~ Rapport de ZHPDiag v2013.8.21.30 - Nicolas Coolman  (21/08/2013)
~ Lancé par DORINE (21/08/2013 19:50:27)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16660
MFIE: Mozilla Firefox 23.0.1 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8 Home Premium Edition, 64-bit  (Build 9200)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : XD4D6
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1489.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W8

---\\ Logiciels d'optimisation du système
CCleaner v4.03  =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 5989 MB (72% free)
System Restore: Activé (Enable)
System drive C: has 808 GB (91%) free of 884 GB

---\\ Mode de connexion au système
~ Computer Name: NYNOPHY
~ User Name: DORINE
~ All Users Names: HomeGroupUser$, DORINE, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Users\DORINE\AppData\Roaming\
~ %Desktop% : C:\Users\DORINE\Desktop\
~ %Favorites% : C:\Users\DORINE\Favorites\
~ %LocalAppData% : C:\Users\DORINE\AppData\Local\
~ %StartMenu% : C:\Users\DORINE\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C:\ Hard drive, Flash drive, Thumb drive (Free 808 Go of 884 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 23 Go of 25 Go)
E:\ Floppy drive, Flash card reader, USB Key (Free 8 Go of 30 Go)
F:\ CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 29 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.AC155DD9BD1E6D3B740826A4D1C68AAE] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/07/2013 - 06:13:37.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.36D6A3201721558A8AFBCC09C2DA4C2C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.06/11/2012 - 04:53:44.) -- C:\Windows\system32\Drivers\AFD.sys [560640]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 3/4718
~ Mes musiques (My Musics) : 11/69
~ Mes Favoris (My Favorites) : 1/16
~ Mes Documents (My Documents) : 1/171
~ Mon Bureau (My Desktop) : 1/7
~ Menu demarrer (Programs) : 1/24
~ Hidden Files:  Scanned in 00mn 00s



---\\ Processus lancés au démarrage du système
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe   [532040] [PID.1868]
[MD5.A1741C3B79F9DF8895E05EF43579E74B] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe   [136488] [PID.2120]
[MD5.3A5D0E1BF0D7B954FD3A8BE474FCAABA] - (.Vimicro - VM331 StiMnt.) -- C:\Program Files (x86)\USB Camera2\VM332STI.exe   [548864] [PID.3576]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe   [4858968] [PID.3200]
[MD5.224F6B374852153C8C24BED141AE3A20] - (...) -- ysWOW64\RunDll32.exe   [0] [PID.3844]
[MD5.1EEA7DD2F1EA6EFEF380B99A90228D2F] - (.Microsoft Corporation - Microsoft Office Word.) -- C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.exe   [12037688] [PID.1032]
[MD5.B4CF3FB7E9B8EA69757541DCE6CA20ED] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe   [276376] [PID.4332]
[MD5.A40D5DF89492B3B6514FCDE50D910CB0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [7854080] [PID.4708]
[MD5.3F481174F9ECC5E0D341C36C84923FED] - (...) -- C:\Program Files\lenovo\lenovo solution center\lsc.exe   [148392] [PID.3684]
~ Processes Running:  Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\DORINE\AppData\Roaming\Mozilla\Firefox\Profiles\rjfbnvs7.default\prefs.js
M0 - MFSP: prefs.js [DORINE - rjfbnvs7.default] http://google.fr
M2 - MFEP: prefs.js [DORINE - rjfbnvs7.default\94ae0976-89df-4347-9771-5371c6e203bf@3796dc63-d06d-4575-a997-9b5c935fe915.com] [] Pricora v (..)  =>Adware.Pricora
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll
~ Firefox Browser: 3 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 13 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: ExplorerBHO Class [64Bits] - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} . (.IvoSoft - Adds classic Windows Explorer features.) -- C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: ClassicIE9BHO Class [64Bits] - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} . (.IvoSoft - Customizations for the title bar and status.) -- C:\Program Files\Classic Shell\ClassicIE9dll_32.dll
~ BHO: 4 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Classic Explorer Bar [64Bits] - [HKLM]{553891B7-A0D5-4526-BE18-D3CE461D6310} . (.IvoSoft - Adds classic Windows Explorer features.) -- C:\Program Files\Classic Shell\ClassicExplorer32.dll
~ Toolbar:  Scanned in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe 
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe 
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe 
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 
O4 - HKLM\..\Run: [RtHDVBg_Dolby] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 
O4 - HKLM\..\Run: [AmIcoSinglun64] . (.Alcor Micro Corp. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe 
O4 - HKLM\..\Run: [Energy Management] . (.Lenovo (Beijing) Limited - Lenovo Energy Management Software 8.0.) -- C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe 
