GoforFiles - (.http://www.goforfiles.com/.) [HKCU][64Bits] -- GoforFiles   =>P2P.GoforFiles
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Governor of Poker 2 Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-cba0dc58-66d0-44c8-8435-889bcb67253c
O42 - Logiciel: Hotkey Utility - (.Acer Incorporated.) [HKLM][64Bits] -- {A6DC88AD-501A-44BC-884D-57435F972E2C}
O42 - Logiciel: Identity Card - (.Acer Incorporated.) [HKLM][64Bits] -- {3D9CB654-99AD-4301-89C6-0D12A790767C}
O42 - Logiciel: Java 7 Update 21 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217017FF}
O42 - Logiciel: Jewel Match 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-5e6bd562-dbf3-481b-a7b5-62c00f55a862
O42 - Logiciel: John Deere Drive Green - (.WildTangent.) [HKLM][64Bits] -- WTA-3547cd7e-a99a-4b44-9dc4-cc346021e51b
O42 - Logiciel: Live Updater - (.Acer Incorporated.) [HKLM][64Bits] -- {EE26E302-876A-48D9-9058-3129E5B99999}
O42 - Logiciel: Magic Academy - (.WildTangent.) [HKLM][64Bits] -- WTA-7307d1f8-3724-47ee-bfc7-83e6fbb7fd4e
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: McAfee Internet Security Suite - (.McAfee, Inc..) [HKLM][64Bits] -- MSC
O42 - Logiciel: MyWinLocker - (.Egis Technology Inc..) [HKLM][64Bits] -- {0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}
O42 - Logiciel: MyWinLocker 4 - (.Egis Technology Inc..) [HKLM][64Bits] -- {39F15B50-A977-4CA6-B1C3-6A8724CDA025}
O42 - Logiciel: MyWinLocker Suite - (.Egis Technology Inc..) [HKLM][64Bits] -- InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}
O42 - Logiciel: MyWinLocker Suite - (.Egis Technology Inc..) [HKLM][64Bits] -- {17DF9714-60C9-43C9-A9C2-32BCAED44CBE}
O42 - Logiciel: Nero 12 Essentials OEM.a01 - (.Nero AG.) [HKLM][64Bits] -- {9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {ABC88553-8770-4B97-B43E-5A90647A5B63}
O42 - Logiciel: Nero ControlCenter Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {C994C746-C6D0-4EBA-B09E-DF7B18381B69}
O42 - Logiciel: Nero Core Components - (.Nero AG.) [HKLM][64Bits] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263}
O42 - Logiciel: Nero Express - (.Nero AG.) [HKLM][64Bits] -- {848A7C68-0ADC-4193-8A89-2CEA78E56A0C}
O42 - Logiciel: Nero Express Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {0708FF30-78C0-47B0-81F0-C84604DC769C}
O42 - Logiciel: Nero Launcher - (.Nero AG.) [HKLM][64Bits] -- {0E4630AF-0AB7-440E-A978-1A78FC4F43B9}
O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM][64Bits] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
O42 - Logiciel: Norton Online Backup - (.Symantec Corporation.) [HKLM][64Bits] -- {40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}
O42 - Logiciel: Norton Online Backup ARA - (.Symantec Corporation.) [HKLM][64Bits] -- NARA
O42 - Logiciel: Office Addin - (.Acer.) [HKLM][64Bits] -- {6D2BBE1D-E600-4695-BA37-0B0E605542CC}
O42 - Logiciel: OpenOffice.org 3.4 - (.OpenOffice.org.) [HKLM][64Bits] -- {2F90A789-DD1E-41CE-BFCA-BD78213BABC7}
O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM][64Bits] -- WTA-a5d8ab29-fbe8-4365-8a8a-eab3fb5e5629
O42 - Logiciel: Plants vs. Zombies - Game of the Year - (.WildTangent.) [HKLM][64Bits] -- WTA-a533fa2a-b5c2-4899-a67f-68c3a63043be
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WTA-93c02f9d-6b2a-49d4-8459-029b96ebc6a0
O42 - Logiciel: QuickShare - (.Linkury Inc..) [HKLM][64Bits] -- {AF860F85-54A3-4A28-879B-BF9E6E325776}   =>PUP.QuickShare
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054}
O42 - Logiciel: Shredder - (.Egis Technology Inc..) [HKLM][64Bits] -- {C2695E83-CF1D-43D1-84FE-B3BEC561012A}
O42 - Logiciel: SoftwareUpdater - (...) [HKLM][64Bits] -- SoftwareUpdater   =>PUP.Eorezo
O42 - Logiciel: Spotify - (.Spotify AB.) [HKLM][64Bits] -- Spotify
O42 - Logiciel: Tales of Lagoona - (.WildTangent.) [HKLM][64Bits] -- WTA-dc5dfb78-9ab0-4455-9e3b-e9b79594fd6c
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
O42 - Logiciel: VLC media player 2.0.5 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Visual Studio 2005 Tools pour Office Second Edition Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Visual Studio 2005 Tools for Office Runtime
O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- Visual Studio Tools for the Office system 3.0 Runtime
O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8FB53850-246A-3507-8ADE-0060093FFEA6}
O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949 - (.Microsoft Corporation.) [HKLM][64Bits] -- {8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258
O42 - Logiciel: Vittalia Installer - (.TELECHARGERS.net.) [HKLM][64Bits] -- Vittalia
O42 - Logiciel: WildTangent Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent wildgames Master Uninstall
O42 - Logiciel: WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Yontoo 2.052 - (.Yontoo LLC.) [HKLM][64Bits] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B}   =>PUP.Yontoo
O42 - Logiciel: Zuma's Revenge - (.WildTangent.) [HKLM][64Bits] -- WTA-9c97e14f-29e1-4355-8310-253e3d7eb3f9
O42 - Logiciel: clear.fi Media - (.Acer Incorporated.) [HKLM][64Bits] -- {E9AF1707-3F3A-49E2-8345-4F2D629D0876}
O42 - Logiciel: clear.fi Photo - (.Acer Incorporated.) [HKLM][64Bits] -- {B5AD89F2-03D3-4206-8487-018298007DD0}
O42 - Logiciel: clear.fi SDK - Video 2 - (.CyberLink Corp..) [HKLM][64Bits] -- {EBA33CAD-E071-48d5-A168-FBA4EEB42E93}
O42 - Logiciel: clear.fi SDK- Movie 2 - (.CyberLink Corp..) [HKLM][64Bits] -- {35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}
O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM][64Bits] -- {A694AF57-9891-4D62-824C-7E55A1361A14}
~ Logic: 130 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\94dbd1b16ded45]
[HKCU\Software\APN]
[HKCU\Software\ATI]
[HKCU\Software\AppDataLow\Software\AskToolbar]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow]
[HKCU\Software\Ask.com]
[HKCU\Software\BabylonToolbar]   =>Toolbar.Babylon
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DataMngr]   =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar]   =>PUP.Datamngr
[HKCU\Software\Google]
[HKCU\Software\JavaSoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\McAfee]
[HKCU\Software\Mine]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\OEM]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SmartbarBackup]   =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog]   =>Hijacker.SmartBar
[HKCU\Software\Smartbar]   =>Hijacker.SmartBar
[HKCU\Software\Trolltech]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\mozilla]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cyberlink]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\EgisTec IPS]
[HKLM\Software\EgisTec Shredder]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\McAfee]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\SonicFocus]
[HKLM\Software\Symantec]
[HKLM\Software\Tarma Installer]   =>Toolbar.Tarma
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\94dbd1b16ded45]
[HKLM\Software\Wow6432Node\APN]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\AskToolbar]
[HKLM\Software\Wow6432Node\Babylon]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DataMngr]   =>PUP.Datamngr
[HKLM\Software\Wow6432Node\EgisTec IPS]
[HKLM\Software\Wow6432Node\EgisTec MyWinLockerSuite]
[HKLM\Software\Wow6432Node\EgisTec MyWinLocker]
[HKLM\Software\Wow6432Node\EgisTec Shredder]
[HKLM\Software\Wow6432Node\GoforFiles]   =>P2P.GoforFiles
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\McAfee]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\Norton]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\OpenOffice.org]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\SiteAdvisor]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\VirualDiskRedist]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\WinRAR]
[HKLM\Software\Wow6432Node\Wow6432Node]
[HKLM\Software\Wow6432Node]
~ Key Software: 171 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 23/03/2013 - 21:49:27 - [3,348] ----D C:\Program Files (x86)\7-Zip
O43 - CFD: 29/11/2012 - 21:00:46 - [359,975] ----D C:\Program Files (x86)\Acer
O43 - CFD: 29/11/2012 - 20:27:23 - [2,145] ----D C:\Program Files (x86)\AMD APP
O43 - CFD: 27/04/2013 - 20:28:45 - [3,515] ----D C:\Program Files (x86)\Ask.com
O43 - CFD: 29/11/2012 - 20:27:17 - [55,274] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 27/04/2013 - 20:11:47 - [78,905] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 15/10/2012 - 07:51:22 - [159,468] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 15/10/2012 - 07:46:22 - [3,465] ----D C:\Program Files (x86)\EgisTec IPS
O43 - CFD: 15/10/2012 - 07:46:38 - [19,856] ----D C:\Program Files (x86)\EgisTec MyWinLocker
O43 - CFD: 15/10/2012 - 07:45:28 - [2,277] ----D C:\Program Files (x86)\EgisTec MyWinLockerSuite
O43 - CFD: 15/10/2012 - 07:47:13 - [5,335] ----D C:\Program Files (x86)\EgisTec Shredder
O43 - CFD: 20/04/2013 - 22:54:43 - [9,953] ----D C:\Program Files (x86)\GoforFiles   =>P2P.GoforFiles
O43 - CFD: 23/03/2013 - 15:14:58 - [367,831] ----D C:\Program Files (x86)\Google
O43 - CFD: 29/11/2012 - 20:50:37 - [135,317] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 11/04/2013 - 03:52:35 - [4,621] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 27/04/2013 - 20:11:26 - [122,344] ----D C:\Program Files (x86)\Java
O43 - CFD: 10/04/2013 - 15:14:43 - [13,376] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 19/04/2013 - 11:26:52 - [15,371] ----D C:\Program Files (x86)\McAfee
O43 - CFD: 15/10/2012 - 07:41:54 - [0,432] ----D C:\Program Files (x86)\mcafee.com
O43 - CFD: 29/11/2012 - 20:46:25 - [6,085] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 26/07/2012 - 10:12:59 - [0,023] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 20/04/2013 - 22:55:43 - [0] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 15/10/2012 - 07:30:43 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 15/10/2012 - 07:48:43 - [191,875] ----D C:\Program Files (x86)\Nero
O43 - CFD: 29/11/2012 - 20:47:03 - [20,118] ----D C:\Program Files (x86)\Norton Online Backup ARA
O43 - CFD: 29/11/2012 - 20:46:53 - [24,843] ----D C:\Program Files (x86)\NortonInstaller
O43 - CFD: 23/03/2013 - 15:02:16 - [0,105] ----D C:\Program Files (x86)\OEM
O43 - CFD: 20/04/2013 - 22:45:18 - [285,319] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 29/11/2012 - 20:29:34 - [34,004] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 15/10/2012 - 07:30:43 - [36,536] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 20/04/2013 - 22:19:10 - [0,479] ----D C:\Program Files (x86)\SoftwareUpdater   =>PUP.Eorezo
O43 - CFD: 29/11/2012 - 20:32:07 - [42,601] ----D C:\Program Files (x86)\Spotify
O43 - CFD: 29/11/2012 - 20:47:37 - [8,374] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 29/11/2012 - 20:30:14 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 23/03/2013 - 15:29:54 - [94,419] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 20/04/2013 - 22:17:40 - [0,178] ----D C:\Program Files (x86)\Vittalia
O43 - CFD: 15/10/2012 - 07:40:24 - [520,390] ----D C:\Program Files (x86)\WildGames
O43 - CFD: 15/10/2012 - 07:40:49 - [14,814] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 28/03/2013 - 04:55:00 - [0,951] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 30/11/2012 - 05:06:37 - [5,466] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 28/03/2013 - 04:56:17 - [3,494] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 26/07/2012 - 10:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 26/07/2012 - 10:12:59 - [7,243] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 30/11/2012 - 05:06:37 - [5,226] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 26/07/2012 - 10:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/07/2012 - 10:12:59 - [1,291] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 23/03/2013 - 21:57:55 - [4,131] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 20/04/2013 - 22:56:06 - [0,801] ----D C:\Program Files (x86)\Yontoo   =>PUP.Yontoo
O43 - CFD: 17/05/2013 - 19:27:59 - [16,754] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 15/10/2012 - 07:46:17 - [0,166] ----D C:\Program Files (x86)\Common Files\EgisTec
O43 - CFD: 29/11/2012 - 20:29:29 - [2,009] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 27/04/2013 - 20:11:47 - [1,189] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 15/10/2012 - 07:42:43 - [2,787] ----D C:\Program Files (x86)\Common Files\mcafee
O43 - CFD: 26/03/2013 - 00:14:24 - [43,301] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 15/10/2012 - 07:48:24 - [20,044] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 26/07/2012 - 10:13:01 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 30/11/2012 - 05:06:37 - [9,406] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 29/11/2012 - 20:56:07 - [0,030] ----D C:\ProgramData\Acer
O43 - CFD: 26/07/2012 - 09:22:08 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 27/04/2013 - 20:12:10 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 29/11/2012 - 20:28:16 - [0,000] ----D C:\ProgramData\ATI
O43 - CFD: 20/04/2013 - 22:55:04 - [0] ----D C:\ProgramData\Babylon   =>Toolbar.Babylon
O43 - CFD: 29/11/2012 - 20:47:38 - [0,040] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 20/04/2013 - 22:56:20 - [7,805] ----D C:\ProgramData\BrowserProtect   =>Toolbar.Babylon
O43 - CFD: 29/11/2012 - 21:59:52 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 29/11/2012 - 20:50:31 - [0,000] ----D C:\ProgramData\CLSK
O43 - CFD: 29/11/2012 - 20:51:10 - [0,001] ----D C:\ProgramData\CyberLink
O43 - CFD: 26/07/2012 - 09:22:08 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 26/07/2012 - 09:22:08 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 23/03/2013 - 15:15:15 - [0] ----D C:\ProgramData\EgisTec
O43 - CFD: 23/03/2013 - 15:07:13 - [0,268] ----D C:\ProgramData\EgisTec IPS
O43 - CFD: 29/11/2012 - 20:50:37 - [0,113] ----D C:\ProgramData\install_clap
O43 - CFD: 06/04/2013 - 22:47:14 - [16,081] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 23/03/2013 - 23:01:41 - [259,241] ----D C:\ProgramData\McAfee
O43 - CFD: 29/11/2012 - 21:59:53 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 17/05/2013 - 01:53:13 - [1875,671] -S--D C:\ProgramData\Microsoft
O43 - CFD: 29/11/2012 - 21:59:53 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 29/11/2012 - 20:20:53 - [2,353] ----D C:\ProgramData\Nero
O43 - CFD: 02/04/2013 - 13:57:49 - [0,220] ----D C:\ProgramData\Norton
O43 - CFD: 29/11/2012 - 20:46:53 - [0,858] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 23/03/2013 - 15:57:50 - [0,261] ----D C:\ProgramData\OEM
O43 - CFD: 26/03/2013 - 11:01:26 - [0,047] ----D C:\ProgramData\PRICache
O43 - CFD: 26/07/2012 - 09:52:44 - [0,001] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 26/07/2012 - 09:22:08 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 23/03/2013 - 19:50:43 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 29/11/2012 - 20:47:37 - [0,013] ----D C:\ProgramData\Symantec
O43 - CFD: 20/04/2013 - 22:55:45 - [2,592] ----D C:\ProgramData\Tarma Installer   =>Toolbar.Tarma
O43 - CFD: 29/11/2012 - 20:50:38 - [1,037] ----D C:\ProgramData\Temp
O43 - CFD: 26/07/2012 - 09:22:08 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 15/10/2012 - 07:40:49 - [1685,420] ----D C:\ProgramData\WildTangent
O43 - CFD: 23/03/2013 - 14:58:41 - [0] ----D C:\Users\anaisa\AppData\Roaming\Adobe
O43 - CFD: 23/04/2013 - 17:32:56 - [0] ----D C:\Users\anaisa\AppData\Roaming\ATI
O43 - CFD: 20/04/2013 - 22:55:03 - [0,006] ----D C:\Users\anaisa\AppData\Roaming\Babylon   =>Toolbar.Babylon
O43 - CFD: 20/04/2013 - 22:56:57 - [0,002] ----D C:\Users\anaisa\AppData\Roaming\GoforFiles   =>P2P.GoforFiles
O43 - CFD: 23/03/2013 - 14:58:43 - [0,001] ----D C:\Users\anaisa\AppData\Roaming\Macromedia
O43 - CFD: 06/04/2013 - 22:47:37 - [0,008] ----D C:\Users\anaisa\AppData\Roaming\Malwarebytes
O43 - CFD: 17/05/2013 - 18:31:26 - [1,674] -S--D C:\Users\anaisa\AppData\Roaming\Microsoft
O43 - CFD: 01/05/2013 - 21:51:58 - [21,347] ----D C:\Users\anaisa\AppData\Roaming\OpenOffice.org
O43 - CFD: 16/05/2013 - 20:20:45 - [1,270] ----D C:\Users\anaisa\AppData\Roaming\vlc
O43 - CFD: 23/03/2013 - 21:58:04 - [0,000] ----D C:\Users\anaisa\AppData\Roaming\WinRAR
O43 - CFD: 17/05/2013 - 14:03:41 - [0,165] ----D C:\Users\anaisa\AppData\Roaming\Yontoo   =>PUP.Yontoo
O43 - CFD: 27/04/2013 - 20:28:29 - [0,192] ----D C:\Users\anaisa\AppData\Local\APN
O43 - CFD: 23/03/2013 - 14:56:51 - [0] ----D C:\Users\anaisa\AppData\Local\Application Data
O43 - CFD: 23/03/2013 - 15:13:48 - [1,557] ----D C:\Users\anaisa\AppData\Local\Apps
O43 - CFD: 23/04/2013 - 17:32:56 - [0,058] ----D C:\Users\anaisa\AppData\Local\ATI
O43 - CFD: 23/03/2013 - 20:54:40 - [0,089] ----D C:\Users\anaisa\AppData\Local\clear.fi
O43 - CFD: 27/04/2013 - 20:28:05 - [15,525] ----D C:\Users\anaisa\AppData\Local\CrashDumps
O43 - CFD: 23/03/2013 - 15:14:11 - [0] ----D C:\Users\anaisa\AppData\Local\Deployment
O43 - CFD: 23/03/2013 - 15:07:13 - [0,000] ----D C:\Users\anaisa\AppData\Local\EgisTec IPS
O43 - CFD: 23/03/2013 - 15:15:17 - [875,841] ----D C:\Users\anaisa\AppData\Local\Google
O43 - CFD: 23/03/2013 - 14:56:51 - [0] ----D C:\Users\anaisa\AppData\Local\Historique
O43 - CFD: 25/03/2013 - 04:15:39 - [244,625] ----D C:\Users\anaisa\AppData\Local\Microsoft
O43 - CFD: 26/03/2013 - 11:01:28 - [153,785] ----D C:\Users\anaisa\AppData\Local\Packages
O43 - CFD: 06/04/2013 - 22:47:00 - [0] ----D C:\Users\anaisa\AppData\Local\Programs
O43 - CFD: 13/05/2013 - 13:27:55 - [18,360] ----D C:\Users\anaisa\AppData\Local\Smartbar   =>Hijacker.SmartBar
O43 - CFD: 17/05/2013 - 19:28:19 - [207,212] ----D C:\Users\anaisa\AppData\Local\Temp
O43 - CFD: 23/03/2013 - 14:56:51 - [0] ----D C:\Users\anaisa\AppData\Local\Temporary Internet Files
O43 - CFD: 12/04/2013 - 14:55:38 - [0,000] ----D C:\Users\anaisa\AppData\Local\VirtualStore
O43 - CFD: 26/07/2012 - 10:13:00 - [0,004] R---D C:\Users\anaisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/07/2012 - 10:13:00 - [0,001] R---D C:\Users\anaisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 16/04/2013 - 12:31:33 - [0,000] R---D C:\Users\anaisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 20/04/2013 - 22:56:36 - [0,001] ----D C:\Users\anaisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect   =>Toolbar.Babylon
O43 - CFD: 26/07/2012 - 10:13:00 - [0,000] ----D C:\Users\anaisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 16/04/2013 - 12:31:33 - [0,000] R---D C:\Users\anaisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/07/2012 - 10:13:00 - [0,005] R---D C:\Users\anaisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 23/03/2013 - 21:57:55 - [0,003] ----D C:\Users\anaisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 126 Scanned in 00mn 03s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.31FFEBA046920D13EACD2AEFFBB9B84D] - 17/05/2013 - 18:23:18 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1244376]
O44 - LFC:[MD5.75FCBFA584A33DB66C59DC5438332C88] - 17/05/2013 - 13:08:20 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI   [1793362]
O44 - LFC:[MD5.75FCBFA584A33DB66C59DC5438332C88] - 17/05/2013 - 13:08:20 RSHAD . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1793362]
O44 - LFC:[MD5.4185AAD81B35C5846A39EEFEAADF04C9] - 17/05/2013 - 13:04:11 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.135E0B5BFD81B10DF44C5AA43307DFFE] - 16/05/2013 - 20:00:48 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat   [155444]
O44 - LFC:[MD5.9FAE5AC327A1A9793D46D7543702B9D6] - 16/05/2013 - 20:00:48 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat   [710046]
O44 - LFC:[MD5.CCC1B9ABDD545C149B70791EF1CBC330] - 16/05/2013 - 20:00:48 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat   [799736]
O44 - LFC:[MD5.135E0B5BFD81B10DF44C5AA43307DFFE] - 16/05/2013 - 20:00:48 RSHAD . (...) -- C:\Windows\System32\perfc00C.dat   [155444]
O44 - LFC:[MD5.9FAE5AC327A1A9793D46D7543702B9D6] - 16/05/2013 - 20:00:48 RSHAD . (...) -- C:\Windows\System32\perfh009.dat   [710046]
O44 - LFC:[MD5.CCC1B9ABDD545C149B70791EF1CBC330] - 16/05/2013 - 20:00:48 RSHAD . (...) -- C:\Windows\System32\perfh00C.dat   [799736]
O44 - LFC:[MD5.1A7FD75AC7B4441E71CFB850D73B3A35] - 16/05/2013 - 20:00:47 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat   [132416]
O44 - LFC:[MD5.1A7FD75AC7B4441E71CFB850D73B3A35] - 16/05/2013 - 20:00:47 RSHAD . (...) -- C:\Windows\System32\perfc009.dat   [132416]
~ Files: 12 Scanned in 00mn 22s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.F955E2885A4DA8F6E394C7BAA486BA2D] - 01/05/2013 - 19:25:35 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-29741569.pf
O45 - LFCP:[MD5.F49C099817D931A416CA4EB7509E97DC] - 01/05/2013 - 19:25:38 ---A- - C:\Windows\Prefetch\HELPPANE.EXE-5A92E3D5.pf
O45 - LFCP:[MD5.D8D3EA79F86849BDCDAACE6A484711DF] - 01/05/2013 - 19:36:47 ---A- - C:\Windows\Prefetch\MSPAINT.EXE-512C7E1E.pf
O45 - LFCP:[MD5.1A0A1E9240C2578F8763CC5CBEE07443] - 05/05/2013 - 03:11:42 ---A- - C:\Windows\Prefetch\D912.TMP-203D961F.pf
O45 - LFCP:[MD5.E88483D7FEA4C709BF4523A28ECC8CC7] - 05/05/2013 - 09:28:49 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-DACB5D4F.pf
O45 - LFCP:[MD5.8EEDD8E12345C2AC0C82CABBB60AE534] - 05/05/2013 - 14:28:14 ---A- - C:\Windows\Prefetch\8184.TMP-F553CD10.pf
O45 - LFCP:[MD5.E89B7E0F27F86ED855703494B27A59A5] - 06/05/2013 - 11:17:00 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.149.1230.0.E-6BA77CDE.pf
O45 - LFCP:[MD5.CA004C6B2A0F603CE66C97E03E25A799] - 06/05/2013 - 15:02:54 ---A- - C:\Windows\Prefetch\27C0.TMP-02082D4B.pf
O45 - LFCP:[MD5.668B909D3AB09FF64532D63D644FCF3A] - 07/05/2013 - 11:48:30 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.149.1295.0.E-F8823775.pf
O45 - LFCP:[MD5.0C3E83DBC64A0CE711B912913C0D9C94] - 07/05/2013 - 15:34:15 ---A- - C:\Windows\Prefetch\AE7C.TMP-51A9DF97.pf
O45 - LFCP:[MD5.D6577472DD9B3AEFDE96CF637F1687F7] - 07/05/2013 - 23:21:44 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-465FAC7E.pf
O45 - LFCP:[MD5.FF60C4A4DDCC61825658A60C605C4E90] - 07/05/2013 - 23:21:45 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C92CB267.pf
O45 - LFCP:[MD5.AA9A668181F4BED759D71D3897C7E34D] - 08/05/2013 - 00:05:03 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-7CDDA69A.pf
O45 - LFCP:[MD5.53F1DC5B182AB67C4E1298F401883B95] - 08/05/2013 - 00:05:03 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-AB312CEC.pf
O45 - LFCP:[MD5.1173C853D396C6E78332AF4E9C9DBAB3] - 08/05/2013 - 15:36:10 ---A- - C:\Windows\Prefetch\280E.TMP-9191A1E2.pf
O45 - LFCP:[MD5.7C5D09AEB275306FEEC40D67747381C5] - 08/05/2013 - 19:32:53 ---A- - C:\Windows\Prefetch\VLC-2.0.6-WIN32.EXE-4AD68152.pf
O45 - LFCP:[MD5.0B3ECC17D26D2574004BFFB21A731A06] - 09/05/2013 - 12:10:04 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.149.1398.0.E-52EA2DF9.pf
O45 - LFCP:[MD5.F6DCA4627C6360A24FAB9B52FB3E68D1] - 09/05/2013 - 15:56:25 ---A- - C:\Windows\Prefetch\8B34.TMP-8B101964.pf
O45 - LFCP:[MD5.B7E6E137DAC024DCA1CE109BEC3059F4] - 09/05/2013 - 18:55:51 ---A- - C:\Windows\Prefetch\SETUP_WM.EXE-5D2609E7.pf
O45 - LFCP:[MD5.3F884BF73402C0B60A6DB6139A94D417] - 09/05/2013 - 18:55:51 ---A- - C:\Windows\Prefetch\WMPLAYER.EXE-F4B5869D.pf
O45 - LFCP:[MD5.A25EC388F447E28B369166939773EB5D] - 09/05/2013 - 19:33:16 ---A- - C:\Windows\Prefetch\SDIAGNHOST.EXE-D8BC1DC6.pf
O45 - LFCP:[MD5.5A8127CE97714F0E6E25DF6E6BA0A40D] - 09/05/2013 - 19:33:52 ---A- - C:\Windows\Prefetch\W32TM.EXE-78C041DB.pf
O45 - LFCP:[MD5.64801502EDB91D977EF73B7EE700BA5F] - 09/05/2013 - 19:34:01 ---A- - C:\Windows\Prefetch\PING.EXE-167FE968.pf
O45 - LFCP:[MD5.88623060E635E651749C7F2465099208] - 10/05/2013 - 00:35:39 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-DAF4E5BB.pf
O45 - LFCP:[MD5.5D15932CAA734AF5AB2485730E38613D] - 10/05/2013 - 14:45:36 ---A- - C:\Windows\Prefetch\MSINFO32.EXE-F283564F.pf
O45 - LFCP:[MD5.C0B631111795E5168F05BCF3CF805FE1] - 10/05/2013 - 16:26:16 ---A- - C:\Windows\Prefetch\FAB9.TMP-19755351.pf
O45 - LFCP:[MD5.762636811CC33CE02CD9094956D2F1B9] - 10/05/2013 - 19:44:03 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-4F60B70E.pf
O45 - LFCP:[MD5.61B65599772AF044E25CC4BBE1E12C9A] - 10/05/2013 - 19:44:03 ---A- - C:\Windows\Prefetch\WINSAT.EXE-A854C4D0.pf
O45 - LFCP:[MD5.0C6D2995154DB6CEE4098EB43529A7E1] - 11/05/2013 - 10:50:24 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.149.1591.0.E-7ABFD550.pf
O45 - LFCP:[MD5.4623F7DCD54000B9A1766F42F2CEB5EB] - 11/05/2013 - 11:19:11 ---A- - C:\Windows\Prefetch\GOOGLECRASHHANDLER.EXE-48DA6AD1.pf
O45 - LFCP:[MD5.D6E7ED93ECEDCEA2DB40419C6137C7EB] - 11/05/2013 - 11:19:11 ---A- - C:\Windows\Prefetch\GOOGLECRASHHANDLER64.EXE-830E57A3.pf
O45 - LFCP:[MD5.76B4840C675BCFFD98A4DD4AB9DF571C] - 11/05/2013 - 11:19:19 ---A- - C:\Windows\Prefetch\GOOGLEUPDATESETUP.EXE-200BE732.pf
O45 - LFCP:[MD5.3183BB646AE1ACF9B25074EE098782B0] - 11/05/2013 - 11:19:27 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-050376DD.pf
O45 - LFCP:[MD5.521A5BB406E0BDF8B2EA2E6374708F6D] - 11/05/2013 - 16:37:13 ---A- - C:\Windows\Prefetch\EC1A.TMP-22E3EE69.pf
O45 - LFCP:[MD5.5EC65CBA8F4A2F5F1E75552C8982D262] - 11/05/2013 - 20:55:32 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-276AC160.pf
O45 - LFCP:[MD5.F2B3AF3512FE8EF4CEE83BDE78A7C9EA] - 12/05/2013 - 00:59:41 ---A- - C:\Windows\Prefetch\MCVSSHLD.EXE-F69E7D8B.pf
O45 - LFCP:[MD5.8CABA00AB5C98891B0C4450CE7553D11] - 12/05/2013 - 11:57:20 ---A- - C:\Windows\Prefetch\ARA.EXE-A6FD5EAC.pf
O45 - LFCP:[MD5.B8E7D858FB4C77AEFAD12312A01E9FDF] - 12/05/2013 - 11:57:23 ---A- - C:\Windows\Prefetch\UPDATEBRIDGE.EXE-80AE7F90.pf
O45 - LFCP:[MD5.FFAB156AC65DF91B19428B780841C5A8] - 12/05/2013 - 11:57:27 ---A- - C:\Windows\Prefetch\ARAMETRO.EXE-B5885807.pf
O45 - LFCP:[MD5.42590651FB4886F9B5507A8852C9E551] - 12/05/2013 - 12:18:55 ---A- - C:\Windows\Prefetch\NOBUAGENT.EXE-249992C1.pf
O45 - LFCP:[MD5.12A44BF2128E33FEC774CC27938AAFDB] - 12/05/2013 - 17:32:06 ---A- - C:\Windows\Prefetch\DE85.TMP-2C5A94D5.pf
O45 - LFCP:[MD5.A3186A3BF57CCF9BDD9FED0FBB575C47] - 13/05/2013 - 12:26:39 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-08D38AE4.pf
O45 - LFCP:[MD5.8524F9884BF87C242D135DD059304070] - 13/05/2013 - 12:26:39 ---A- - C:\Windows\Prefetch\SMARTBARVERSIONSHELPER.EXE-A7ED1AD3.pf   =>Hijacker.SmartBar
O45 - LFCP:[MD5.5529657C9FBB93F8D3C7BE8B1AE5C962] - 13/05/2013 - 12:26:47 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-9D9E8881.pf
O45 - LFCP:[MD5.2CA46EB57F77A1A09FB8FEDBCC4D5AAB] - 13/05/2013 - 12:26:47 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EF788032.pf
O45 - LFCP:[MD5.3348DF75441186E53B48016AA5B1A20F] - 13/05/2013 - 12:27:40 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-7F3D7C74.pf
O45 - LFCP:[MD5.5390F1EC6A108213ADE1517AF2533FFE] - 13/05/2013 - 12:27:44 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-2AD21665.pf
O45 - LFCP:[MD5.84C67F5B53BF97BF68E1823C22D422D4] - 13/05/2013 - 12:28:20 ---A- - C:\Windows\Prefetch\TASKKILL.EXE-3D8A2F61.pf
O45 - LFCP:[MD5.0A0C2A1B17E617C49FBCCA9D60DCA172] - 13/05/2013 - 12:28:24 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-81DF0EE2.pf
O45 - LFCP:[MD5.C9B410A247E7A425188AF98E4D1B2BA7] - 13/05/2013 - 12:28:26 ---A- - C:\Windows\Prefetch\PRODUCTSREMOVALTOOL.EXE-92E58C4A.pf
O45 - LFCP:[MD5.02A1BA3BB1369A7CC461A18AFFF79A45] - 13/05/2013 - 12:28:54 ---A- - C:\Windows\Prefetch\REGASM.EXE-11C8A38D.pf
O45 - LFCP:[MD5.E39B36909B09B08CB9D7E2B780235BCD] - 13/05/2013 - 12:28:54 ---A- - C:\Windows\Prefetch\REGASM.EXE-3F279DFF.pf
O45 - LFCP:[MD5.A296A5655274A24B4A81E6EFF61FB5D7] - 13/05/2013 - 12:39:27 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.149.1754.0.E-51FDCB05.pf
O45 - LFCP:[MD5.6C319EC442DBC65429241C6D5934F6BD] - 13/05/2013 - 17:34:24 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-F7FB8768.pf
O45 - LFCP:[MD5.3928C9EA7356B81E16F299B498113C1D] - 13/05/2013 - 17:34:39 ---A- - C:\Windows\Prefetch\BACKGROUNDTRANSFERHOST.EXE-29C1E08E.pf
O45 - LFCP:[MD5.9B8B620C9053F9343532DD9CE448FDCF] - 13/05/2013 - 17:34:39 ---A- - C:\Windows\Prefetch\LIVECOMM.EXE-04AA8A1C.pf
O45 - LFCP:[MD5.EBE3194F8EBE41B3F74270DBFC8E3DBE] - 13/05/2013 - 17:34:45 ---A- - C:\Windows\Prefetch\BYTECODEGENERATOR.EXE-353D57C0.pf
O45 - LFCP:[MD5.1267AB247704C0E074A585D9D7DA6468] - 13/05/2013 - 23:09:32 ---A- - C:\Windows\Prefetch\SNES9X.EXE-B8764DA9.pf
O45 - LFCP:[MD5.2C76026C91C94ED662BB113A4DE56081] - 14/05/2013 - 10:47:48 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-3C40F7FB.pf
O45 - LFCP:[MD5.9A659B2E5B78A900A14B2FCBB1A526BF] - 14/05/2013 - 10:48:22 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-E874B0D0.pf
O45 - LFCP:[MD5.E77ABE5F826F2F089427829B8B335B93] - 14/05/2013 - 18:00:51 ---A- - C:\Windows\Prefetch\VSSVC.EXE-206E55B3.pf
O45 - LFCP:[MD5.172F0175669B515E61FE2C04530C91E2] - 14/05/2013 - 18:00:52 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-574A519D.pf
O45 - LFCP:[MD5.6AC4B4A852E47A9E203B8DF352B71D07] - 14/05/2013 - 18:01:18 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-9E940D77.pf
O45 - LFCP:[MD5.7C4DE632D2C5197E7BAFAE3085075669] - 14/05/2013 - 18:13:43 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-65FD9DDE.pf
O45 - LFCP:[MD5.E3F7A2BFAC56E7B5722BEC0F2A59D3AF] - 14/05/2013 - 18:22:43 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-B98D9700.pf
O45 - LFCP:[MD5.47D5A157C3C96BB6CEC7CF27A3F9FA55] - 14/05/2013 - 18:30:10 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-BAE57A74.pf
O45 - LFCP:[MD5.7DDABDEC6CC48DF2605F93BCE44AECB3] - 14/05/2013 - 19:20:09 ---A- - C:\Windows\Prefetch\JAVAW.EXE-9BCFFCC7.pf
O45 - LFCP:[MD5.542A67E99328A1E5C0671E221FDFDAA8] - 14/05/2013 - 19:20:09 ---A- - C:\Windows\Prefetch\JAVAWS.EXE-596738CE.pf
O45 - LFCP:[MD5.423F16E37C1406FF324A10DB473DA8F2] - 14/05/2013 - 19:39:25 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3F8.pf
O45 - LFCP:[MD5.4A2448916387CF28DD61C88FE7216580] - 15/05/2013 - 12:33:40 ---A- - C:\Windows\Prefetch\JAVA.EXE-4EF2C834.pf
O45 - LFCP:[MD5.F71167FF3A1C3CE7BE738E2E25FCFF7E] - 15/05/2013 - 12:45:03 ---A- - C:\Windows\Prefetch\AM_ENGINE_PATCH1.EXE-F21EA2D1.pf
O45 - LFCP:[MD5.9A13B87C5478873E4866F581C190C772] - 15/05/2013 - 12:45:05 ---A- - C:\Windows\Prefetch\AM_BASE_PATCH1.EXE-68D49F7A.pf
O45 - LFCP:[MD5.DFABECCC7864D71836287D71AEB1EF84] - 15/05/2013 - 12:45:17 ---A- - C:\Windows\Prefetch\AM_DELTA.EXE-3A6EE7FD.pf
O45 - LFCP:[MD5.DF9C24A9E3AD0D954D91FF364E5A5093] - 15/05/2013 - 14:12:35 ---A- - C:\Windows\Prefetch\BACKGROUNDTRANSFERHOST.EXE-7DDF8CD2.pf
O45 - LFCP:[MD5.45AB2659A2E39B80343355CE9CC42291] - 15/05/2013 - 20:16:21 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EA0A52C8.pf
O45 - LFCP:[MD5.AE3D68440E03D27A298A54D517570A3B] - 15/05/2013 - 20:16:33 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-3C5D03F7.pf
O45 - LFCP:[MD5.0C2625AE935E679FEA7A5657E05B4C77] - 15/05/2013 - 21:04:19 ---A- - C:\Windows\Prefetch\WUDFHOST.EXE-0D78D366.pf
O45 - LFCP:[MD5.DF5FA4FEA37F2E843984DDAB6782531D] - 15/05/2013 - 21:33:50 ---A- - C:\Windows\Prefetch\MCUICNT.EXE-A7031FFF.pf
O45 - LFCP:[MD5.0B4CC1B42EAF0E709F8CFFDCA3A5C38D] - 15/05/2013 - 21:33:51 ---A- - C:\Windows\Prefetch\MCSMTFWK.EXE-9E1B7F96.pf
O45 - LFCP:[MD5.C1DC0A56458C2E5D008CCEE5E91F0745] - 16/05/2013 - 11:23:08 ---A- - C:\Windows\Prefetch\LIVECOMM.EXE-32EE8CFF.pf
O45 - LFCP:[MD5.051ECBB12DF318CA636FAA1B7788900D] - 16/05/2013 - 11:30:00 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-526550BA.pf