O4 - HKLM\..\Run: [EnergyUtility] . (.Lenovo(beijing) Limited - Lenovo Battery Management Software Ver 8.0.) -- C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe 
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe 
O4 - HKLM\..\Wow6432Node\Run: [Dolby Advanced Audio v2] . (.Dolby Laboratories Inc. - Dolby Profile Selector.) -- C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe 
O4 - HKLM\..\Wow6432Node\Run: [332BigDog] . (.Vimicro - VM331 StiMnt.) -- C:\Program Files (x86)\USB Camera2\VM332STI.exe 
O4 - HKLM\..\Wow6432Node\Run: [YouCam Mirage] . (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe 
O4 - HKLM\..\Wow6432Node\Run: [YouCam Tray] . (.CyberLink Corp. - CyberLink YouCam Tray.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe 
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe 
O4 - HKLM\..\Wow6432Node\Run: [Intel AppUp(SM) center] . (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe 
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe 
O4 - HKLM\..\Wow6432Node\Run: [startertv_fr_5] Clé orpheline  =>Adware.StarterTV
O4 - HKLM\..\Wow6432Node\Run: [UpdatePDRShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe 
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe 
O4 - HKUS\S-1-5-21-3540232944-3643166865-3503105569-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe 
~ Application:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop: adwcleaner - Raccourci.lnk . (...)  -- C:\Users\DORINE\Downloads\adwcleaner.exe
O4 - Global Startup: C:\Documents And Settings\DORINE\Desktop\Lenovo Telephony Start Now.url . (...)  -- C:\Documents And Settings\DORINE\Desktop\Lenovo Telephony Start Now.url
O4 - GS\Desktop: PhotoScape.lnk . (...)  -- C:\Program Files (x86)\PhotoScape\PhotoScape.exe
~ Global Startup:  Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Classic IE9 Settings [64Bits] - {56753E59-AF1D-4FBA-9E15-31557124ADA2} -- Clé orpheline
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\WINDOWS\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\WINDOWS\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll
~ Winsock: 7 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{74706706-2345-4F65-870E-20294072DF42}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{74706706-2345-4F65-870E-20294072DF42}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
~ Domain:  Scanned in 00mn 00s



---\\ Titr_HJT34=Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807553E5-5146-11D5-A672-00B0D022E945} . (...) -- 
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: oem15.inf (BcmBtRSupport) . (.Broadcom Corporation. - Bluetooth Radio Management Support.) - C:\Windows\System32\BtwRSupportService.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Classic Shell Service (ClassicShellService) . (.IvoSoft - Classic Shell Service.) - C:\Program Files\Classic Shell\ClassicShellService.exe
O23 - Service: Intel(R) Capability Licensing Service In (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service:  (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service:  (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
~ Services: 12 Scanned in 00mn 16s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Pricora-chromeinstaller.job   [1890]  =>Adware.Pricora
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Pricora-codedownloader.job   [1192]  =>Adware.Pricora
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Pricora-enabler.job   [1092]  =>Adware.Pricora
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Pricora-firefoxinstaller.job   [1816]  =>Adware.Pricora
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Pricora-updater.job   [1188]  =>Adware.Pricora
[MD5.5CE2C1433B9B634591F0A1C4C1203A0B] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe   [251784]
[MD5.4999625054FFA2AFFCAFD085C1218307] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe   [3611416]  =>Piriform Ltd
[MD5.A1741C3B79F9DF8895E05EF43579E74B] [APT] [MirageAgent] (.CyberLink.) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe   [136488]
[MD5.00000000000000000000000000000000] [APT] [Pricora-chromeinstaller] (...) -- C:\Program Files (x86)\Pricora\Pricora-chromeinstaller.exe (.not file.)   [0]  =>Adware.Pricora
[MD5.00000000000000000000000000000000] [APT] [Pricora-codedownloader] (...) -- C:\Program Files (x86)\Pricora\Pricora-codedownloader.exe (.not file.)   [0]  =>Adware.Pricora
[MD5.00000000000000000000000000000000] [APT] [Pricora-enabler] (...) -- C:\Program Files (x86)\Pricora\Pricora-enabler.exe (.not file.)   [0]  =>Adware.Pricora
[MD5.00000000000000000000000000000000] [APT] [Pricora-firefoxinstaller] (...) -- C:\Program Files (x86)\Pricora\Pricora-firefoxinstaller.exe (.not file.)   [0]  =>Adware.Pricora