O45 - LFCP:[MD5.399525C396520FDC9D68C5015A553421] - 16/05/2013 - 11:32:02 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-3290E8FC.pf
O45 - LFCP:[MD5.A9E3DDF245BB215E61EC52DAED048809] - 16/05/2013 - 11:32:09 ---A- - C:\Windows\Prefetch\MBAM.EXE-125A28F9.pf
O45 - LFCP:[MD5.E00AB2F119E2E85336C1CE18D85D020D] - 16/05/2013 - 14:28:55 ---A- - C:\Windows\Prefetch\MCUPDATE.EXE-AF2E24C7.pf
O45 - LFCP:[MD5.33C5000D545BF090E41304E68C832096] - 16/05/2013 - 14:51:30 ---A- - C:\Windows\Prefetch\SETTINGSYNCHOST.EXE-1877EAB2.pf
O45 - LFCP:[MD5.0C905A16F196FDA8CC7E9D9C8AE6A3E5] - 16/05/2013 - 15:04:46 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-4A597D06.pf
O45 - LFCP:[MD5.79D7287C371C5E7BB4A294FD97A847C9] - 16/05/2013 - 15:04:47 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-18C9B6BA.pf
O45 - LFCP:[MD5.0C851D7C47E776FB5041DBB689D65C9B] - 16/05/2013 - 15:22:52 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-1A4CC1C3.pf
O45 - LFCP:[MD5.9DB02FC0470CB2892A9DEEA7CF987210] - 16/05/2013 - 15:54:14 ---A- - C:\Windows\Prefetch\WINRAR.EXE-72513729.pf
O45 - LFCP:[MD5.339738367D0B12D75BF0AA69D3A85E15] - 16/05/2013 - 15:54:51 ---A- - C:\Windows\Prefetch\VLC.EXE-F1ED81B3.pf
O45 - LFCP:[MD5.888B1444BF1458A7E3C793D4B9EC62D8] - 16/05/2013 - 16:28:28 ---A- - C:\Windows\Prefetch\MCINFO.EXE-545FA787.pf
O45 - LFCP:[MD5.FC133D3662F64909D98780D9CB743E20] - 16/05/2013 - 18:51:31 ---A- - C:\Windows\Prefetch\RICONBOY.EXE-A045F34B.pf
O45 - LFCP:[MD5.1D7479EF22E5C745E2850E85A8EC42AF] - 16/05/2013 - 19:00:12 ---A- - C:\Windows\Prefetch\MCAGENT.EXE-88404BE0.pf
O45 - LFCP:[MD5.3019D7BF50969258693AF1E20286E049] - 16/05/2013 - 19:22:40 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-05B3EDF6.pf
O45 - LFCP:[MD5.32E901FF0F7AD126E7FD5296DFC571F0] - 16/05/2013 - 19:25:25 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EE2FB4D9.pf
O45 - LFCP:[MD5.0DEFCB3B760D7E241E15DDD6AA9B6894] - 16/05/2013 - 19:55:39 ---A- - C:\Windows\Prefetch\USERINIT.EXE-7FD17ED1.pf
O45 - LFCP:[MD5.C7A64B8F92E0400C7DD03BEDEA365F2D] - 16/05/2013 - 19:55:40 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf
O45 - LFCP:[MD5.EAAD939D8509152F307B4A09C4220F85] - 16/05/2013 - 19:56:03 ---A- - C:\Windows\Prefetch\QUICKSHARE.EXE-B5AD6BDA.pf   =>PUP.QuickShare
O45 - LFCP:[MD5.2970D38782A7EF33B7E0F599DD2D1A4A] - 16/05/2013 - 19:56:52 ---A- - C:\Windows\Prefetch\AgCx_SC4.db
O45 - LFCP:[MD5.FB039D3039CE4D91D459FC96460CEB69] - 16/05/2013 - 20:35:31 ---A- - C:\Windows\Prefetch\TASKHOSTEX.EXE-7356AAC0.pf
O45 - LFCP:[MD5.9AE477DCA6D32CF022A6F406244AF491] - 16/05/2013 - 20:35:39 ---A- - C:\Windows\Prefetch\NGEN.EXE-383F81D5.pf
O45 - LFCP:[MD5.197194CA076174AE789E13D7A72E6ED9] - 16/05/2013 - 20:35:39 ---A- - C:\Windows\Prefetch\NGEN.EXE-A8DBB043.pf
O45 - LFCP:[MD5.288375D4B59A854C503328F99415B6E6] - 16/05/2013 - 20:35:42 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-4DB88ADA.pf
O45 - LFCP:[MD5.3E2AE8BA79B7384249ADA2D60F2A6C42] - 16/05/2013 - 20:35:43 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-CD4E002C.pf
O45 - LFCP:[MD5.41E6C1C203DB3631585DB166719EE3D4] - 16/05/2013 - 20:36:20 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-D593A5D9.pf
O45 - LFCP:[MD5.D6605B5DC0F289D1B5F1D118B1A04861] - 16/05/2013 - 20:36:24 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-55FE3087.pf
O45 - LFCP:[MD5.7CC77AA568FDC98ED67B8210868D7948] - 16/05/2013 - 20:55:13 ---A- - C:\Windows\Prefetch\dynreservedpri.db
O45 - LFCP:[MD5.7D94F4A34FF09A91A49C557389622D87] - 16/05/2013 - 21:28:16 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50DEE1CF.pf
O45 - LFCP:[MD5.FDBDFBBFC54982FD89A12D020B233663] - 17/05/2013 - 00:51:47 ---A- - C:\Windows\Prefetch\DSMUSERTASK.EXE-D4A83970.pf
O45 - LFCP:[MD5.BA4ACD628A2225F02EED27226EF01F91] - 17/05/2013 - 00:51:50 ---A- - C:\Windows\Prefetch\DRVINST.EXE-26FFA444.pf
O45 - LFCP:[MD5.D8FAAB23016E585AB6C4902BCE86C299] - 17/05/2013 - 00:53:46 ---A- - C:\Windows\Prefetch\OPENWITH.EXE-BA0DC300.pf
O45 - LFCP:[MD5.80A29509D4559E74EBC3F2495E598639] - 17/05/2013 - 00:53:55 ---A- - C:\Windows\Prefetch\SWRITER.EXE-FDA9E68A.pf
O45 - LFCP:[MD5.1A08D308F3166E819D2B388B881DFBEA] - 17/05/2013 - 00:53:56 ---A- - C:\Windows\Prefetch\SOFFICE.EXE-7F5AFD1D.pf
O45 - LFCP:[MD5.D9A8AF29B0D4BAEDBF8C713F579F5843] - 17/05/2013 - 00:53:57 ---A- - C:\Windows\Prefetch\SOFFICE.BIN-72E915F8.pf
O45 - LFCP:[MD5.92C646E655BA461B6A29FC4402922C7D] - 17/05/2013 - 00:54:20 ---A- - C:\Windows\Prefetch\SPLWOW64.EXE-853292E2.pf
O45 - LFCP:[MD5.0045EEF2A832C1132E10EEA1B52AD58A] - 17/05/2013 - 01:02:45 ---A- - C:\Windows\Prefetch\EPOWERBUTTON.EXE-98D06F6A.pf
O45 - LFCP:[MD5.D09837FD4525DC48F424A96A68F60F66] - 17/05/2013 - 01:04:47 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B865F023.pf
O45 - LFCP:[MD5.4165262CE1DC9FCA79E758D927ED2631] - 17/05/2013 - 01:05:05 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-801B023A.pf
O45 - LFCP:[MD5.69F62C15B3EC93099E45A743385CE649] - 17/05/2013 - 01:05:05 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-9178D9A9.pf
O45 - LFCP:[MD5.9FA756096AEAA7680255C34CC4BA4952] - 17/05/2013 - 01:54:12 ---A- - C:\Windows\Prefetch\WERMGR.EXE-D948C216.pf
O45 - LFCP:[MD5.15F94529B5EEBCF642938D4A736810FD] - 17/05/2013 - 03:54:08 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-F2C7AEBC.pf
O45 - LFCP:[MD5.5A7395A2DE80A7B66C5EF9C84619D1B5] - 17/05/2013 - 03:54:43 ---A- - C:\Windows\Prefetch\CLI.EXE-278FDBBC.pf
O45 - LFCP:[MD5.7921D88A0D5A51EF53BA06396E77C945] - 17/05/2013 - 04:00:15 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.1CC29D55BFE5C8DEAFBF080959C14324] - 17/05/2013 - 13:03:21 ---A- - C:\Windows\Prefetch\BROWSERPROTECT.EXE-6CD41A66.pf   =>Toolbar.Babylon
O45 - LFCP:[MD5.9EADD2E9CD44190D086E50AC79D57A20] - 17/05/2013 - 13:03:21 ---A- - C:\Windows\Prefetch\MBAMGUI.EXE-9FF23AE2.pf
O45 - LFCP:[MD5.E6E7BDF636619E4D963BBB6FA9BCA19D] - 17/05/2013 - 13:03:21 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-16B8AFA3.pf
O45 - LFCP:[MD5.74DD21844BFA023C71E68349E604B1CC] - 17/05/2013 - 13:03:21 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-676DE1C7.pf
O45 - LFCP:[MD5.D74C79162A8EDEAF781F14076D18CB48] - 17/05/2013 - 13:03:21 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-92038889.pf
O45 - LFCP:[MD5.A640FF59E6FDCB76AC39185CB4617FB1] - 17/05/2013 - 13:03:33 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6AA5D6C5.pf
O45 - LFCP:[MD5.BB61438F31E297D3B4416B36AC4BBB96] - 17/05/2013 - 13:03:40 ---A- - C:\Windows\Prefetch\CSC.EXE-4D47A477.pf
O45 - LFCP:[MD5.9BBB2E2C498A53C92D8EDD1CD1697C62] - 17/05/2013 - 13:03:40 ---A- - C:\Windows\Prefetch\CVTRES.EXE-9077A165.pf
O45 - LFCP:[MD5.C9B9AF05D68B6B09AED5DBCA5B5DABD6] - 17/05/2013 - 13:03:40 ---A- - C:\Windows\Prefetch\EPOWERSVC.EXE-31C24032.pf
O45 - LFCP:[MD5.3554E14809465E880C85CD3C256D715E] - 17/05/2013 - 13:03:40 ---A- - C:\Windows\Prefetch\NOBUCLIENT.EXE-74C4A059.pf
O45 - LFCP:[MD5.C9B3FAA632E5956130509346B705B203] - 17/05/2013 - 13:03:40 ---A- - C:\Windows\Prefetch\RAVCPL64.EXE-C0BB540D.pf
O45 - LFCP:[MD5.3F2B07D00E51516D688E2F4A3A996D87] - 17/05/2013 - 13:03:40 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-EF8503D3.pf
O45 - LFCP:[MD5.F3436F2019D26264DBD4A84C04775D42] - 17/05/2013 - 13:03:40 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-14FECFA1.pf
O45 - LFCP:[MD5.1DE84A16ECACB7741E0FC4D3933622C3] - 17/05/2013 - 13:03:40 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-A2BD634E.pf
O45 - LFCP:[MD5.89A1CE69F989D06F5575B4E1B26DE486] - 17/05/2013 - 13:03:40 ---A- - C:\Windows\Prefetch\YONTOODESKTOP.EXE-B3943292.pf   =>PUP.Yontoo
O45 - LFCP:[MD5.C7264614F37159D02BA3B8E2AA886B9D] - 17/05/2013 - 13:03:47 ---A- - C:\Windows\Prefetch\CLISTART.EXE-02DB8E02.pf
O45 - LFCP:[MD5.37419E734D6F638F29DEF9ABEFE750B4] - 17/05/2013 - 13:03:56 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-1B28B747.pf
O45 - LFCP:[MD5.293C43A0E8721A8458022773A83F2BFE] - 17/05/2013 - 13:03:56 ---A- - C:\Windows\Prefetch\JUSCHED.EXE-4B303C70.pf
O45 - LFCP:[MD5.C5DAF33B76E6E4271948E2C071CAA719] - 17/05/2013 - 13:03:56 ---A- - C:\Windows\Prefetch\RUNTIMEBROKER.EXE-17E2786F.pf
O45 - LFCP:[MD5.E48FF3787FBED41746F2190BF60F4403] - 17/05/2013 - 13:03:56 ---A- - C:\Windows\Prefetch\UPDATER.EXE-8B6750DD.pf
O45 - LFCP:[MD5.AB03891C8116E31333065DAA34EAF140] - 17/05/2013 - 13:03:56 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-BB49B536.pf
O45 - LFCP:[MD5.FBF3CAD582ECFBD6B98C1DBC139037D1] - 17/05/2013 - 13:04:58 ---A- - C:\Windows\Prefetch\MCSHIELD.EXE-105C24A4.pf
O45 - LFCP:[MD5.70204DF2D32546601E24528C6CF675CD] - 17/05/2013 - 13:04:58 ---A- - C:\Windows\Prefetch\RICONMAN.EXE-CA4FE585.pf
O45 - LFCP:[MD5.B08F4219BCCB357B6F600EF58FF24F82] - 17/05/2013 - 13:04:59 ---A- - C:\Windows\Prefetch\MOM.EXE-AF39B199.pf
O45 - LFCP:[MD5.D4332F01B4588DBA0178A10AC918D5A0] - 17/05/2013 - 13:05:02 ---A- - C:\Windows\Prefetch\CCC.EXE-22878179.pf
O45 - LFCP:[MD5.3A0B455060EA2CACF42C8573899156D3] - 17/05/2013 - 13:05:10 ---A- - C:\Windows\Prefetch\MCUPDATE.EXE-C6EAC66C.pf
O45 - LFCP:[MD5.31DC1A10B098A8224F8A260B69D9F75C] - 17/05/2013 - 13:05:16 ---A- - C:\Windows\Prefetch\NASVC.EXE-314DC6C9.pf
O45 - LFCP:[MD5.34F3B6FDF69BD7267843723BB15A55A5] - 17/05/2013 - 13:05:30 ---A- - C:\Windows\Prefetch\MMLOADDRV.EXE-778A3492.pf
O45 - LFCP:[MD5.DB50A5DB40F745A12C9B49272EF3F088] - 17/05/2013 - 13:05:30 ---A- - C:\Windows\Prefetch\MSMPENG.EXE-F9080403.pf
O45 - LFCP:[MD5.5EA737040561A80A04A38F5E06652195] - 17/05/2013 - 13:05:30 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-13D172B9.pf
O45 - LFCP:[MD5.D99AFD0E117E9756B8807BC5C3273BB1] - 17/05/2013 - 13:05:39 ---A- - C:\Windows\Prefetch\SETTINGSYNCHOST.EXE-DD400067.pf
O45 - LFCP:[MD5.59F7752E981E6037693CA3B387F76BA4] - 17/05/2013 - 13:05:42 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-985C34E6.pf
O45 - LFCP:[MD5.E35119DA0E70EFC772094DD5C03AF5CD] - 17/05/2013 - 13:05:54 ---A- - C:\Windows\Prefetch\MCODS.EXE-B2C51095.pf
O45 - LFCP:[MD5.80A1329A30169E8AC71964854E3FBF2A] - 17/05/2013 - 13:06:48 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-7D63BB4C.pf
O45 - LFCP:[MD5.2982556BF74719C51348B0082FE01688] - 17/05/2013 - 13:07:39 ---A- - C:\Windows\Prefetch\APPSUPDATER.EXE-C8083340.pf
O45 - LFCP:[MD5.277DE7AC15DB26A5E183E5BF7E0E1BB3] - 17/05/2013 - 13:07:56 ---A- - C:\Windows\Prefetch\MCSYNC.EXE-8559D2BC.pf
O45 - LFCP:[MD5.9CCC6A8BEFF368BD453BDF5CB8173585] - 17/05/2013 - 13:08:10 ---A- - C:\Windows\Prefetch\MCHLP32.EXE-C76241FD.pf
O45 - LFCP:[MD5.21A439F129C5A65C37607E91BD212F98] - 17/05/2013 - 13:08:44 ---A- - C:\Windows\Prefetch\QCSHM.EXE-706708ED.pf
O45 - LFCP:[MD5.E32AFF08F7F1CF6D2CD99EBBECA87CD1] - 17/05/2013 - 13:09:57 ---A- - C:\Windows\Prefetch\SAUPD.EXE-C3B1E227.pf
O45 - LFCP:[MD5.76EC6F393D3F6727E997C914C637D91E] - 17/05/2013 - 13:09:58 ---A- - C:\Windows\Prefetch\SAUI.EXE-E1257AE8.pf
O45 - LFCP:[MD5.C898956809C772A1C36A8FD91CCC51E0] - 17/05/2013 - 13:12:45 ---A- - C:\Windows\Prefetch\NOTIFICATION.EXE-DF0C3CF0.pf
O45 - LFCP:[MD5.C66F79FE4E72BC27D22E6B3FB34B6837] - 17/05/2013 - 13:17:16 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3F7.pf
O45 - LFCP:[MD5.1D863375E693927D1BFBB80F16506D89] - 17/05/2013 - 13:19:34 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-4A7CF88B.pf
O45 - LFCP:[MD5.6E223F6A027E7981889847EC9EE596C0] - 17/05/2013 - 13:19:35 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.151.88.0.EXE-41D1782D.pf
O45 - LFCP:[MD5.36A75A3BFC12BC1CA916411EBA558855] - 17/05/2013 - 13:19:35 ---A- - C:\Windows\Prefetch\MPSIGSTUB.EXE-4D562760.pf
O45 - LFCP:[MD5.365C40DD2C39674EEFB5F5460E1F4C91] - 17/05/2013 - 13:44:58 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-D687BE54.pf
O45 - LFCP:[MD5.3C76FFB55A2AFC193C9B7FF6ADDB9555] - 17/05/2013 - 13:45:10 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.E34AC94C0B9E52DC434185034E19AB0C] - 17/05/2013 - 13:45:20 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-22AD8A37.pf
O45 - LFCP:[MD5.B11346B40CD1BAB86E3EED7348C2381A] - 17/05/2013 - 13:45:20 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5511E724.pf
O45 - LFCP:[MD5.540AA38FA8A40F9D2C8B82C061451CC7] - 17/05/2013 - 13:54:09 ---A- - C:\Windows\Prefetch\MCOCROLLBACK.EXE-48449529.pf
O45 - LFCP:[MD5.B55363ADE9197BAA61FCFC366A11EDDD] - 17/05/2013 - 13:54:26 ---A- - C:\Windows\Prefetch\MCINSTRU.EXE-F710CFF1.pf
O45 - LFCP:[MD5.380F15406976532C38598825D0F3CECA] - 17/05/2013 - 14:23:11 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3F4.pf
O45 - LFCP:[MD5.0DD43D4926285BB940C00CFEFF7E3EE1] - 17/05/2013 - 14:47:25 ---A- - C:\Windows\Prefetch\THUMBNAILEXTRACTIONHOST.EXE-C3FB8861.pf
O45 - LFCP:[MD5.FE9F75D4D77A58F10EF173524CCFBF4A] - 17/05/2013 - 15:15:11 ---A- - C:\Windows\Prefetch\HWUPDCHK.EXE-9AC16830.pf
O45 - LFCP:[MD5.40057F0D698DFEA54B65BDDF3B91EB18] - 17/05/2013 - 15:15:11 ---A- - C:\Windows\Prefetch\MCSVRCNT.EXE-3C30113B.pf
O45 - LFCP:[MD5.5FC2ECBABFCACA4A9D7487F697C63443] - 17/05/2013 - 15:15:11 ---A- - C:\Windows\Prefetch\MCUPDMGR.EXE-73F1857E.pf
O45 - LFCP:[MD5.BB4EE496CACFBA048464A18BE53E6EA1] - 17/05/2013 - 15:15:11 ---A- - C:\Windows\Prefetch\MCVSMAP.EXE-64B21786.pf
O45 - LFCP:[MD5.81A0B6896E130ABDC5C1D75357DAF5A8] - 17/05/2013 - 15:16:46 ---A- - C:\Windows\Prefetch\MCINSUPD.EXE-99FB83BE.pf
O45 - LFCP:[MD5.25DFD3DB9F27CFBC602CA1987ABD4282] - 17/05/2013 - 15:17:22 ---A- - C:\Windows\Prefetch\MISPREG.EXE-3031D383.pf
O45 - LFCP:[MD5.C782B791599F95B41327C4423DE301DC] - 17/05/2013 - 15:17:55 ---A- - C:\Windows\Prefetch\MCHOST.EXE-425F141C.pf
O45 - LFCP:[MD5.EDE8E197C541960E0F6519837143CBB3] - 17/05/2013 - 16:04:36 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-10E4267C.pf
O45 - LFCP:[MD5.2A55F8C340C6D488B3D85C5D1CD8BFB8] - 17/05/2013 - 16:04:36 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-C6CFE2A8.pf
O45 - LFCP:[MD5.BDD4FCF8B4756272355DCF463D8F1518] - 17/05/2013 - 16:08:36 ---A- - C:\Windows\Prefetch\MCUICNT.EXE-050F1A86.pf
O45 - LFCP:[MD5.3162ED6604CC657DC4E41358CDCD8CF9] - 17/05/2013 - 16:08:37 ---A- - C:\Windows\Prefetch\MCSMTFWK.EXE-C4692801.pf
O45 - LFCP:[MD5.39DBD0FE61EA8BB160F0E3843C5783A2] - 17/05/2013 - 16:23:24 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3FB.pf
O45 - LFCP:[MD5.F6DD43F17FB2DB97A316CCF0F0315ABD] - 17/05/2013 - 16:28:27 ---A- - C:\Windows\Prefetch\MCINFO.EXE-7515B06C.pf
O45 - LFCP:[MD5.60CFC6A0E611C456407ED0069937D4FD] - 17/05/2013 - 17:04:23 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-1106754654-3922961964-2480603745-1001.db
O45 - LFCP:[MD5.5549606333A948B576A60BAACBDD46FD] - 17/05/2013 - 17:04:28 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-1106754654-3922961964-2480603745-1001.db
O45 - LFCP:[MD5.3719419025D7B0936178F9B8E960F298] - 17/05/2013 - 17:29:18 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-E35F76FB.pf
O45 - LFCP:[MD5.D943623AF9B59AC9D871ADB435D2BBE1] - 17/05/2013 - 17:29:50 ---A- - C:\Windows\Prefetch\CONSENT.EXE-2D674CE4.pf
O45 - LFCP:[MD5.866BC7E20C2242FE4E1A048668168D8B] - 17/05/2013 - 17:30:05 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50AF0BCC.pf
O45 - LFCP:[MD5.47B664EF9D09A6C038C3AC1A302A99AC] - 17/05/2013 - 17:30:05 ---A- - C:\Windows\Prefetch\LAUNCHTM.EXE-B444BC8E.pf
O45 - LFCP:[MD5.5A9F71C8FAB439C855F4675393B451A4] - 17/05/2013 - 17:30:05 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-39AABA37.pf
O45 - LFCP:[MD5.67B8936882E29BD76570F5AB0F475487] - 17/05/2013 - 17:31:35 ---A- - C:\Windows\Prefetch\MMC.EXE-57FA7470.pf
O45 - LFCP:[MD5.3B0E1B8B557AAB6586E3C858F4279EEC] - 17/05/2013 - 17:33:40 ---A- - C:\Windows\Prefetch\CONHOST.EXE-F98A1078.pf
O45 - LFCP:[MD5.283D73F6C21B4149AB465E6194471FAE] - 17/05/2013 - 17:33:47 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-6520183E.pf