[MD5.00000000000000000000000000000000] [APT] [Pricora-updater] (...) -- C:\Program Files (x86)\Pricora\Pricora-updater.exe (.not file.)   [0]  =>Adware.Pricora
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe   [561984]
[MD5.3F481174F9ECC5E0D341C36C84923FED] [APT] [LSCHardwareScan] (...) -- C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe   [148392]
[MD5.3F481174F9ECC5E0D341C36C84923FED] [APT] [RebootCountTask] (...) -- C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe   [148392]
[MD5.3F481174F9ECC5E0D341C36C84923FED] [APT] [Time72Task] (...) -- C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe   [148392]
~ Scheduled Task: 24 Scanned in 00mn 02s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\Drivers\aswrdr2.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Drivers: 36 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {47FA2C44-D148-4DBC-AF60-B91934AA4842}
O42 - Logiciel: Adobe Download Assistant - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.downloadassistant.AdobeDownloadAssistant
O42 - Logiciel: Adobe Download Assistant - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {E15BC10F-04AA-0AFD-A6C9-476730195F8B}
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM][64Bits] -- AmUStor
O42 - Logiciel: Amazon Browser App - (.Amazon.) [HKLM][64Bits] -- {0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner  =>Piriform Ltd
O42 - Logiciel: Classic Shell - (.IvoSoft.) [HKLM][64Bits] -- {FEA1590B-540A-41FC-A95C-664493C82A21}
O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: Dolby Advanced Audio v2 - (.Dolby Laboratories Inc.) [HKLM][64Bits] -- {B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}
O42 - Logiciel: Energy Management - (.Lenovo.) [HKLM][64Bits] -- InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}
O42 - Logiciel: Energy Management - (.Lenovo.) [HKLM][64Bits] -- {D0956C11-0F60-43FE-99AD-524E833471BB}
O42 - Logiciel: Guide de l’utilisateur - (.Lenovo.) [HKLM][64Bits] -- {F07C2CF8-4C53-4EC3-8162-A6221E36EB88}
O42 - Logiciel: Intel AppUp(SM) center - (.Intel.) [HKLM][64Bits] -- Intel AppUp(SM) center 33057
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
O42 - Logiciel: Lenovo Bluetooth with Enhanced Data Rate Software - (.Broadcom Corporation.) [HKLM][64Bits] -- {C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}
O42 - Logiciel: Lenovo EasyCamera - (.Vimicro.) [HKLM][64Bits] -- {ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}
O42 - Logiciel: Lenovo OneKey Recovery - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}
O42 - Logiciel: Lenovo OneKey Recovery - (.CyberLink Corp..) [HKLM][64Bits] -- {46F4D124-20E5-4D12-BE52-EC177A7A4B42}
O42 - Logiciel: Lenovo PowerDVD10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: Lenovo PowerDVD10 - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: Lenovo Solution Center - (.Lenovo Group Limited.) [HKLM][64Bits] -- {1E939186-B443-4262-A278-3C82949EA7AC}
O42 - Logiciel: Lenovo YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Lenovo YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Les Sims™ 3 - (.Electronic Arts.) [HKLM][64Bits] -- {C05D8CDB-417D-4335-A38C-A0659EDFD6B8}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mozilla Firefox 23.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 23.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Package de pilotes Windows - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) - (.Lenovo.) [HKLM][64Bits] -- 71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42
O42 - Logiciel: Package de pilotes Windows - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13. - (.Lenovo.) [HKLM][64Bits] -- 8A223E56FB1ED4F697B54E5BF96F1EB63B512684
O42 - Logiciel: PhotoScape - (...) [HKLM][64Bits] -- PhotoScape
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {08CA9554-B5FE-4313-938F-D4A417B81175}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054}
O42 - Logiciel: Skype™ 6.6 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: SugarSync Manager - (.SugarSync, Inc..) [HKLM][64Bits] -- SugarSync
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: UserGuide - (.Lenovo.) [HKLM][64Bits] -- InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}
O42 - Logiciel: avast! Free Antivirus v8.0.1489.0 - (.AVAST Software.) [HKLM][64Bits] -- avast
~ Logic: 90 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Pricora]  =>Adware.Pricora
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\Electronic Arts]
[HKCU\Software\Enterbrain]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\IvoSoft]
[HKCU\Software\Lake]
[HKCU\Software\Lenovo]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mooii]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Paint.NET]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Skype]
[HKCU\Software\Synaptics]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Widcomm]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Broadcom]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\Google]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\IvoSoft]
[HKLM\Software\Khronos]
[HKLM\Software\Lenovo]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SonicFocus]
[HKLM\Software\Synaptics]
[HKLM\Software\Waves Audio]
[HKLM\Software\Widcomm]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\Amazon]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\Electronic Arts]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Lenovo EasyCamera]
[HKLM\Software\Wow6432Node\Lenovo]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\Mooii]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Pricora]  =>Adware.Pricora
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Sharpcast]
[HKLM\Software\Wow6432Node\Sims]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Vittalia]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\ZSMC]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Key Software: 147 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 11/08/2013 - 15:19:19 - [0,054] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 06/08/2013 - 03:02:07 - [2,818] ----D C:\Program Files (x86)\Adobe Download Assistant
O43 - CFD: 07/10/2012 - 11:41:35 - [2,381] ----D C:\Program Files (x86)\Amazon
O43 - CFD: 07/10/2012 - 11:24:26 - [2,982] ----D C:\Program Files (x86)\AmIcoSingLun
O43 - CFD: 20/08/2013 - 18:16:36 - [2,316] ----D C:\Program Files (x86)\Apple Software Update
O43 - CFD: 07/10/2012 - 11:29:16 - [0,176] ----D C:\Program Files (x86)\BisonCam
O43 - CFD: 11/08/2013 - 15:16:11 - [508,865] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 03/08/2013 - 01:06:25 - [323,842] ----D C:\Program Files (x86)\Cyberlink
O43 - CFD: 07/10/2012 - 11:24:10 - [12,795] ----D C:\Program Files (x86)\Dolby Advanced Audio v2
O43 - CFD: 10/08/2013 - 23:15:48 - [1501,298] ----D C:\Program Files (x86)\Electronic Arts
O43 - CFD: 20/08/2013 - 20:00:27 - [0] ----D C:\Program Files (x86)\Google
O43 - CFD: 10/08/2013 - 23:15:47 - [119,828] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 07/10/2012 - 11:44:49 - [192,205] ----D C:\Program Files (x86)\Intel
O43 - CFD: 19/08/2013 - 17:45:22 - [4,622] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 03/08/2013 - 01:21:31 - [502,220] ----D C:\Program Files (x86)\Lenovo
O43 - CFD: 21/08/2013 - 06:07:28 - [13,336] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 04/07/2013 - 20:47:32 - [339,163] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 22/07/2013 - 14:55:50 - [40,838] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 04/07/2013 - 20:47:25 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 04/07/2013 - 20:47:30 - [4,166] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 04/07/2013 - 20:46:11 - [0,301] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 20/08/2013 - 20:22:21 - [47,918] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 20/08/2013 - 20:21:55 - [0,215] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 01/08/2012 - 17:58:47 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 05/07/2013 - 10:48:33 - [24,942] ----D C:\Program Files (x86)\PhotoScape
O43 - CFD: 03/08/2013 - 01:11:18 - [77,109] ----D C:\Program Files (x86)\QuickTime
O43 - CFD: 07/10/2012 - 11:23:08 - [15,958] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 01/08/2012 - 17:58:47 - [36,536] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 05/08/2013 - 02:34:59 - [19,224] R---D C:\Program Files (x86)\Skype
O43 - CFD: 07/10/2012 - 11:38:37 - [45,292] ----D C:\Program Files (x86)\SugarSync
O43 - CFD: 07/10/2012 - 11:24:12 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 07/10/2012 - 11:29:20 - [0,969] ----D C:\Program Files (x86)\USB Camera2
O43 - CFD: 19/08/2013 - 17:45:26 - [1,038] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 04/07/2013 - 20:21:05 - [5,466] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 14/07/2013 - 21:05:58 - [3,494] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 26/07/2012 - 10:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 26/07/2012 - 10:12:59 - [7,243] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 10/07/2013 - 19:39:36 - [5,226] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 26/07/2012 - 10:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/07/2012 - 10:12:59 - [0] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 21/08/2013 - 19:50:35 - [16,496] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 11/08/2013 - 15:20:41 - [151,623] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 06/08/2013 - 20:54:26 - [38,049] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 04/07/2013 - 20:47:31 - [0,082] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 03/08/2013 - 01:21:34 - [2,009] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 07/10/2012 - 11:21:55 - [13,419] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 10/07/2013 - 19:42:28 - [278,505] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 07/10/2012 - 11:19:36 - [0,185] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 26/07/2012 - 10:13:01 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 05/08/2013 - 02:34:59 - [1,904] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 04/07/2013 - 20:47:22 - [23,086] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 11/08/2013 - 15:20:36 - [98,664] ----D C:\ProgramData\Adobe