O45 - LFCP:[MD5.A47A65672BA79C81A5A390D0E3CC91CC] - 17/05/2013 - 17:39:23 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC.EXE-B2BD2F82.pf   =>Rogue SpeedUpMyPC
O45 - LFCP:[MD5.2D65C77A48976C51C60073D34EFD2A03] - 17/05/2013 - 17:39:23 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC.TMP-B7CAD981.pf   =>Rogue SpeedUpMyPC
O45 - LFCP:[MD5.F28292CD26AA8FCF6B342C11D7206ECC] - 17/05/2013 - 17:41:11 ---A- - C:\Windows\Prefetch\DELEGATE_EXECUTE.EXE-268E65DD.pf
O45 - LFCP:[MD5.C9F8E5C9DC3C85F504B8106BBE5546FB] - 17/05/2013 - 17:42:47 ---A- - C:\Windows\Prefetch\ATIECLXX.EXE-A62CF8E4.pf
O45 - LFCP:[MD5.F469763B593192526D03E319E290FC3D] - 17/05/2013 - 17:48:54 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-38926D07.pf
O45 - LFCP:[MD5.81C21D06428C8B19053C714AA295D214] - 17/05/2013 - 17:50:09 ---A- - C:\Windows\Prefetch\Op-EXPLORER.EXE-03C49D11-000000F5.pf
O45 - LFCP:[MD5.000E79F80E107BB40D6D6856F123F157] - 17/05/2013 - 17:50:34 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C7028A70.pf
O45 - LFCP:[MD5.27847B5F78776555655AF33D6831BA53] - 17/05/2013 - 17:50:39 ---A- - C:\Windows\Prefetch\MMC.EXE-787EFBBC.pf
O45 - LFCP:[MD5.B91B78E0CF23F4082D35D28546EA30B5] - 17/05/2013 - 18:08:08 ---A- - C:\Windows\Prefetch\MCSYNC.EXE-A60FDBA1.pf
O45 - LFCP:[MD5.CC058A93D050E2CB3C37E38B170BACA8] - 17/05/2013 - 18:08:09 ---A- - C:\Windows\Prefetch\MCHLP32.EXE-6171D8A8.pf
O45 - LFCP:[MD5.C313AC368468A8FADFD21DEC7AC30931] - 17/05/2013 - 18:09:12 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.728D9104D923F546137481D98571E7BA] - 17/05/2013 - 18:09:13 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.342FAC95BD455908FF4D0B0338AD137F] - 17/05/2013 - 18:09:28 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.B8927BFE92B8A99FF517D1FD1368C8E2] - 17/05/2013 - 18:09:29 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.68F3A4A796BABD2104DF32D81A011CD5] - 17/05/2013 - 18:09:33 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-7D20CFB0.pf
O45 - LFCP:[MD5.BB530C4A847401C5C26E09137CC01261] - 17/05/2013 - 18:13:09 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-29D61DAB.pf
O45 - LFCP:[MD5.E283DD9A984E479E834D6061CD0BCC52] - 17/05/2013 - 18:16:02 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-389D9617.pf
O45 - LFCP:[MD5.222E850B1EC3658C80BBEE47617DE258] - 17/05/2013 - 18:16:08 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-00C23FA4.pf
O45 - LFCP:[MD5.549418ECF6F357DC8693BC31756A9D5A] - 17/05/2013 - 18:16:09 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-FC5F6F35.pf
O45 - LFCP:[MD5.E2897C84B043EDB8F4A35394B35CA5AA] - 17/05/2013 - 18:16:52 ---A- - C:\Windows\Prefetch\ZHPDIAG2 (1).TMP-364DA0BE.pf
O45 - LFCP:[MD5.E17E7C97D553BD1F8A603CB5B609EE46] - 17/05/2013 - 18:16:55 ---A- - C:\Windows\Prefetch\ZHPDIAG2 (1).EXE-3A22D706.pf
O45 - LFCP:[MD5.A500F6064637D37529AAA58E743F904D] - 17/05/2013 - 18:16:55 ---A- - C:\Windows\Prefetch\ZHPDIAG2 (1).TMP-17A5E9D4.pf
O45 - LFCP:[MD5.3EB963BCB8CE3358FD9DFA88EFA0A4C2] - 17/05/2013 - 18:18:01 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-210D3DBE.pf
O45 - LFCP:[MD5.73383057466EE5D2D4E5CCA2561A9D10] - 17/05/2013 - 18:19:25 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-7B160CA5.pf
O45 - LFCP:[MD5.DBCFE7D9A479AAC044987E17E950ABE1] - 17/05/2013 - 18:19:34 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5B401A7E.pf
O45 - LFCP:[MD5.A052FFA25498CA83F7ACFCD984E0C16D] - 17/05/2013 - 18:20:01 ---A- - C:\Windows\Prefetch\CMD.EXE-2EB3E6E2.pf
O45 - LFCP:[MD5.7EB270A85E9EF843443C105E209590CC] - 17/05/2013 - 18:20:01 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-D08B2113.pf
O45 - LFCP:[MD5.46912A1125D49FA723EA1ED477ED0915] - 17/05/2013 - 18:20:27 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-0AD36442.pf
O45 - LFCP:[MD5.61FA365DBECA96905F65F87E84E42746] - 17/05/2013 - 18:23:25 ---A- - C:\Windows\Prefetch\TIWORKER.EXE-D3BFD41F.pf
O45 - LFCP:[MD5.ABBA0DE166CF956C009E3591850001BF] - 17/05/2013 - 18:23:25 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-B018CCBF.pf
O45 - LFCP:[MD5.1A8BD738D6C693AC767C965899A1C83A] - 17/05/2013 - 18:24:02 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-62E5E10F.pf
O45 - LFCP:[MD5.B890B7C1D14777C342DD3B1D7DDA798C] - 17/05/2013 - 18:24:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-23205583.pf
O45 - LFCP:[MD5.359C251F004D7802AA2525255380BFC8] - 17/05/2013 - 18:26:29 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-94CE7668.pf
O45 - LFCP:[MD5.EA3C65A463B7EA14E0A37F7D17FC2611] - 17/05/2013 - 18:26:36 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-5F2753B1.pf
O45 - LFCP:[MD5.EB086C5901B5BD9C8BB891E1D130A9CD] - 17/05/2013 - 18:26:44 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-9848A323.pf
O45 - LFCP:[MD5.B48E43501484C34765FF2FD97BFC3D62] - 17/05/2013 - 18:26:46 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-C7289479.pf
O45 - LFCP:[MD5.E9D37CEF5FEA7413C306F572006AAE67] - 17/05/2013 - 18:27:31 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-E9FF6526.pf
O45 - LFCP:[MD5.5D8944168A8E07E687840FCCF553BCCF] - 17/05/2013 - 18:27:38 ---A- - C:\Windows\Prefetch\PV.EXE-D9D90B9C.pf
O45 - LFCP:[MD5.BC43B5653FC9F6769CE476551F079940] - 17/05/2013 - 18:27:39 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-0C8A533A.pf
O45 - LFCP:[MD5.6D311F3538E2A7B045CC8A80CB633BDD] - 20/04/2013 - 21:15:55 ---A- - C:\Windows\Prefetch\MSOO.EXE-C716B01E.pf
O45 - LFCP:[MD5.951E802257F3DF2E9D764D82744DAB55] - 20/04/2013 - 21:16:18 ---A- - C:\Windows\Prefetch\SETUP.EXE-5DA64B9D.pf
O45 - LFCP:[MD5.C5D03B1B6FEE020C2D48779A43DBC800] - 20/04/2013 - 21:17:41 ---A- - C:\Windows\Prefetch\1366489044ITINSTALLERP.EXE-1575B94C.pf
O45 - LFCP:[MD5.2887C94D086CBFFFF079AA8EDDD22AA6] - 20/04/2013 - 21:17:51 ---A- - C:\Windows\Prefetch\5494INSTALLER.EXE-0008EE80.pf
O45 - LFCP:[MD5.B297C8B9EB421EB77205D69BFBC5FE69] - 20/04/2013 - 21:19:12 ---A- - C:\Windows\Prefetch\SOFTWAREUPDATER.EXE-5CD7443C.pf   =>PUP.Eorezo
O45 - LFCP:[MD5.230BB532F3F3387A1014E77AF9AD0F3D] - 20/04/2013 - 21:42:16 ---A- - C:\Windows\Prefetch\VCREDIST_X64.EXE-941A8A75.pf
O45 - LFCP:[MD5.01736B88FEF7E81A3A6FD5F29CEA0CDD] - 20/04/2013 - 21:42:19 ---A- - C:\Windows\Prefetch\INSTALL.EXE-ED11A4EF.pf
O45 - LFCP:[MD5.BA52F4270FB1D427F0FAC2FF31B7B46D] - 20/04/2013 - 21:44:07 ---A- - C:\Windows\Prefetch\INSTALL.EXE-29992B01.pf
O45 - LFCP:[MD5.FA35C55103A70ED60D8AF17F233B7FD8] - 20/04/2013 - 21:54:27 ---A- - C:\Windows\Prefetch\LES_MANIPULATEURS_SONT_PARMIS-0DC0B7F8.pf
O45 - LFCP:[MD5.EE78E0ECF581F3EFFC3DD018AAB57048] - 20/04/2013 - 21:55:08 ---A- - C:\Windows\Prefetch\TOOLBAR41568244-0BA8.EXE-770028BD.pf
O45 - LFCP:[MD5.5A7DD96EE5DBB91F74F3646DBD23AE32] - 20/04/2013 - 21:55:16 ---A- - C:\Windows\Prefetch\SETUP.EXE-65C7F303.pf
O45 - LFCP:[MD5.C95B2F608F8897F495BE24EF8F1E8206] - 20/04/2013 - 21:56:53 ---A- - C:\Windows\Prefetch\GOFORFILESDL.EXE-B6294483.pf   =>P2P.GoforFiles
O45 - LFCP:[MD5.C1D1FDEB58B891FB2C4FEDC30DE3AA6F] - 20/04/2013 - 22:00:24 ---A- - C:\Windows\Prefetch\CLEARFIPHOTO.EXE-2A1AA70C.pf
O45 - LFCP:[MD5.FE2325BF0C87FBF648B301265509E886] - 23/04/2013 - 16:26:44 ---A- - C:\Windows\Prefetch\PICKERHOST.EXE-03F09186.pf
O45 - LFCP:[MD5.F96F221207A4E9FB34C04D70158DAFF4] - 24/04/2013 - 14:00:09 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-917C29EF.pf
O45 - LFCP:[MD5.E47A69DB7CFCD01A6E0E91E9B74DFAF5] - 27/04/2013 - 10:33:16 ---A- - C:\Windows\Prefetch\AU_.EXE-E6FA9BA0.pf
O45 - LFCP:[MD5.2EB5BADA00A3B70E78766E6F7F8A882C] - 27/04/2013 - 10:33:29 ---A- - C:\Windows\Prefetch\GUNINSTALLER.EXE-1FA3D7C1.pf
O45 - LFCP:[MD5.56A5EC7105872F0700FD317D9814494A] - 27/04/2013 - 19:04:42 ---A- - C:\Windows\Prefetch\JUCHECK.EXE-3F4853CB.pf
O45 - LFCP:[MD5.570CDA4D05C3482D31180F4C9724491E] - 27/04/2013 - 19:05:15 ---A- - C:\Windows\Prefetch\JRE-7U21-WINDOWS-I586-IFTW.EX-B82A1B7D.pf
~ Prefetcher: 257 Scanned in 00mn 04s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 01s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfefirek.sys . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\Windows\System32\Drivers\mfefirek.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfehidk.sys . (.McAfee, Inc. - McAfee Link Driver.) -- C:\Windows\System32\Drivers\mfehidk.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 19 Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 01s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ MWPE Keys: 3 Scanned in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.4F18D4C7EA14F11A7211F60D553C03DB] - 26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys   [106736]
~ Drivers:  Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 14/05/2013 - 04:33:47 ---A- C:\Users\anaisa\AppData\Local\Smartbar\QuickShare.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i\1.6.1.952\user.config   [538]   =>Hijacker.SmartBar
O61 - LFC: 14/05/2013 - 04:33:49 ---A- C:\Users\anaisa\AppData\Local\Smartbar\Application\QuickShare.exe.config   [13239]   =>Hijacker.SmartBar
O61 - LFC: 14/05/2013 - 04:33:59 ---A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\LiveComm.etl   [131072]
O61 - LFC: 14/05/2013 - 04:33:59 ---A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\Microsoft.WindowsLive.ModernPhotos.etl   [262144]
O61 - LFC: 14/05/2013 - 11:02:04 ---A- C:\Users\anaisa\AppData\Local\Temp\MSIe6566.LOG   [191814]
O61 - LFC: 14/05/2013 - 11:02:31 ---A- C:\Users\anaisa\AppData\Local\Temp\MSIe6567.LOG   [191848]
O61 - LFC: 14/05/2013 - 16:38:24 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000617   [1048576]
O61 - LFC: 14/05/2013 - 16:38:26 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000618   [1048576]
O61 - LFC: 14/05/2013 - 16:38:28 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000619   [617416]
O61 - LFC: 14/05/2013 - 16:38:33 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00061a   [1048576]
O61 - LFC: 14/05/2013 - 16:38:34 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00061b   [1048576]
O61 - LFC: 14/05/2013 - 16:38:38 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00061c   [1048576]
O61 - LFC: 14/05/2013 - 16:38:58 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00061d   [1048576]
O61 - LFC: 14/05/2013 - 16:39:21 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00061e   [1048576]
O61 - LFC: 14/05/2013 - 16:39:42 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00061f   [1048576]
O61 - LFC: 14/05/2013 - 16:40:00 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000620   [1048576]
O61 - LFC: 14/05/2013 - 16:40:16 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000621   [1048576]
O61 - LFC: 14/05/2013 - 16:40:32 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000622   [1048576]
O61 - LFC: 14/05/2013 - 16:40:50 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000623   [1048576]
O61 - LFC: 14/05/2013 - 16:41:10 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000624   [1048576]
O61 - LFC: 14/05/2013 - 16:41:28 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000625   [1048576]
O61 - LFC: 14/05/2013 - 16:41:47 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000626   [1048576]
O61 - LFC: 14/05/2013 - 16:41:53 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000627   [288281]
O61 - LFC: 14/05/2013 - 16:47:45 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000628   [1048576]
O61 - LFC: 14/05/2013 - 16:47:45 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000629   [1048576]
O61 - LFC: 14/05/2013 - 16:47:47 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00062a   [1048576]
O61 - LFC: 14/05/2013 - 16:48:06 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00062b   [1048576]
O61 - LFC: 14/05/2013 - 16:48:30 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00062c   [1048576]
O61 - LFC: 14/05/2013 - 16:48:51 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00062d   [1048576]
O61 - LFC: 14/05/2013 - 16:49:08 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00062e   [1048576]
O61 - LFC: 14/05/2013 - 16:49:24 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00062f   [1048576]
O61 - LFC: 14/05/2013 - 16:49:40 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000630   [1048576]
O61 - LFC: 14/05/2013 - 16:49:59 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000631   [1048576]
O61 - LFC: 14/05/2013 - 16:50:18 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000632   [1048576]
O61 - LFC: 14/05/2013 - 16:50:37 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000633   [1048576]
O61 - LFC: 14/05/2013 - 16:50:56 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000634   [1048576]
O61 - LFC: 14/05/2013 - 16:51:02 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000635   [288281]
O61 - LFC: 14/05/2013 - 17:01:17 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\static.anonymousdmp.com\pus.sol   [68]
O61 - LFC: 14/05/2013 - 17:05:09 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\manifest.json   [2054]
O61 - LFC: 14/05/2013 - 17:05:09 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll   [13136776]
O61 - LFC: 14/05/2013 - 17:08:25 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\tag.coffeetable.hiro.tv\HIRO_NETWORK_CAPPING_COOKIE.sol   [67]
O61 - LFC: 14/05/2013 - 17:08:26 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\tag.coffeetable.hiro.tv\hiro_companion_cookie.sol   [106]
O61 - LFC: 14/05/2013 - 17:14:00 -S-A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\F063BF7EF604434CBE00FF198F0D9B10   [332]
O61 - LFC: 14/05/2013 - 17:51:52 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000636   [1048576]
O61 - LFC: 14/05/2013 - 17:51:53 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000637   [1048576]
O61 - LFC: 14/05/2013 - 17:51:56 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000638   [1048576]
O61 - LFC: 14/05/2013 - 17:52:06 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000639   [1048576]
O61 - LFC: 14/05/2013 - 17:52:17 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00063a   [1048576]
O61 - LFC: 14/05/2013 - 17:52:19 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00063b   [125151]
O61 - LFC: 14/05/2013 - 18:30:02 ---A- C:\Users\anaisa\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\AskPartnerCobrandingTool.exe   [246408]
O61 - LFC: 14/05/2013 - 18:30:02 ---A- C:\Users\anaisa\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\RunIE.exe   [42880]
O61 - LFC: 14/05/2013 - 18:30:02 ---A- C:\Users\anaisa\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\instApp.exe   [176640]
O61 - LFC: 14/05/2013 - 18:30:20 ---A- C:\Users\anaisa\AppData\Local\Temp\MSIe6568.LOG   [191836]
O61 - LFC: 14/05/2013 - 19:19:12 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.viduki.com_0.localstorage   [3072]
O61 - LFC: 14/05/2013 - 19:19:12 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.viduki.com_0.localstorage-journal   [3608]
O61 - LFC: 14/05/2013 - 19:32:21 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_yllix.com_0.localstorage   [3072]
O61 - LFC: 14/05/2013 - 19:32:21 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_yllix.com_0.localstorage-journal   [3608]
O61 - LFC: 14/05/2013 - 19:45:19 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00063c   [1048576]
O61 - LFC: 14/05/2013 - 19:45:28 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00063d   [1048576]
O61 - LFC: 14/05/2013 - 19:45:36 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00063e   [777432]
O61 - LFC: 14/05/2013 - 20:20:21 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00063f   [1048576]
O61 - LFC: 14/05/2013 - 20:20:21 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000640   [18520]