O43 - CFD: 07/10/2012 - 11:24:26 - [0,004] ----D C:\ProgramData\AmUStor
O43 - CFD: 03/08/2013 - 01:10:22 - [2,216] ----D C:\ProgramData\Apple
O43 - CFD: 03/08/2013 - 01:10:43 - [28,466] ----D C:\ProgramData\Apple Computer
O43 - CFD: 26/07/2012 - 09:22:08 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 04/07/2013 - 21:00:18 - [248,563] ----D C:\ProgramData\AVAST Software
O43 - CFD: 04/07/2013 - 18:22:57 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 06/08/2013 - 23:30:11 - [0,069] ----D C:\ProgramData\CyberLink
O43 - CFD: 26/07/2012 - 09:22:08 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 26/07/2012 - 09:22:08 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 07/10/2012 - 11:46:15 - [68,210] ----D C:\ProgramData\Downloaded Installations
O43 - CFD: 04/07/2013 - 19:16:01 - [0,353] ----D C:\ProgramData\eBay
O43 - CFD: 04/07/2013 - 19:16:56 - [0,000] ----D C:\ProgramData\Energy Management
O43 - CFD: 07/10/2012 - 11:45:21 - [2,193] ----D C:\ProgramData\Intel
O43 - CFD: 04/07/2013 - 20:47:02 - [0] ----D C:\ProgramData\Lenovo
O43 - CFD: 21/08/2013 - 06:07:26 - [6,751] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 04/07/2013 - 18:22:57 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 22/07/2013 - 14:56:44 - [1603,953] -S--D C:\ProgramData\Microsoft
O43 - CFD: 04/07/2013 - 18:22:57 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 04/07/2013 - 19:20:49 - [0,000] ----D C:\ProgramData\Mozilla
O43 - CFD: 07/10/2012 - 11:46:06 - [0,018] ----D C:\ProgramData\OneKey Recovery
O43 - CFD: 10/07/2013 - 19:47:16 - [0,040] ----D C:\ProgramData\PRICache
O43 - CFD: 06/08/2013 - 03:44:55 - [0,002] ----D C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 01/08/2012 - 17:09:26 - [0,001] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 05/08/2013 - 02:35:06 - [31,767] ----D C:\ProgramData\Skype
O43 - CFD: 26/07/2012 - 09:22:08 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 03/08/2013 - 01:02:00 - [0,772] ----D C:\ProgramData\Temp
O43 - CFD: 26/07/2012 - 09:22:08 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 06/08/2013 - 03:49:52 - [5,916] ----D C:\Users\DORINE\AppData\Roaming\Adobe
O43 - CFD: 06/08/2013 - 03:02:11 - [0,013] ----D C:\Users\DORINE\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
O43 - CFD: 03/08/2013 - 01:19:38 - [0,088] ----D C:\Users\DORINE\AppData\Roaming\CyberLink
O43 - CFD: 04/07/2013 - 20:47:03 - [0,002] ----D C:\Users\DORINE\AppData\Roaming\Lenovo
O43 - CFD: 04/07/2013 - 19:24:27 - [0,034] ----D C:\Users\DORINE\AppData\Roaming\LSC
O43 - CFD: 07/10/2012 - 11:41:05 - [0,066] ----D C:\Users\DORINE\AppData\Roaming\Macromedia
O43 - CFD: 21/08/2013 - 06:07:40 - [37,033] ----D C:\Users\DORINE\AppData\Roaming\Malwarebytes
O43 - CFD: 11/08/2013 - 14:54:07 - [1,274] -S--D C:\Users\DORINE\AppData\Roaming\Microsoft
O43 - CFD: 04/07/2013 - 19:21:23 - [41,899] ----D C:\Users\DORINE\AppData\Roaming\Mozilla
O43 - CFD: 11/08/2013 - 15:17:44 - [0,000] ----D C:\Users\DORINE\AppData\Roaming\No Company Name
O43 - CFD: 05/07/2013 - 10:48:47 - [0,031] ----D C:\Users\DORINE\AppData\Roaming\PhotoScape
O43 - CFD: 19/08/2013 - 17:44:22 - [4,801] ----D C:\Users\DORINE\AppData\Roaming\Skype
O43 - CFD: 04/07/2013 - 20:47:51 - [0,000] ----D C:\Users\DORINE\AppData\Roaming\WebApp
O43 - CFD: 13/08/2013 - 22:48:29 - [1,002] ----D C:\Users\DORINE\AppData\Local\Adobe
O43 - CFD: 03/08/2013 - 01:10:28 - [0] ----D C:\Users\DORINE\AppData\Local\Apple
O43 - CFD: 20/08/2013 - 23:00:49 - [0,002] ----D C:\Users\DORINE\AppData\Local\Apple Computer
O43 - CFD: 04/07/2013 - 19:14:22 - [0] ----D C:\Users\DORINE\AppData\Local\Application Data
O43 - CFD: 04/07/2013 - 19:16:57 - [0] ----D C:\Users\DORINE\AppData\Local\Broadcom
O43 - CFD: 04/07/2013 - 20:47:12 - [0,133] ----D C:\Users\DORINE\AppData\Local\CyberLink
O43 - CFD: 12/08/2013 - 00:06:58 - [3,643] ----D C:\Users\DORINE\AppData\Local\Diagnostics
O43 - CFD: 19/08/2013 - 22:17:09 - [0,103] ----D C:\Users\DORINE\AppData\Local\ElevatedDiagnostics
O43 - CFD: 20/08/2013 - 20:00:23 - [0] ----D C:\Users\DORINE\AppData\Local\Google
O43 - CFD: 04/07/2013 - 19:14:22 - [0] ----D C:\Users\DORINE\AppData\Local\Historique
O43 - CFD: 04/07/2013 - 19:25:07 - [3,966] ----D C:\Users\DORINE\AppData\Local\LSC
O43 - CFD: 05/07/2013 - 13:57:40 - [0] ----D C:\Users\DORINE\AppData\Local\Macromedia
O43 - CFD: 19/08/2013 - 22:37:55 - [-2024,017] ----D C:\Users\DORINE\AppData\Local\Microsoft
O43 - CFD: 04/07/2013 - 19:21:09 - [72,565] ----D C:\Users\DORINE\AppData\Local\Mozilla
O43 - CFD: 10/07/2013 - 19:47:18 - [362,509] ----D C:\Users\DORINE\AppData\Local\Packages
O43 - CFD: 09/08/2013 - 20:23:51 - [0] ----D C:\Users\DORINE\AppData\Local\Paint.NET
O43 - CFD: 22/07/2013 - 14:55:03 - [0] ----D C:\Users\DORINE\AppData\Local\Programs
O43 - CFD: 21/08/2013 - 19:49:20 - [25,030] ----D C:\Users\DORINE\AppData\Local\Temp
O43 - CFD: 04/07/2013 - 19:14:22 - [0] ----D C:\Users\DORINE\AppData\Local\Temporary Internet Files
O43 - CFD: 04/07/2013 - 19:14:38 - [0] ----D C:\Users\DORINE\AppData\Local\VirtualStore
O43 - CFD: 26/07/2012 - 10:13:00 - [0,004] R---D C:\Users\DORINE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/07/2012 - 10:13:00 - [0,001] R---D C:\Users\DORINE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/07/2013 - 01:22:06 - [0,000] R---D C:\Users\DORINE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 03/08/2013 - 01:09:55 - [0,006] ----D C:\Users\DORINE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
O43 - CFD: 26/07/2012 - 10:13:00 - [0,000] ----D C:\Users\DORINE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 12/08/2013 - 00:15:42 - [0,002] ----D C:\Users\DORINE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Périphériques Bluetooth
O43 - CFD: 11/08/2013 - 14:52:03 - [0,000] R---D C:\Users\DORINE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/07/2012 - 10:13:00 - [0,005] R---D C:\Users\DORINE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
~ Program Folder: 120 Scanned in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.09AB00E10F8BBC534C6559F10891F7CD] - 21/08/2013 - 18:50:53 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [983457]
O44 - LFC:[MD5.C7552ECCAB5FAEC52A9C312D320015F8] - 21/08/2013 - 18:42:13 ---A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.988C21CB5A8FF1F1884A3CD8930DBBAB] - 21/08/2013 - 06:23:03 ---A- . (...) -- C:\Windows\PFRO.log   [10106]
O44 - LFC:[MD5.0BB97D43299910CBFBA59C461B99B910] - 21/08/2013 - 05:07:25 RSHAD . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys   [25928]
O44 - LFC:[MD5.0B617AEFEE652F2E92C0C22BC0857428] - 20/08/2013 - 19:54:22 ---A- . (...) -- C:\AdwCleaner[S2].txt   [1753]
O44 - LFC:[MD5.F1C59DAF0B958C6DBED434DEF9374926] - 20/08/2013 - 18:23:01 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI   [1793362]
O44 - LFC:[MD5.B7B9BE0E093DB6212C09FD31B2028E2B] - 20/08/2013 - 18:23:01 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat   [132614]
O44 - LFC:[MD5.ABC8123FF141AE26EA1B05F145B3C54C] - 20/08/2013 - 18:23:01 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat   [155650]
O44 - LFC:[MD5.1D178A6EA3291AA0F3121276E4F5F1F6] - 20/08/2013 - 18:23:01 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat   [710244]
O44 - LFC:[MD5.D9C5431C12142069EB5518E76D056F66] - 20/08/2013 - 18:23:01 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat   [800978]
O44 - LFC:[MD5.F1C59DAF0B958C6DBED434DEF9374926] - 20/08/2013 - 18:23:01 RSHAD . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1793362]
O44 - LFC:[MD5.B7B9BE0E093DB6212C09FD31B2028E2B] - 20/08/2013 - 18:23:01 RSHAD . (...) -- C:\Windows\System32\perfc009.dat   [132614]
O44 - LFC:[MD5.ABC8123FF141AE26EA1B05F145B3C54C] - 20/08/2013 - 18:23:01 RSHAD . (...) -- C:\Windows\System32\perfc00C.dat   [155650]
O44 - LFC:[MD5.1D178A6EA3291AA0F3121276E4F5F1F6] - 20/08/2013 - 18:23:01 RSHAD . (...) -- C:\Windows\System32\perfh009.dat   [710244]
O44 - LFC:[MD5.D9C5431C12142069EB5518E76D056F66] - 20/08/2013 - 18:23:01 RSHAD . (...) -- C:\Windows\System32\perfh00C.dat   [800978]
O44 - LFC:[MD5.2E2B8DE573B3315EB657EB51483350C5] - 19/08/2013 - 22:05:41 ---A- . (...) -- C:\AdwCleaner[R1].txt   [1262]
O44 - LFC:[MD5.93D63D1883C750545B747CBE60337CD7] - 19/08/2013 - 17:19:40 ---A- . (...) -- C:\AdwCleaner[S1].txt   [13110]
O44 - LFC:[MD5.19AEF9DE6A175C85DFF87C0ED0AB5386] - 14/08/2013 - 06:04:46 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\SysNative\MRT.exe   [78161360]
O44 - LFC:[MD5.19AEF9DE6A175C85DFF87C0ED0AB5386] - 14/08/2013 - 06:04:46 RSHAD . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe   [78161360]
O44 - LFC:[MD5.E4C853E60734B3F6067B7F17FC178E8E] - 14/08/2013 - 05:34:20 ---A- . (.Microsoft Corporation - Bibliothèque de thèmes Ux Microsoft.) -- C:\Windows\SysNative\uxtheme.dll   [915968]
O44 - LFC:[MD5.E4C853E60734B3F6067B7F17FC178E8E] - 14/08/2013 - 05:34:20 ---A- . (.Microsoft Corporation - Bibliothèque de thèmes Ux Microsoft.) -- C:\Windows\System32\uxtheme.dll   [915968]
O44 - LFC:[MD5.3A2FD42F11CD325A4ACAFE7FB0EEA83A] - 14/08/2013 - 05:34:20 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\SysNative\mshtml.tlb   [2706432]