O61 - LFC: 14/05/2013 - 21:35:21 ---A- C:\Users\anaisa\AppData\Local\Packages\09B6C2D8.TheTreasuresofMontezuma3_hbbh9szp6erha\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:21 ---A- C:\Users\anaisa\AppData\Local\Packages\7digitalLtd.7digitalMusicStore_qv1vc61z2t2b4\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:22 ---A- C:\Users\anaisa\AppData\Local\Packages\AcerIncorporated.AcerExplorer_48frkmn4z8aw4\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:23 ---A- C:\Users\anaisa\AppData\Local\Packages\eBayInc.eBay_1618n3s9xq8tw\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:23 ---A- C:\Users\anaisa\AppData\Local\Packages\esobiIncorporated.newsXpressoMetro_sngswjb5h6fyg\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:24 ---A- C:\Users\anaisa\AppData\Local\Packages\Evernote.Evernote_q4d96b2w5wcc2\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:24 ---A- C:\Users\anaisa\AppData\Local\Packages\Evernote.Skitch_q4d96b2w5wcc2\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:25 ---A- C:\Users\anaisa\AppData\Local\Packages\GAMELOFTSA.SharkDash_0pp20fcewvvtj\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:25 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:26 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:26 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:27 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:27 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:28 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:28 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:29 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:29 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.Camera_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:30 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.Media.PlayReadyClient_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:30 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:30 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.MicrosoftMinesweeper_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:31 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:31 ---A- C:\Users\anaisa\AppData\Local\Packages\microsoft.microsoftskydrive_8wekyb3d8bbwe\Settings\settings.dat   [262144]
O61 - LFC: 14/05/2013 - 21:35:32 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:32 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:32 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.Studios.PinballFx2_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:33 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.Taptiles_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:34 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.VCLibs.110.00_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:34 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.VCLibs.110_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:36 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.WinJS.1.0.RC_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:36 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.WinJS.1.0_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:36 ---A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\Settings\settings.dat   [262144]
O61 - LFC: 14/05/2013 - 21:35:37 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\Settings\settings.dat   [262144]
O61 - LFC: 14/05/2013 - 21:35:38 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:38 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\Settings\settings.dat   [262144]
O61 - LFC: 14/05/2013 - 21:35:38 ---A- C:\Users\anaisa\AppData\Local\Packages\TuneIn.TuneInRadio_6bhtb546zcxnj\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:39 ---A- C:\Users\anaisa\AppData\Local\Packages\WeatherBug.WeatherBugbeta_j565901s17z26\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:39 ---A- C:\Users\anaisa\AppData\Local\Packages\txtr.txtrReader_g057jjhb9dtk6\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:40 ---A- C:\Users\anaisa\AppData\Local\Packages\WildTangentGames.-GamesApp-_qt5r5pa5dyg8m\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:41 ---A- C:\Users\anaisa\AppData\Local\Packages\WinStore_cw5n1h2txyewy\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:41 ---A- C:\Users\anaisa\AppData\Local\Packages\ZeptoLabUKLimited.CutTheRope_sq9zxnwrk84pj\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 21:35:41 ---A- C:\Users\anaisa\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\Settings\settings.dat   [8192]
O61 - LFC: 14/05/2013 - 22:58:07 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_filesflash.com_0.localstorage   [3072]
O61 - LFC: 14/05/2013 - 22:58:07 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_filesflash.com_0.localstorage-journal   [3608]
O61 - LFC: 14/05/2013 - 23:11:52 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.nba.com_0.localstorage   [3072]
O61 - LFC: 14/05/2013 - 23:11:52 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.nba.com_0.localstorage-journal   [3608]
O61 - LFC: 14/05/2013 - 23:52:11 ---A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\1999f31ce769fca9\120712-0049\Mail\66\1d000067\20001356_ab2bba8e535024.eml   [140679]
O61 - LFC: 15/05/2013 - 01:39:57 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\fr-himedia.cdn.videoplaza.tv\com.videoplaza.bootloader.sol   [121]
O61 - LFC: 15/05/2013 - 01:41:17 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\www.jeuxvideo.com\com.jeroenwijering.sol   [54]
O61 - LFC: 15/05/2013 - 01:41:21 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\fr-himedia.cdn.videoplaza.tv\com.videoplaza.adplayer.sol   [443]
O61 - LFC: 15/05/2013 - 02:09:16 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com\##75233E3DE50FD79A\00000001.sol   [159]
O61 - LFC: 15/05/2013 - 03:56:03 ---A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\INetCookies\0SWS9IEQ.txt   [916]
O61 - LFC: 15/05/2013 - 14:02:58 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\software.hiro.tv\HIRO_REPO.sol   [108]
O61 - LFC: 15/05/2013 - 14:03:00 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\tag.audiencetv.hiro.tv\HIRO_NETWORK_CAPPING_COOKIE.sol   [3388]
O61 - LFC: 15/05/2013 - 14:03:32 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\tag.audiencetv.hiro.tv\mb.sol   [159]
O61 - LFC: 15/05/2013 - 14:08:11 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_soundcloud.com_0.localstorage   [3072]
O61 - LFC: 15/05/2013 - 14:08:11 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_soundcloud.com_0.localstorage-journal   [3608]
O61 - LFC: 15/05/2013 - 15:11:37 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000641   [1048576]
O61 - LFC: 15/05/2013 - 15:11:56 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000642   [1048576]
O61 - LFC: 15/05/2013 - 15:12:22 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000643   [1048576]
O61 - LFC: 15/05/2013 - 15:12:44 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000644   [891332]
O61 - LFC: 15/05/2013 - 15:13:48 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000645   [546056]
O61 - LFC: 15/05/2013 - 15:14:43 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000646   [1048576]
O61 - LFC: 15/05/2013 - 15:15:00 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000647   [1048576]
O61 - LFC: 15/05/2013 - 15:15:15 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000648   [664531]
O61 - LFC: 15/05/2013 - 15:46:22 ---A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\1999f31ce769fca9\120712-0049\Mail\66\1d000067\200013bb_36e179b1dcea95.eml   [105509]
O61 - LFC: 15/05/2013 - 16:15:36 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000649   [1048576]
O61 - LFC: 15/05/2013 - 16:16:09 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00064a   [1048576]
O61 - LFC: 15/05/2013 - 16:16:32 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00064b   [1048576]
O61 - LFC: 15/05/2013 - 16:16:59 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00064c   [1048576]
O61 - LFC: 15/05/2013 - 16:17:01 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00064d   [129916]
O61 - LFC: 15/05/2013 - 16:39:13 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lexpress.fr_0.localstorage   [3072]
O61 - LFC: 15/05/2013 - 16:39:13 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lexpress.fr_0.localstorage-journal   [3608]
O61 - LFC: 15/05/2013 - 16:44:35 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mediacdn.disqus.com_0.localstorage   [4096]
O61 - LFC: 15/05/2013 - 16:44:35 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mediacdn.disqus.com_0.localstorage-journal   [4640]
O61 - LFC: 15/05/2013 - 17:14:14 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gawker.com_0.localstorage   [3072]
O61 - LFC: 15/05/2013 - 17:14:14 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gawker.com_0.localstorage-journal   [3608]
O61 - LFC: 15/05/2013 - 17:24:45 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lc.iadvize.com_0.localstorage   [3072]
O61 - LFC: 15/05/2013 - 17:24:45 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lc.iadvize.com_0.localstorage-journal   [3608]
O61 - LFC: 15/05/2013 - 18:50:48 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00064e   [1048576]
O61 - LFC: 15/05/2013 - 18:51:07 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00064f   [1048576]
O61 - LFC: 15/05/2013 - 18:51:27 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000650   [765568]
O61 - LFC: 15/05/2013 - 19:53:02 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.paperblog.fr_0.localstorage   [3072]
O61 - LFC: 15/05/2013 - 19:53:02 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.paperblog.fr_0.localstorage-journal   [3608]
O61 - LFC: 15/05/2013 - 20:11:44 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_2   [1056768]
O61 - LFC: 15/05/2013 - 21:09:58 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage   [218112]
O61 - LFC: 15/05/2013 - 21:09:58 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal   [16384]
O61 - LFC: 15/05/2013 - 23:36:45 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\macromedia.com\support\flashplayer\sys\#maison.neopodia.com\settings.sol   [89]
O61 - LFC: 16/05/2013 - 00:23:08 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\s.ytimg.com\subtitlesModuleData.sol   [180]
O61 - LFC: 16/05/2013 - 00:25:17 ---A- C:\Users\anaisa\AppData\Local\Packages\Microsoft.XboxCompanion_8wekyb3d8bbwe\Settings\settings.dat   [262144]
O61 - LFC: 16/05/2013 - 00:51:35 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Bookmarks   [15833]
O61 - LFC: 16/05/2013 - 00:51:35 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak   [15833]
O61 - LFC: 16/05/2013 - 02:25:42 ---A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\1999f31ce769fca9\120712-0049\People\AddressBook\26000076_b6ed1ad3ccfe59.eml   [362]
O61 - LFC: 16/05/2013 - 02:45:25 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\www.cast3d.biz\com.jeroenwijering.sol   [64]
O61 - LFC: 16/05/2013 - 02:50:48 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\i.cdn.turner.com\com.turner.cvp.so.sol   [81]
O61 - LFC: 16/05/2013 - 02:50:50 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\macromedia.com\support\flashplayer\sys\#cdn1-premiere.ladmedia.fr\settings.sol   [95]
O61 - LFC: 16/05/2013 - 02:50:54 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.premiere.fr_0.localstorage   [54272]
O61 - LFC: 16/05/2013 - 02:50:54 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.premiere.fr_0.localstorage-journal   [3608]
O61 - LFC: 16/05/2013 - 03:30:58 ---A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\BackgroundTransferApi\63786126-e98d-45a2-ab6a-0f3d92702b42.up_meta   [89]
O61 - LFC: 16/05/2013 - 03:31:03 ---A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\BackgroundTransferApi\63786126-e98d-45a2-ab6a-0f3d92702b42.59631d82-7881-4a80-9626-5775c067a9d7.down_meta   [380]
O61 - LFC: 16/05/2013 - 03:31:03 ---A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\BackgroundTransferApi\63786126-e98d-45a2-ab6a-0f3d92702b42.down_data   [0]
O61 - LFC: 16/05/2013 - 03:31:08 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\i.cdn.turner.com\##17F71A74A3880FA4\00000001.sol   [187]
O61 - LFC: 16/05/2013 - 03:31:09 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_0   [45056]
O61 - LFC: 16/05/2013 - 03:31:09 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_1   [794624]
O61 - LFC: 16/05/2013 - 03:31:10 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data   [104448]   =>PUP.BProtector
O61 - LFC: 16/05/2013 - 11:23:33 --HA- C:\Users\anaisa\AppData\Local\Temp\etilqs_QsLRg8m7Scud3u9   [2052]
O61 - LFC: 16/05/2013 - 11:23:34 --HA- C:\Users\anaisa\AppData\Local\Temp\etilqs_4d3SmLB0gf9pdFo   [16400]
O61 - LFC: 16/05/2013 - 12:01:50 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.webgirondins.com_0.localstorage   [3072]
O61 - LFC: 16/05/2013 - 12:01:50 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.webgirondins.com_0.localstorage-journal   [512]
O61 - LFC: 16/05/2013 - 12:01:56 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_disqus.com_0.localstorage   [5120]
O61 - LFC: 16/05/2013 - 12:01:56 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_disqus.com_0.localstorage-journal   [5672]
O61 - LFC: 16/05/2013 - 12:06:34 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.dailymotion.com_0.localstorage   [3072]
O61 - LFC: 16/05/2013 - 12:06:34 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.dailymotion.com_0.localstorage-journal   [3608]
O61 - LFC: 16/05/2013 - 12:08:03 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\static1.dmcdn.net\com.dm.player.sol   [257]
O61 - LFC: 16/05/2013 - 12:09:32 --HA- C:\Users\anaisa\AppData\Local\Temp\etilqs_NHCmZVfapphNU8X   [2052]
O61 - LFC: 16/05/2013 - 12:37:16 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\tag.audiencetv.hiro.tv\US_FARM_AudienceTV.hiro.t#\v_STREMING_CLIENT_ID_COOKIE.sol   [182]
O61 - LFC: 16/05/2013 - 12:37:17 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\tag.audiencetv.hiro.tv\hiro_companion_cookie.sol   [106]
O61 - LFC: 16/05/2013 - 12:38:27 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\con#\tent.yieldmanager.edgesuite.net\avazu.sol   [46]
O61 - LFC: 16/05/2013 - 12:56:59 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_next.liberation.fr_0.localstorage   [3072]
O61 - LFC: 16/05/2013 - 12:56:59 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_next.liberation.fr_0.localstorage-journal   [3608]
O61 - LFC: 16/05/2013 - 12:59:46 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000651   [1048576]
O61 - LFC: 16/05/2013 - 12:59:49 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000652   [1048576]
O61 - LFC: 16/05/2013 - 12:59:57 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000653   [1048576]
O61 - LFC: 16/05/2013 - 13:00:06 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000654   [1048576]
O61 - LFC: 16/05/2013 - 13:00:18 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000655   [1048576]
O61 - LFC: 16/05/2013 - 13:00:29 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000656   [1048576]
O61 - LFC: 16/05/2013 - 13:00:41 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000657   [1048576]
O61 - LFC: 16/05/2013 - 13:00:52 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000658   [1048576]
O61 - LFC: 16/05/2013 - 13:01:03 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000659   [1048576]
O61 - LFC: 16/05/2013 - 13:01:14 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00065a   [1048576]
O61 - LFC: 16/05/2013 - 13:01:25 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00065b   [1048576]
O61 - LFC: 16/05/2013 - 13:01:37 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00065c   [1048576]
O61 - LFC: 16/05/2013 - 13:01:49 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00065d   [1048576]
O61 - LFC: 16/05/2013 - 13:01:51 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00065e   [143105]
O61 - LFC: 16/05/2013 - 13:02:45 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-03   [26927104]
O61 - LFC: 16/05/2013 - 13:59:14 -S-A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\AC9005F5466BD463DF06D711B370595F   [1176]
O61 - LFC: 16/05/2013 - 13:59:14 -S-A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\AC9005F5466BD463DF06D711B370595F   [316]
O61 - LFC: 16/05/2013 - 13:59:24 -S-A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\803D392C3051B3E3A74EB48BC5861291   [1176]
O61 - LFC: 16/05/2013 - 13:59:24 -S-A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\803D392C3051B3E3A74EB48BC5861291   [312]
O61 - LFC: 16/05/2013 - 15:04:12 --HA- C:\Users\anaisa\AppData\Local\Temp\etilqs_9hRkdbXeoJ4e9bh   [69700]
O61 - LFC: 16/05/2013 - 15:04:45 ---A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\1999f31ce769fca9\120712-0049\Mail\66\1d000067\20001420_62e297a9bf8f9a.eml   [108274]
O61 - LFC: 16/05/2013 - 15:16:33 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ams1.ib.adnxs.com_0.localstorage   [3072]
O61 - LFC: 16/05/2013 - 15:16:33 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ams1.ib.adnxs.com_0.localstorage-journal   [3608]
O61 - LFC: 16/05/2013 - 15:22:41 ---A- C:\Users\anaisa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2013-05-16 (12-32-28).txt   [2144]
O61 - LFC: 16/05/2013 - 15:23:33 ---A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\1999f31ce769fca9\120712-0049\Mail\66\1d000067\20001421_b491fc0dac6ab9.eml   [10276]
O61 - LFC: 16/05/2013 - 15:27:54 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00065f   [1048576]
O61 - LFC: 16/05/2013 - 15:27:56 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000660   [1048576]
O61 - LFC: 16/05/2013 - 15:28:13 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000661   [641400]
O61 - LFC: 16/05/2013 - 15:28:13 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000662   [131801]
O61 - LFC: 16/05/2013 - 15:28:15 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000663   [1048576]
O61 - LFC: 16/05/2013 - 15:28:15 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000664   [1048576]
O61 - LFC: 16/05/2013 - 15:28:18 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000665   [1048576]
O61 - LFC: 16/05/2013 - 15:28:19 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000666   [1048576]
O61 - LFC: 16/05/2013 - 15:28:20 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000667   [1048576]
O61 - LFC: 16/05/2013 - 15:28:22 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000668   [385517]
O61 - LFC: 16/05/2013 - 16:06:41 --HA- C:\Users\anaisa\AppData\Local\Temp\etilqs_VM4TG6BBpqkPk6s   [2056]
O61 - LFC: 16/05/2013 - 18:30:03 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.chaussures-desmazieres.fr_0.localstorage   [3072]
O61 - LFC: 16/05/2013 - 18:30:03 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.chaussures-desmazieres.fr_0.localstorage-journal   [3608]
O61 - LFC: 16/05/2013 - 18:49:34 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\images.allocine.fr\AcV_Config.sol   [91]
O61 - LFC: 16/05/2013 - 19:24:34 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.rue89.com_0.localstorage   [3072]
O61 - LFC: 16/05/2013 - 19:24:34 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.rue89.com_0.localstorage-journal   [3608]
O61 - LFC: 16/05/2013 - 19:30:22 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_js.adserverpub.com_0.localstorage   [3072]
O61 - LFC: 16/05/2013 - 19:30:22 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_js.adserverpub.com_0.localstorage-journal   [3608]
O61 - LFC: 16/05/2013 - 19:31:46 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lr.iadvize.com_0.localstorage   [3072]
O61 - LFC: 16/05/2013 - 19:31:46 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lr.iadvize.com_0.localstorage-journal   [3608]
O61 - LFC: 16/05/2013 - 19:34:30 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\QuotaManager   [13312]
O61 - LFC: 16/05/2013 - 19:34:30 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal   [6704]
O61 - LFC: 16/05/2013 - 19:35:40 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000669   [1048576]
O61 - LFC: 16/05/2013 - 19:35:59 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00066a   [1048576]
O61 - LFC: 16/05/2013 - 19:36:13 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00066b   [1048576]
O61 - LFC: 16/05/2013 - 19:36:30 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00066c   [1048576]
O61 - LFC: 16/05/2013 - 19:36:46 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00066d   [1048576]
O61 - LFC: 16/05/2013 - 19:37:02 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00066e   [1048576]
O61 - LFC: 16/05/2013 - 19:37:20 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00066f   [1048576]
O61 - LFC: 16/05/2013 - 19:37:33 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000670   [1048576]
O61 - LFC: 16/05/2013 - 19:37:46 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000671   [1048576]
O61 - LFC: 16/05/2013 - 19:38:05 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000672   [1048576]
O61 - LFC: 16/05/2013 - 19:38:20 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000673   [1048576]
O61 - LFC: 16/05/2013 - 19:38:30 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000674   [1048576]
O61 - LFC: 16/05/2013 - 19:38:51 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000675   [1048576]
O61 - LFC: 16/05/2013 - 19:39:07 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000676   [821449]
O61 - LFC: 16/05/2013 - 19:52:27 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\www.player.previewnetworks.com\analytics.sol   [467]
O61 - LFC: 16/05/2013 - 20:29:51 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_paiement-public.rueducommerce.fr_0.localstorage   [6144]
O61 - LFC: 16/05/2013 - 20:29:51 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_paiement-public.rueducommerce.fr_0.localstorage-journal   [6704]
O61 - LFC: 16/05/2013 - 20:42:28 ---A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\1999f31ce769fca9\120712-0049\Mail\66\1d000067\20001485_2b41c8a72a1f1.eml   [28617]
O61 - LFC: 16/05/2013 - 21:27:50 ---A- C:\Users\anaisa\Downloads\jared-nomak-luke-goss-13217061-626-563.jpg   [13964]
O61 - LFC: 16/05/2013 - 21:28:10 ---A- C:\Users\anaisa\Downloads\jared-nomak-luke-goss-13217091-1024-576.jpg   [19987]
O61 - LFC: 16/05/2013 - 21:28:12 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.meebo.com_0.localstorage   [3072]
O61 - LFC: 16/05/2013 - 21:28:12 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.meebo.com_0.localstorage-journal   [3608]
O61 - LFC: 16/05/2013 - 21:31:07 ---A- C:\Users\anaisa\Downloads\wallpaper_hellboy_II_003-1920x1080.jpeg   [206931]
O61 - LFC: 16/05/2013 - 22:00:07 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.rueducommerce.fr_0.localstorage   [7168]
O61 - LFC: 16/05/2013 - 22:00:07 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.rueducommerce.fr_0.localstorage-journal   [7736]
O61 - LFC: 16/05/2013 - 22:00:14 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_halc.iadvize.com_0.localstorage   [3072]
O61 - LFC: 16/05/2013 - 22:00:14 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_halc.iadvize.com_0.localstorage-journal   [3608]
O61 - LFC: 16/05/2013 - 22:11:49 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.allocine.fr_0.localstorage   [3072]
O61 - LFC: 16/05/2013 - 22:11:49 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.allocine.fr_0.localstorage-journal   [3608]
O61 - LFC: 16/05/2013 - 22:15:18 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\fr-advideum.cdn.videoplaza.tv\com.videoplaza.adplayer.sol   [1087]
O61 - LFC: 16/05/2013 - 22:26:29 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_secure-uk.imrworldwide.com_0.localstorage   [3072]
O61 - LFC: 16/05/2013 - 22:26:29 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_secure-uk.imrworldwide.com_0.localstorage-journal   [3608]
O61 - LFC: 16/05/2013 - 22:26:43 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.guardian.co.uk_0.localstorage   [3072]
O61 - LFC: 16/05/2013 - 22:26:43 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.guardian.co.uk_0.localstorage-journal   [3608]
O61 - LFC: 16/05/2013 - 23:23:09 ---A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\1999f31ce769fca9\120712-0049\Mail\66\1d000067\20001486_914d004baadff.eml   [37673]
O61 - LFC: 16/05/2013 - 23:23:43 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lemonde.fr_0.localstorage   [3072]
O61 - LFC: 16/05/2013 - 23:23:43 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lemonde.fr_0.localstorage-journal   [3608]
O61 - LFC: 16/05/2013 - 23:35:41 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\fr-advideum.cdn.videoplaza.tv\com.videoplaza.bootloader.sol   [121]
O61 - LFC: 16/05/2013 - 23:48:53 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_tempsreel.nouvelobs.com_0.localstorage   [3072]
O61 - LFC: 16/05/2013 - 23:48:53 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_tempsreel.nouvelobs.com_0.localstorage-journal   [3608]
O61 - LFC: 17/05/2013 - 01:07:37 ---A- C:\Users\anaisa\AppData\Roaming\OpenOffice.org\3\user\registrymodifications.xcu   [24658]
O61 - LFC: 17/05/2013 - 01:07:38 ---A- C:\Users\anaisa\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\log.txt   [1573]
O61 - LFC: 17/05/2013 - 01:08:58 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.google.fr_0.localstorage   [3072]
O61 - LFC: 17/05/2013 - 01:08:58 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.google.fr_0.localstorage-journal   [3608]
O61 - LFC: 17/05/2013 - 01:24:57 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-04   [55443456]
O61 - LFC: 17/05/2013 - 02:13:25 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_rapidmoviez.com_0.localstorage   [3072]
O61 - LFC: 17/05/2013 - 02:13:25 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_rapidmoviez.com_0.localstorage-journal   [3608]
O61 - LFC: 17/05/2013 - 03:20:13 ---A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\1999f31ce769fca9\120712-0049\Mail\66\1d000067\20001487_a2127bc67ef2d6.eml   [140688]
O61 - LFC: 17/05/2013 - 03:54:45 ---A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveCommLast.etl   [655360]
O61 - LFC: 17/05/2013 - 03:54:45 --HA- C:\Users\anaisa\AppData\Local\IconCache.db   [270690]
O61 - LFC: 17/05/2013 - 13:02:50 -SHA- C:\Users\anaisa\AppData\Roaming\Microsoft\Protect\S-1-5-21-1106754654-3922961964-2480603745-1001\0b774671-4e3e-4ef4-b90b-207a2790761a   [468]
O61 - LFC: 17/05/2013 - 13:03:35 ----- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm.etl   [0]
O61 - LFC: 17/05/2013 - 13:03:40 ---A- C:\Users\anaisa\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll   [13600]   =>PUP.Yontoo
O61 - LFC: 17/05/2013 - 13:03:41 ---A- C:\Users\anaisa\AppData\Roaming\Yontoo\PlugIns.cache   [23]   =>PUP.Yontoo
O61 - LFC: 17/05/2013 - 13:03:52 ---A- C:\Users\anaisa\AppData\Local\Temp\Smartbar\dc3sshzc.yop   [631]   =>Hijacker.SmartBar
O61 - LFC: 17/05/2013 - 13:03:58 ---A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\1999f31ce769fca9\120712-0049\DBStore\edb.chk   [8192]
O61 - LFC: 17/05/2013 - 13:04:55 ---A- C:\Users\anaisa\AppData\Local\ATI\ACE\Manifest.xml   [22069]
O61 - LFC: 17/05/2013 - 13:04:56 ---A- C:\Users\anaisa\AppData\Local\ATI\ACE\Manifest.Bin   [28015]
O61 - LFC: 17/05/2013 - 13:06:30 ---A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\INetCookies\JT30KMAM.txt   [914]
O61 - LFC: 17/05/2013 - 13:10:06 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists   [267711]
O61 - LFC: 17/05/2013 - 13:10:06 ---A- C:\Users\anaisa\AppData\Local\Temp\CRX_75DAF8CB7768\crl-set   [1293]
O61 - LFC: 17/05/2013 - 13:10:06 ---A- C:\Users\anaisa\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.json   [34]
O61 - LFC: 17/05/2013 - 13:53:06 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Shortcuts   [28672]
O61 - LFC: 17/05/2013 - 13:53:07 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal   [12824]
O61 - LFC: 17/05/2013 - 13:54:46 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\s.ytimg.com\soundData.sol   [49]
O61 - LFC: 17/05/2013 - 13:54:56 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs   [22528]
O61 - LFC: 17/05/2013 - 13:54:56 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs-journal   [6704]
O61 - LFC: 17/05/2013 - 14:08:52 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\s.ytimg.com\videostats.sol   [275]
O61 - LFC: 17/05/2013 - 14:09:37 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.youtube.com_0.localstorage   [3072]
O61 - LFC: 17/05/2013 - 14:09:37 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.youtube.com_0.localstorage-journal   [3608]
O61 - LFC: 17/05/2013 - 14:11:03 -S-A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\7D1F03728133589A90656A87E482B21F   [25267]
O61 - LFC: 17/05/2013 - 14:11:03 -S-A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\7D1F03728133589A90656A87E482B21F   [256]
O61 - LFC: 17/05/2013 - 14:12:52 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ox-social.bidsystem.com_0.localstorage   [3072]
O61 - LFC: 17/05/2013 - 14:12:53 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ox-social.bidsystem.com_0.localstorage-journal   [3608]
O61 - LFC: 17/05/2013 - 14:53:04 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000699.sst   [4049]
O61 - LFC: 17/05/2013 - 15:14:19 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ib.adnxs.com_0.localstorage   [3072]
O61 - LFC: 17/05/2013 - 15:14:19 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ib.adnxs.com_0.localstorage-journal   [3608]
O61 - LFC: 17/05/2013 - 15:15:14 -S-A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506   [328]
O61 - LFC: 17/05/2013 - 15:40:41 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage   [3072]
O61 - LFC: 17/05/2013 - 15:40:41 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal   [3608]
O61 - LFC: 17/05/2013 - 16:04:28 ---A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\1999f31ce769fca9\120712-0049\Mail\66\1d000067\200014ea_c5cd18dfe3b5e6.eml   [8985]
O61 - LFC: 17/05/2013 - 16:13:15 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dub117.mail.live.com_0.localstorage   [3072]
O61 - LFC: 17/05/2013 - 16:13:15 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dub117.mail.live.com_0.localstorage-journal   [3608]
O61 - LFC: 17/05/2013 - 16:20:44 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\www.dailymotion.com\com.dm.player.sol   [257]
O61 - LFC: 17/05/2013 - 16:34:12 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Top Sites   [647168]
O61 - LFC: 17/05/2013 - 16:34:12 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal   [16384]
O61 - LFC: 17/05/2013 - 16:36:30 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.yieldmanager.com_0.localstorage   [7168]
O61 - LFC: 17/05/2013 - 16:36:30 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.yieldmanager.com_0.localstorage-journal   [7736]
O61 - LFC: 17/05/2013 - 16:37:27 ---A- C:\Users\anaisa\Downloads\atle.2001.480pb.x264-m.u126651.Rapidmoviez.com.part4.rar   [13551414]
O61 - LFC: 17/05/2013 - 16:40:18 ---A- C:\Users\anaisa\Downloads\atle.2001.480pb.x264-m.u126651.Rapidmoviez.com.part3.rar   [208666857]
O61 - LFC: 17/05/2013 - 16:41:26 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\cdn.oggifinogi.com\Communicator.Validation.sol   [65]
O61 - LFC: 17/05/2013 - 16:41:26 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\macromedia.com\support\flashplayer\sys\settings.sol   [705]