O44 - LFC:[MD5.3A2FD42F11CD325A4ACAFE7FB0EEA83A] - 14/08/2013 - 05:34:20 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb   [2706432]
O44 - LFC:[MD5.BBFE238B22F808C88AF039EF83BABAD6] - 14/08/2013 - 05:34:20 ---A- . (.Microsoft Corporation - Windows User Experience Session Initializat.) -- C:\Windows\SysNative\UXInit.dll   [53760]
O44 - LFC:[MD5.BBFE238B22F808C88AF039EF83BABAD6] - 14/08/2013 - 05:34:20 ---A- . (.Microsoft Corporation - Windows User Experience Session Initializat.) -- C:\Windows\System32\UXInit.dll   [53760]
O44 - LFC:[MD5.04DE09B1E287F6DC5C7FD655B6E84AB9] - 14/08/2013 - 05:34:17 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\SysNative\jsproxy.dll   [53760]
O44 - LFC:[MD5.04DE09B1E287F6DC5C7FD655B6E84AB9] - 14/08/2013 - 05:34:17 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll   [53760]
O44 - LFC:[MD5.622C7C8D39609FCEACE3508715D48C7F] - 14/08/2013 - 05:34:17 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\SysNative\iernonce.dll   [39936]
O44 - LFC:[MD5.622C7C8D39609FCEACE3508715D48C7F] - 14/08/2013 - 05:34:17 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\System32\iernonce.dll   [39936]
O44 - LFC:[MD5.6C8BDC9F16943D626DFE8A987BCCFD20] - 14/08/2013 - 05:34:17 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\SysNative\ie4uinit.exe   [51712]
O44 - LFC:[MD5.6C8BDC9F16943D626DFE8A987BCCFD20] - 14/08/2013 - 05:34:17 RSHAD . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe   [51712]
O44 - LFC:[MD5.289C5E0A386E7B6CA9539D66D15E22CC] - 14/08/2013 - 05:34:16 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysNative\urlmon.dll   [1365504]
O44 - LFC:[MD5.289C5E0A386E7B6CA9539D66D15E22CC] - 14/08/2013 - 05:34:16 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll   [1365504]
O44 - LFC:[MD5.8C12653BEA781902AA60E4A855A55D5C] - 14/08/2013 - 05:34:16 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\SysNative\msfeeds.dll   [603136]
O44 - LFC:[MD5.8C12653BEA781902AA60E4A855A55D5C] - 14/08/2013 - 05:34:16 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll   [603136]
O44 - LFC:[MD5.963B29E0EFB20D66436214DB7C43D7F7] - 14/08/2013 - 05:34:15 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\SysNative\iesetup.dll   [67072]
O44 - LFC:[MD5.963B29E0EFB20D66436214DB7C43D7F7] - 14/08/2013 - 05:34:15 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll   [67072]
O44 - LFC:[MD5.AC155DD9BD1E6D3B740826A4D1C68AAE] - 14/08/2013 - 05:34:14 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\SysNative\wininet.dll   [2241024]
O44 - LFC:[MD5.AC155DD9BD1E6D3B740826A4D1C68AAE] - 14/08/2013 - 05:34:14 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll   [2241024]
O44 - LFC:[MD5.D8CC9A20C517A54678363C4C77B930A4] - 14/08/2013 - 05:34:14 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\SysNative\iesysprep.dll   [136704]
O44 - LFC:[MD5.D8CC9A20C517A54678363C4C77B930A4] - 14/08/2013 - 05:34:14 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\System32\iesysprep.dll   [136704]
O44 - LFC:[MD5.677A1C1B0F254EC918D84A7FE29274CA] - 14/08/2013 - 05:34:13 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\SysNative\ieframe.dll   [15405056]
O44 - LFC:[MD5.677A1C1B0F254EC918D84A7FE29274CA] - 14/08/2013 - 05:34:13 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll   [15405056]
O44 - LFC:[MD5.16FE878530FDFC9AB08B7FFC32335958] - 14/08/2013 - 05:34:09 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\SysNative\jscript.dll   [855552]
O44 - LFC:[MD5.16FE878530FDFC9AB08B7FFC32335958] - 14/08/2013 - 05:34:09 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll   [855552]
O44 - LFC:[MD5.396889142BD839DB8A055A0BE0AD2F79] - 14/08/2013 - 05:34:07 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysNative\mshtml.dll   [19239424]
O44 - LFC:[MD5.396889142BD839DB8A055A0BE0AD2F79] - 14/08/2013 - 05:34:07 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll   [19239424]
O44 - LFC:[MD5.5A7FA01EEC393A3E0D0F3EBAA1FD959E] - 14/08/2013 - 05:33:53 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\SysNative\jscript9.dll   [3958784]
O44 - LFC:[MD5.5A7FA01EEC393A3E0D0F3EBAA1FD959E] - 14/08/2013 - 05:33:53 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll   [3958784]
O44 - LFC:[MD5.65546D87F7A78AB31841A536456CB94D] - 14/08/2013 - 05:33:53 ---A- . (.Microsoft Corporation - Utilitaire à l’exécution pour Internet Expl.) -- C:\Windows\SysNative\iertutil.dll   [2647040]
O44 - LFC:[MD5.65546D87F7A78AB31841A536456CB94D] - 14/08/2013 - 05:33:53 ---A- . (.Microsoft Corporation - Utilitaire à l’exécution pour Internet Expl.) -- C:\Windows\System32\iertutil.dll   [2647040]
O44 - LFC:[MD5.5F425D842DD6ADE9F95A51A0616AFAD7] - 14/08/2013 - 05:15:48 RSHAD . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) -- C:\Windows\System32\Drivers\WdFilter.sys   [247216]