O61 - LFC: 17/05/2013 - 16:42:31 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YFFVRZS6\cdn1.telemetryverification.net\mb.sol   [159]
O61 - LFC: 17/05/2013 - 16:47:28 ---A- C:\Users\anaisa\Downloads\atle.2001.480pb.x264-m.u126651.Rapidmoviez.com.part2.rar   [208666857]
O61 - LFC: 17/05/2013 - 16:51:48 ---A- C:\Users\anaisa\Downloads\atle.2001.480pb.x264-m.u126651.Rapidmoviez.com.part1.rar   [208666857]
O61 - LFC: 17/05/2013 - 17:12:00 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Web Data.temp   [104448]
O61 - LFC: 17/05/2013 - 17:12:42 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.hema.fr_0.localstorage   [4096]
O61 - LFC: 17/05/2013 - 17:12:42 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.hema.fr_0.localstorage-journal   [3608]
O61 - LFC: 17/05/2013 - 17:19:07 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_telechargement.zebulon.fr_0.localstorage   [3072]
O61 - LFC: 17/05/2013 - 17:19:07 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_telechargement.zebulon.fr_0.localstorage-journal   [3608]
O61 - LFC: 17/05/2013 - 17:29:24 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_secure.shared.live.com_0.localstorage   [17408]
O61 - LFC: 17/05/2013 - 17:29:24 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_secure.shared.live.com_0.localstorage-journal   [16384]
O61 - LFC: 17/05/2013 - 17:29:33 ---A- C:\Users\anaisa\AppData\Local\Temp\Smartbar\cai5ip1t.hbr   [772]   =>Hijacker.SmartBar
O61 - LFC: 17/05/2013 - 17:30:34 -S-A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157   [340]
O61 - LFC: 17/05/2013 - 17:31:04 -S-A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\AFA2A5744430E65F42D3175FABFBE3E8   [23089]
O61 - LFC: 17/05/2013 - 17:31:04 -S-A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\4309200C3DBAD0F6F0DFACE9165FD092   [264]
O61 - LFC: 17/05/2013 - 17:31:04 -S-A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\AFA2A5744430E65F42D3175FABFBE3E8   [222]
O61 - LFC: 17/05/2013 - 17:31:04 -S-A- C:\Users\anaisa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\E2EF7F0FB7284B9ACFD4F65D02218479   [264]
O61 - LFC: 17/05/2013 - 17:34:29 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor   [60416]
O61 - LFC: 17/05/2013 - 17:34:29 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal   [16384]
O61 - LFC: 17/05/2013 - 17:34:30 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000701.sst   [3385461]
O61 - LFC: 17/05/2013 - 17:39:10 ---A- C:\Users\anaisa\Downloads\speedupmypc.exe   [6267976]   =>Rogue SpeedUpMyPC
O61 - LFC: 17/05/2013 - 17:40:59 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Last Tabs   [143751]
O61 - LFC: 17/05/2013 - 17:41:07 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old   [148]
O61 - LFC: 17/05/2013 - 17:41:12 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000704.sst   [1279598]
O61 - LFC: 17/05/2013 - 18:11:53 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Current Tabs   [144409]
O61 - LFC: 17/05/2013 - 18:11:53 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old   [148]
O61 - LFC: 17/05/2013 - 18:11:54 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Last Session   [34024]
O61 - LFC: 17/05/2013 - 18:11:54 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old   [273]
O61 - LFC: 17/05/2013 - 18:11:54 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Visited Links   [262160]
O61 - LFC: 17/05/2013 - 18:11:58 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT   [16]
O61 - LFC: 17/05/2013 - 18:11:58 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG   [148]
O61 - LFC: 17/05/2013 - 18:11:58 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000195   [428]
O61 - LFC: 17/05/2013 - 18:11:59 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Web Data   [104448]
O61 - LFC: 17/05/2013 - 18:11:59 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal   [6680]
O61 - LFC: 17/05/2013 - 18:12:00 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache   [647943]
O61 - LFC: 17/05/2013 - 18:12:04 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000707.sst   [1041193]
O61 - LFC: 17/05/2013 - 18:12:04 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT   [16]
O61 - LFC: 17/05/2013 - 18:12:04 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG   [273]
O61 - LFC: 17/05/2013 - 18:12:04 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000706   [690]
O61 - LFC: 17/05/2013 - 18:12:05 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Extension State\CURRENT   [16]
O61 - LFC: 17/05/2013 - 18:12:05 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG   [148]
O61 - LFC: 17/05/2013 - 18:12:05 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000262   [613]
O61 - LFC: 17/05/2013 - 18:12:08 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Managed Mode Settings   [8]
O61 - LFC: 17/05/2013 - 18:14:07 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Favicons   [3491840]
O61 - LFC: 17/05/2013 - 18:14:07 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal   [16384]
O61 - LFC: 17/05/2013 - 18:14:38 ---A- C:\Users\anaisa\Downloads\ZHPDiag2.exe   [5657490]
O61 - LFC: 17/05/2013 - 18:15:02 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Safe Browsing Download   [741668]
O61 - LFC: 17/05/2013 - 18:15:05 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom   [8169240]
O61 - LFC: 17/05/2013 - 18:15:05 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set   [1520732]
O61 - LFC: 17/05/2013 - 18:15:05 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist   [134920]
O61 - LFC: 17/05/2013 - 18:15:05 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist   [19956]
O61 - LFC: 17/05/2013 - 18:15:05 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist   [5012]
O61 - LFC: 17/05/2013 - 18:16:30 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies   [6144]
O61 - LFC: 17/05/2013 - 18:16:30 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal   [4640]
O61 - LFC: 17/05/2013 - 18:16:41 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity   [3312]
O61 - LFC: 17/05/2013 - 18:16:41 ---A- C:\Users\anaisa\Downloads\ZHPDiag2 (1).exe   [5657490]
O61 - LFC: 17/05/2013 - 18:26:46 ---A- C:\Users\anaisa\AppData\Local\ATI\ACE\Profiles.xml   [10364]
O61 - LFC: 17/05/2013 - 18:28:01 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Preferences   [104987]
O61 - LFC: 17/05/2013 - 18:28:13 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\History   [5840896]
O61 - LFC: 17/05/2013 - 18:28:13 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-05   [44904448]
O61 - LFC: 17/05/2013 - 18:28:13 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-05-journal   [16384]
O61 - LFC: 17/05/2013 - 18:28:13 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\History-journal   [16384]
O61 - LFC: 17/05/2013 - 18:28:13 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Local State   [32456]
O61 - LFC: 17/05/2013 - 18:28:19 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Cookies   [1924096]
O61 - LFC: 17/05/2013 - 18:28:19 ---A- C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal   [16384]
~ 15 Fichiers temporaires (Temporary files)
~ Files: 384 Scanned in 02mn 07s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS:  Scanned in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ FASS Keys: 19 Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} [DefaultScope] - (Web Search) - http://feed.snap.do   =>Hijacker.SmartBar
~ Keys:  Scanned in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [190976]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [149504]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [149504]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [309248]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [1366016]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [1071104]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [99840]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll   [358400]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [107520]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [62976]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [438784]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [305664]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [3240448]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [826368]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [565760]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [894464]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [69632]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [151552]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [105472]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [1282560]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [219648]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [80896]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [209920]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [291328]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [190976]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll   [1964544]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [47104]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll   [207872]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll   [161792]
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll   [180224]
~ Services: 34 Scanned in 00mn 01s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.28F1421093B2674A4DBECE23C1ACAD63] [SPRF][20/04/2013] (...) -- C:\Users\anaisa\AppData\Local\Temp\1366489044itinstallerp.exe   [2171592]
[MD5.8BA0EDFBE187B52474EF758298F9AA7A] [SPRF][20/04/2013] (...) -- C:\Users\anaisa\AppData\Local\Temp\25829-656346-openoffice.exe   [125646514]
[MD5.CE755676AE6D27A1EFEEFB0F3C70A929] [SPRF][27/04/2013] (.Ask.com - AskStub Application.) -- C:\Users\anaisa\AppData\Local\Temp\APNStub.exe   [358600]
[MD5.F6278B5A16F830885B184D5F72E1B935] [SPRF][01/05/2013] (.Terra Informatica Software, Inc., British C - HTMLayout - embeddable HTML rendering and layout component.) -- C:\Users\anaisa\AppData\Local\Temp\htmlayout.dll   [947200]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][20/04/2013] (...) -- C:\Users\anaisa\AppData\Local\Temp\installerp.exe   [0]
[MD5.AF3DF60D7F89973852E74A15E792A5FA] [SPRF][19/04/2013] (...) -- C:\Users\anaisa\AppData\Local\Temp\instloffer.exe   [365856]
[MD5.6C137D2BEF3CDD43F3AE2FD6705B9FED] [SPRF][05/04/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\anaisa\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe   [904104]
[MD5.44632F415D4A299D839945F59FEA2C22] [SPRF][04/04/2013] (.Pas de propriétaire - Linkury.Installer.MsiWrapper.) -- C:\Users\anaisa\AppData\Local\Temp\SmartbarExeInstaller.exe   [8364312]   =>Hijacker.SmartBar
[MD5.067BECAFD5F884CEB2E86F766F965B5D] [SPRF][20/04/2013] (.Web Deals Interactive LLC - Installer.) -- C:\Users\anaisa\AppData\Local\Temp\toolbar41568244.exe   [1418136]
[MD5.E8EFB9EF24C1E0CED84CFA3C2AE9DC2F] [SPRF][20/04/2013] (...) -- C:\Users\anaisa\AppData\Local\Temp\toolbar41569758.exe   [782832]
[MD5.35F783E83866CDFD580A06A59C375A61] [SPRF][20/04/2013] (.QuickShare - QuickShare.) -- C:\Users\anaisa\AppData\Local\Temp\toolbar41593189.exe   [7704368]   =>PUP.QuickShare
[MD5.3C6C79F8A875D11D920EAF0F63EDC1A5] [SPRF][17/04/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\anaisa\AppData\Local\Temp\uninst1.exe   [394312]   =>Toolbar.Babylon
[MD5.171907A37AF63601DAB1FC104D625B95] [SPRF][20/04/2013] (.http://www.goforfiles.com/ - GoforFiles.) -- C:\Users\anaisa\AppData\Local\Temp\uninstall12108579.exe   [6418568]   =>P2P.GoforFiles
[MD5.171907A37AF63601DAB1FC104D625B95] [SPRF][20/04/2013] (.http://www.goforfiles.com/ - GoforFiles.) -- C:\Users\anaisa\AppData\Local\Temp\uninstall576938.exe   [6418568]   =>P2P.GoforFiles
[MD5.43C35081CE0AC367267C5916AB25A817] [SPRF][08/05/2013] (...) -- C:\Users\anaisa\AppData\Local\Temp\vlc-2.0.6-win32.exe   [22948790]
~ Files:  Scanned in 00mn 04s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "vm-monitoring-rpc" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "vm-monitoring-dcom" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe
O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Netlogon-TCP-RPC-In" | In - None - P6 - FALSE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "ProximityUxHost-Sharing-In-TCP-NoScope" | In - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe
O87 - FAEL: "ProximityUxHost-Sharing-Out-TCP-NoScope" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-DAS-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-DAS-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-In-UDP-NoScope" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-UDP-LocalSubnetScope" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-NoScope" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-LocalSubnetScope" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-NoScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-LocalSubnetScope" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-SSDP-Discovery-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-In-TCP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-Out-TCP-PlayToScope" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TPMVSCMGR-Server-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-Server-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TPMVSCMGR-Server-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-Server-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" |In - None - P6 - TRUE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-TCP" |In - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-TERMSRV-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-Prov-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcx2prov.exe (.not file.)
O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-McrMgr-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcrmgr.exe (.not file.)
O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "{87D418BC-E5BA-4F76-9021-25F011D0A4E6}" | In - Public - P6 - TRUE | .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
O87 - FAEL: "{7B41355B-B076-4CEE-9124-4BB074052047}" | In - Public - P17 - TRUE | .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
O87 - FAEL: "{050F8E4D-9C36-452B-B7A9-AE5B02AACA4D}" | In - Public - P6 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\Program Files (x86)\Spotify\spotify.exe
O87 - FAEL: "{DF418448-4EF8-4B7D-AF91-157A9B469499}" | In - Public - P17 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\Program Files (x86)\Spotify\spotify.exe
O87 - FAEL: "{68658E12-05A7-4E1C-A2B6-57EEC85843A1}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
O87 - FAEL: "{AC9A00B5-570A-4B9A-A119-320FA19C3AFF}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
O87 - FAEL: "{38049437-B6F1-4EEA-ADE6-1DA95D9023E7}" | In - None - P6 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
O87 - FAEL: "{989881D3-AFC7-4726-AEBD-6C022B44A556}" | In - None - P17 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
O87 - FAEL: "{C88055C5-0C62-450A-81AB-C99EF942CDCE}" | In - None - P6 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
O87 - FAEL: "{B6939A5F-D356-4B96-B45A-E7266962817B}" | In - None - P17 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
O87 - FAEL: "{092D677A-DE60-4599-9425-846AE06AF7D6}" | In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
O87 - FAEL: "{0D39CFF9-EFEF-49C0-A17F-C14B6966B89C}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe (.not file.)
O87 - FAEL: "{3521CFCE-D018-481A-A3C2-315ACDB2157F}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe (.not file.)
O87 - FAEL: "{C6A32BD8-8661-4112-9A13-4559287868D9}" | In - None - P6 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
O87 - FAEL: "{45AFEA3D-093C-4F76-884C-7A11E7E8005B}" | In - None - P17 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
O87 - FAEL: "{73E9F686-5BBE-4977-976E-53B7A0A1F274}" | In - None - P6 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
O87 - FAEL: "{30913AE5-4A67-443D-8074-B926F184743B}" | In - None - P17 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
O87 - FAEL: "{07F4564F-FC5E-45D9-B2FD-0FA37636BE11}" | In - None - P6 - TRUE | .(.Acer Cloud Technology - AcerCloud Client.) -- C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
O87 - FAEL: "{2F8C17C5-6DC3-4F9A-9FE1-1DE52230DDDA}" | In - None - P17 - TRUE | .(.Acer Cloud Technology - AcerCloud Client.) -- C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
O87 - FAEL: "{F5DBCB3A-41D0-43CF-ACD7-D6D770720357}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{F531CBEE-5A4A-43A0-92B7-26DCF81B30FB}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{1778C2FC-B3CB-41AF-80CD-CC442DD03C56}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "{CE00DC99-8D6F-4B3D-A796-D8F6F11D68FF}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{EB516BED-D042-44C8-806F-EAFACE81F649}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{9A25F0E7-6C02-4438-921D-C3B3DDD7D984}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{2DDD0A27-2DCC-43D8-9D13-17557374D21E}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{C4BDF3A1-1801-4A92-A6C3-C27743A8D8CD}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{AB900CF7-B5E6-4194-85F6-6F1BFF2E6F29}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{3AF9C296-4982-4EF6-840A-076F413D2E34}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{919FD775-D07D-4FB1-B60F-53F31E56EA97}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{427A84C8-CB47-4030-B13D-AA60E6BFFDD9}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{14950F62-5CA1-47FA-82EF-D78A1FBA68DD}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{AC025CAE-2E73-4C76-AC65-29CF0F50F381}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{2CA0BF04-9D75-49B3-AEE5-BDB8FE223487}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{5B71523D-AC79-4FF6-ADCB-87143CD9172B}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{96628E4B-6F60-4203-A623-86375CE2CE8F}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{CE7E8E98-0BAE-43BB-9B7C-0DAABBDE63E3}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{D22A9AC7-503D-4629-BBBA-F7481C5D7CA6}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{41EB9BE9-C072-48D2-9661-A74E5B7A5C74}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{AA30D4C3-4A8B-4580-8D72-8132FE37C82C}" | In - Private - P6 - TRUE | .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
O87 - FAEL: "{51294383-BE45-4E71-9B4B-840203990B35}" | In - Private - P17 - TRUE | .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
O87 - FAEL: "{088EB6E0-A510-4DD6-8F23-97DE434C3D22}" | In - Private - P6 - TRUE | .(.http://goforfiles.com/ - goforfilesdl Application.) -- C:\Program Files (x86)\GoforFiles\goforfilesdl.exe   =>P2P.GoforFiles
O87 - FAEL: "{CAEA86E1-DBBE-4891-99D7-673AB444C295}" | In - Private - P17 - TRUE | .(.http://goforfiles.com/ - goforfilesdl Application.) -- C:\Program Files (x86)\GoforFiles\goforfilesdl.exe   =>P2P.GoforFiles
O87 - FAEL: "{DE093D4D-BF03-41FD-BC9D-5F2BF54CA0D8}" | In - Private - P6 - TRUE | .(.http://goforfiles.com/ - GoforFiles Application.) -- C:\Program Files (x86)\GoforFiles\GoforFiles.exe   =>P2P.GoforFiles
O87 - FAEL: "{159C6BC4-BD91-42B0-89FC-80D502EE62D9}" | In - Private - P17 - TRUE | .(.http://goforfiles.com/ - GoforFiles Application.) -- C:\Program Files (x86)\GoforFiles\GoforFiles.exe   =>P2P.GoforFiles
~ Firewall: 249 Scanned in 00mn 13s



---\\ Scan Additionnel (O88)
Database Version : v2.12152 - (16/05/2013)
Clés trouvées (Keys found) : 97
Valeurs trouvées (Values found) : 2
Dossiers trouvés  (Folders found) : 10
Fichiers trouvés  (Files found) : 3

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}]   =>Hijacker.SmartBar
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}]   =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}]   =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}]   =>Adware.Yontoo
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]   =>Adware.AskSBAR
[HKLM\Software\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}]   =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}]   =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}]   =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}]   =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}]   =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}]   =>Toolbar.Ask
[HKLM\Software\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}]   =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}]   =>Hijacker.SmartBar
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}]   =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}]   =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}]   =>Toolbar.Ask
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}]   =>Adware.AskSBAR
[HKLM\Software\Wow6432Node\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}]   =>Adware.AskSBAR
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}]   =>Adware.AskSBAR
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}]   =>Adware.AskSBAR
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}]   =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}]   =>Toolbar.Ask
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}]   =>Adware.Agent
[HKLM\Software\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}]   =>Hijacker.SmartBar
[HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}]   =>Adware.Yontoo
[HKLM\Software\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]   =>Adware.AskSBAR
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]   =>Adware.Yontoo
[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL]   =>Adware.AskSBAR
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd]   =>Adware.AskSBAR
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1]   =>Adware.AskSBAR
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED]   =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF]   =>Toolbar.AVGSearch
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF]   =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF]   =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF]   =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF]   =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9]   =>Adware.MyWebSearch
[HKCU\Software\APN]   =>Toolbar.Ask
[HKLM\Software\Wow6432Node\APN]   =>Toolbar.Ask
[HKCU\Software\Ask.com]   =>Toolbar.AskBar
[HKCU\Software\AppDataLow\Software\AskToolbar]   =>Toolbar.AskTBar
[HKLM\Software\Wow6432Node\AskToolbar]   =>Toolbar.AskTBar
[HKCU\Software\BabylonToolbar]   =>Toolbar.Babylon
[HKCU\Software\DataMngr]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr]   =>Adware.Bandoo
[HKCU\Software\SmartbarBackup]   =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog]   =>Hijacker.SmartBar
[HKLM\Software\Tarma Installer]   =>Toolbar.Tarma
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}]   =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}]   =>Toolbar.AskBar
[HKLM\Software\Classes\Prod.cap]   =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings]   =>PUP.BProtector
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2]   =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\QuickShare_RASAPI32]   =>PUP.QuickShare
[HKLM\Software\Wow6432Node\Microsoft\Tracing\QuickShare_RASMANCS]   =>PUP.QuickShare
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}]   =>PUP.BProtector
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}]   =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}]   =>Toolbar.DeltaSearch
[HKLM\SYSTEM\CurrentControlSet\Services\Yontoo Desktop Updater]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo]   =>Toolbar.Ask
[HKLM\Software\Wow6432Node\SoftwareUpdater]   =>Hijacker.Eazel
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater]   =>Hijacker.Eazel
[HKLM\Software\Classes\YontooIEClient.Api]   =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Api.1]   =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Layers]   =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Layers.1]   =>Adware.Yontoo
[HKLM\Software\Classes\AppID\YontooIEClient.DLL]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api.1]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers.1]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\AppID\YontooIEClient.DLL]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440}   =>Adware.AskSBAR
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run]:Browser Infrastructure Helper   =>PUP.Software.Updater
C:\Program Files (x86)\yontoo   =>Adware.Yontoo
C:\Program Files (x86)\Ask.com   =>Toolbar.AskBar
C:\ProgramData\Babylon   =>Toolbar.Babylon
C:\ProgramData\BrowserProtect   =>Hijacker.Eazel
C:\Users\anaisa\AppData\Roaming\yontoo   =>Adware.Yontoo
C:\Users\anaisa\AppData\Roaming\Babylon   =>Toolbar.Babylon
C:\Users\anaisa\AppData\Local\Smartbar   =>Hijacker.SmartBar
C:\Users\anaisa\AppData\LocalLow\AskToolbar   =>Toolbar.AskTBar
C:\Users\anaisa\AppData\Local\Temp\Smartbar   =>Hijacker.SmartBar
C:\Users\anaisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo   =>Toolbar.Ask
C:\Users\anaisa\AppData\Local\Temp\instloffer.exe   =>PUP.OfferBox
C:\Users\anaisa\AppData\Local\Temp\uninst1.exe   =>Toolbar.Babylon
~ Additionnel Scan: 155723 Items scanned in 01mn 25s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "00004159070000000000000000F01FEC" . (.Microsoft Office.) -- C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe
O90 - PUC: "03FF80700C870B74180F8C6440CD67C9" . (.Nero Express Help (CHM).) -- C:\windows\Installer\{0708FF30-78C0-47B0-81F0-C84604DC769C}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945
O90 - PUC: "05B51F93779A6AC41B3CA67842DC0A52" . (.MyWinLocker 4.) -- C:\windows\Installer\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}\ARPPRODUCTICON.exe
O90 - PUC: "0B8EF4ACC892D5E44A683FB321D6A6A0" . (.AcerCloud Docs.) -- C:\Windows\Installer\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}\icon.ico
O90 - PUC: "0BCE87B0B6A1D6E4987DE0C77EF74072" . (.MyWinLocker.) -- C:\windows\Installer\{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}\ARPPRODUCTICON.exe
O90 - PUC: "0CD83356E108A97B137C51A9E3CE78DD" . (.AMD VISION Engine Control Center.) -- C:\Windows\Installer\{65338DC0-801E-B79A-31C7-159A3EEC87DD}\ARPPRODUCTICON.exe
O90 - PUC: "203E62EEA6789D84098513925E9B9999" . (.Live Updater.) -- C:\windows\Installer\{EE26E302-876A-48D9-9058-3129E5B99999}\icon.ico
O90 - PUC: "28A7C79F1A64DB0027707DB209F0F0C6" . (.ccc-utility64.) -- C:\Windows\Installer\{F97C7A82-46A1-00BD-7207-D72B900F0F6C}\ARPPRODUCTICON.exe
O90 - PUC: "2F98DA5B3D306024487810288900D70D" . (.clear.fi Photo.) -- C:\Windows\Installer\{B5AD89F2-03D3-4206-8487-018298007DD0}\icon.ico
O90 - PUC: "35588CBA077879B44BE3A50946A7B536" . (.Nero ControlCenter.) -- C:\windows\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ARPPRODUCTICON.exe
O90 - PUC: "38E5962CD1FC1D3448EF3BEB5C1610A2" . (.Shredder.) -- C:\windows\Installer\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}\ARPPRODUCTICON.exe
O90 - PUC: "3A80BAA3921F5DB44B90EA76F43957D9" . (.Prerequisite installer.) -- C:\windows\Installer\{3AAB08A3-F129-4BD5-B409-AE674F93759D}\ARPPRODUCTICON.exe
O90 - PUC: "4179FD719C069C349A2C23CBEA4DC4EB" . (.MyWinLocker Suite.) -- C:\windows\Installer\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}\ARPPRODUCTICON.exe
O90 - PUC: "456BC9D3DA991034986CD0217A0967C7" . (.Identity Card.) -- C:\windows\Installer\{3D9CB654-99AD-4301-89C6-0D12A790767C}\icon.ico
O90 - PUC: "613755F10CFCDB14FA7FB84CC94E447D" . (.Shredder.) -- C:\windows\Installer\{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}\ARPPRODUCTICON.exe
O90 - PUC: "647C499C0D6CABE40BE9FDB78183B196" . (.Nero ControlCenter Help (CHM).) -- C:\windows\Installer\{C994C746-C6D0-4EBA-B09E-DF7B18381B69}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D
O90 - PUC: "6FD66A043D225B447A3D381B812A0CCD" . (.Norton Online Backup.) -- C:\Windows\Installer\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}\MainIcon.ico
O90 - PUC: "7040BB568CC47CD459E2E3FEFD5006A2" . (.Nero Update.) -- C:\windows\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe
O90 - PUC: "7071FA9EA3F32E943854F4D226D98067" . (.clear.fi Media.) -- C:\Windows\Installer\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}\icon.ico
O90 - PUC: "71B0DA5AD43FEB941A758C3B5DA2DC31" . (.AcerCloud.) -- C:\Windows\Installer\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}\icon.ico
O90 - PUC: "75FA496A198926D428C4E7551A63A141" . (.eBay Worldwide.) -- c:\Windows\Installer\{A694AF57-9891-4D62-824C-7E55A1361A14}\_853F67D554F05449430E7E.exe
O90 - PUC: "8489373E92353E84D882B5DBE6B83E48" . (.MediaEspresso.) -- C:\windows\Installer\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\ARPPRODUCTICON.exe
O90 - PUC: "86C7A848CDA03914A898C2AE875EA6C0" . (.Nero Express.) -- C:\windows\Installer\{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}\ARPPRODUCTICON.exe
O90 - PUC: "8D6F18B56AFA4DBBB04743E21E594CFF" . (.Catalyst Control Center InstallProxy.) -- C:\Windows\Installer\{5B81F6D8-AFA6-BBD4-0B74-342EE195C4FF}\ARPPRODUCTICON.exe
O90 - PUC: "987A09F2E1DDEC14FBACDB8712B3BA7C" . (.OpenOffice.org 3.4.) -- C:\Windows\Installer\{2F90A789-DD1E-41CE-BFCA-BD78213BABC7}\soffice.ico
O90 - PUC: "A28B4D68DEBAA244EB686953B7074FEF" . (.Ask Toolbar.) -- C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe   =>Toolbar.Ask
O90 - PUC: "A5002F70CAC8B4A4382AAD897A22AC16" . (.Recovery Management.) -- C:\windows\Installer\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}\.\Bitmaps\eRecoveryicon.ico
O90 - PUC: "B687C26ABAA19C4B3490B5DE5B80F135" . (.Catalyst Control Center Localization All.) -- C:\Windows\Installer\{A62C786B-1AAB-B4C9-4309-5BEDB5081F53}\ARPPRODUCTICON.exe
O90 - PUC: "B9190EBEB79F85D4B9D1E9AE033017D8" . (.Catalyst Control Center - Branding.) -- C:\Windows\Installer\{EBE0919B-F97B-4D58-9B1D-9EEA3003718D}\ARPPRODUCTICON.exe
O90 - PUC: "BE46BC91EFCAD1865B178A3A93F89134" . (.AMD Catalyst Install Manager.) -- C:\Windows\Installer\{19CB64EB-ACFE-681D-B571-A8A3398F1943}\ARPPRODUCTICON.exe
O90 - PUC: "D276F30548C6A844F8F8B43CA58C4314" . (.AMD APP SDK Runtime.) -- C:\Windows\Installer\{503F672D-6C84-448A-8F8F-4BC35AC83441}\ARPPRODUCTICON.exe
O90 - PUC: "D724AD5332BB8B94A9DFFCCFEFB307D8" . (.clear.fi SDK- Movie.) -- C:\Windows\Installer\{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}\ARPPRODUCTICON.exe
O90 - PUC: "DAC33ABE170E5d841A86BF4AEE4BE239" . (.clear.fi SDK - Video.) -- C:\Windows\Installer\{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}\ARPPRODUCTICON.exe
O90 - PUC: "EF9D0FB939897464189B717BEB4A6EDF" . (.Nero 12 Essentials OEM.a01.) -- C:\windows\Installer\{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}\ARPPRODUCTICON.exe
O90 - PUC: "FA0364E07BA0E0449A87A187CFF4349B" . (.Nero Launcher.) -- C:\windows\Installer\{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}\ARPPRODUCTICON.exe
~ Update Products: 73 Scanned in 00mn 00s



---\\ Random Export Key (O91)
[HKCU\Software\94dbd1b16ded45]   =>Toolbar.Babylon^
[HKCU\Software\94dbd1b16ded45]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\94dbd1b16ded45]:version="2.6.1249.132"
[HKLM\Software\Wow6432Node\94dbd1b16ded45]   =>Toolbar.Babylon^
[HKLM\Software\Wow6432Node\94dbd1b16ded45]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKLM\Software\Wow6432Node\94dbd1b16ded45]:version="2.6.1249.132"
~ Export Key Software:  Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 28/08/2012 239616 |  (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto  2787280 |  (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe   =>Toolbar.Babylon
SR - | Auto 09/10/2012 2449552 |  (CCDMonitorService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
SS - | Demand 12/07/2012 174160 |  (EgisTec Ticket Service) . (.Egis Technology Inc..) - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
SR - | Demand 23/08/2012 658576 |  (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
SS - | Demand 12/10/2010 206072 |  (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 23/03/2013 116648 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 23/03/2013 116648 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 13/07/2012 2451456 |  (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
SR - | Auto 04/04/2013 418376 |  (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 |  (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 31/08/2012 201304 |  (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SS - | Demand 26/01/2012 332080 |  (McAWFwk) . (.McAfee, Inc..) - C:\Program Files\mcafee\msc\McAWFwk.exe
SR - | Auto 31/08/2012 201304 |  (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SR - | Auto 31/08/2012 201304 |  (mcmscsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
SR - | Auto 31/08/2012 201304 |  (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
SR - | Auto 31/08/2012 201304 |  (McNASvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
SS - | Demand 25/02/2013 384048 |  (McODS) . (.McAfee, Inc..) - C:\Program Files\mcafee\VirusScan\mcods.exe
SS - | Disabled 31/08/2012 201304 |  (McOobeSv) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
SR - | Auto 31/08/2012 201304 |  (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
SR - | Auto 19/02/2013 241456 |  (McShield) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
SR - | Auto 23/03/2013 335216 |  (MfeASUM) . (.McAfee, Inc..) - C:\Program Files\McAfee\AppStats\MfeASUM.exe
SR - | Auto 19/02/2013 218760 |  (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 19/02/2013 182752 |  (mfevtp) . (.McAfee, Inc..) - C:\windows\system32\mfevtps.exe
SR - | Auto 31/08/2012 201304 |  (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SR - | Auto 26/11/2011 687400 |  (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 15/08/2012 3943104 |  (NOBU) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
SR - | Auto  32256 |  (SrvUpdater) . (...) - C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe   =>PUP.Eorezo
SR - | Auto  0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Auto 17/04/2013 23552 |  (Yontoo Desktop Updater) . (.Microsoft.) - C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe   =>PUP.Yontoo
~ Services:  Scanned in 00mn 03s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Scanned in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by anaisa at 17/05/2013 19:45:20

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR:  Scanned in 00mn 04s



End of the scan (2044 lines in 17mn 52s)(0)