O44 - LFC:[MD5.FD47DF026B32969B8A68721A0243E8EE] - 14/08/2013 - 05:15:47 RSHAD . (.Microsoft Corporation - Microsoft antimalware boot driver.) -- C:\Windows\System32\Drivers\WdBoot.sys   [36288]
O44 - LFC:[MD5.6BDCC68E85A386414E4E028DEB768350] - 14/08/2013 - 05:14:30 ---A- . (.Microsoft Corporation - Runtime d’appel de procédure distante.) -- C:\Windows\SysNative\rpcrt4.dll   [1314816]
O44 - LFC:[MD5.6BDCC68E85A386414E4E028DEB768350] - 14/08/2013 - 05:14:30 ---A- . (.Microsoft Corporation - Runtime d’appel de procédure distante.) -- C:\Windows\System32\rpcrt4.dll   [1314816]
O44 - LFC:[MD5.1794C43A000A47D92B3304FC1E3E512A] - 14/08/2013 - 05:14:23 RSHAD . (.Microsoft Corporation - Pilote TCP/IP.) -- C:\Windows\System32\Drivers\tcpip.sys   [2233168]
O44 - LFC:[MD5.B6FCC2BB7D1044EA0FC4B573951BE8DC] - 14/08/2013 - 05:09:09 ---A- . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\SysNative\crypt32.dll   [1889280]
O44 - LFC:[MD5.B6FCC2BB7D1044EA0FC4B573951BE8DC] - 14/08/2013 - 05:09:09 ---A- . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll   [1889280]
O44 - LFC:[MD5.F68F697F5B4E74217159C38FFFD37964] - 14/08/2013 - 05:09:08 ---A- . (.Microsoft Corporation - Application Reputation APIs Dll.) -- C:\Windows\SysNative\apprepapi.dll   [124416]
O44 - LFC:[MD5.F68F697F5B4E74217159C38FFFD37964] - 14/08/2013 - 05:09:08 ---A- . (.Microsoft Corporation - Application Reputation APIs Dll.) -- C:\Windows\System32\apprepapi.dll   [124416]
O44 - LFC:[MD5.74466D77EE8588C04B95AE9DBC693EF8] - 14/08/2013 - 05:09:08 ---A- . (.Microsoft Corporation - Microsoft Trust Verification APIs.) -- C:\Windows\SysNative\wintrust.dll   [337408]
O44 - LFC:[MD5.74466D77EE8588C04B95AE9DBC693EF8] - 14/08/2013 - 05:09:08 ---A- . (.Microsoft Corporation - Microsoft Trust Verification APIs.) -- C:\Windows\System32\wintrust.dll   [337408]
O44 - LFC:[MD5.5CE2742F063731EC10C1B2EE386A2C08] - 14/08/2013 - 05:09:08 ---A- . (.Microsoft Corporation - Services de chiffrement.) -- C:\Windows\SysNative\cryptsvc.dll   [68096]
O44 - LFC:[MD5.E4E889A9CA3E8CCEE6FB5D1B4F94296F] - 14/08/2013 - 05:09:08 ---A- . (.Microsoft Corporation - Tâche AppRepSync.) -- C:\Windows\SysNative\apprepsync.dll   [98304]
O44 - LFC:[MD5.E4E889A9CA3E8CCEE6FB5D1B4F94296F] - 14/08/2013 - 05:09:08 ---A- . (.Microsoft Corporation - Tâche AppRepSync.) -- C:\Windows\System32\apprepsync.dll   [98304]
O44 - LFC:[MD5.5CE2742F063731EC10C1B2EE386A2C08] - 14/08/2013 - 05:09:08 RSHAD . (.Microsoft Corporation - Services de chiffrement.) -- C:\Windows\System32\cryptsvc.dll   [68096]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/08/2013 - 23:15:31 ---A- . (...) -- C:\Windows\setupact.log   [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/08/2013 - 23:15:31 ---A- . (...) -- C:\Windows\setuperr.log   [0]
O44 - LFC:[MD5.F56FA73E6FD7522C224324991847BB24] - 11/08/2013 - 15:40:43 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT   [829648]
O44 - LFC:[MD5.F56FA73E6FD7522C224324991847BB24] - 11/08/2013 - 15:40:43 RSHAD . (...) -- C:\Windows\System32\FNTCACHE.DAT   [829648]
O44 - LFC:[MD5.FAAA0BB9CD2905B25334132E5BA093EB] - 10/08/2013 - 22:33:00 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\Windows\SysNative\d3dx9_31.dll   [3977496]
O44 - LFC:[MD5.FAAA0BB9CD2905B25334132E5BA093EB] - 10/08/2013 - 22:33:00 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\Windows\System32\d3dx9_31.dll   [3977496]
~ Files: 72 Scanned in 00mn 09s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.77EB3F8495BA130B269698D105291853] - 02/08/2013 - 02:26:48 ---A- - C:\Windows\Prefetch\CRASHREPORTER.EXE-2F69777B.pf
O45 - LFCP:[MD5.0A458274EF19F910D97C61E2EFFBF45A] - 02/08/2013 - 23:59:50 ---A- - C:\Windows\Prefetch\CYBERLINK.8.EXE-7A03FE65.pf
O45 - LFCP:[MD5.918AF5A253AA87967838EAF198B5672B] - 03/08/2013 - 00:13:45 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-DD7726D2.pf
O45 - LFCP:[MD5.C9D35877F4D483A043C43E72E284B82D] - 04/08/2013 - 16:10:02 ---A- - C:\Windows\Prefetch\MAP.EXE-E3158199.pf
O45 - LFCP:[MD5.4F0A4BA0460C5692D02371A4DCFD0CF6] - 05/08/2013 - 19:02:59 ---A- - C:\Windows\Prefetch\OIS.EXE-108FB55B.pf
O45 - LFCP:[MD5.0E8E534B7A8C9B5053D77A97E9DBB702] - 06/08/2013 - 02:02:08 ---A- - C:\Windows\Prefetch\ADOBE AIR APPLICATION INSTALL-FE6BDFC0.pf
O45 - LFCP:[MD5.AEE74CC2A994C402F9CDBA6DD9803096] - 06/08/2013 - 22:29:46 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-8AC96D2D.pf
O45 - LFCP:[MD5.2B86BF74AEA3DB03EB46D63CB4A8338A] - 06/08/2013 - 22:44:39 ---A- - C:\Windows\Prefetch\CLUPDATER.EXE-22EF20A2.pf
O45 - LFCP:[MD5.A6432D99989670FF5CFBF62EDE281CA1] - 06/08/2013 - 22:44:47 ---A- - C:\Windows\Prefetch\POWERDVD10.EXE-9798B9AB.pf
O45 - LFCP:[MD5.85280896AA9EE4FB1F4A186ABE297447] - 07/08/2013 - 20:15:18 ---A- - C:\Windows\Prefetch\PHOTOSHOP ELEMENTS 11.0.EXE-4D5CD728.pf
O45 - LFCP:[MD5.7DBA6A193C1D33ED93F3BD70362CB725] - 07/08/2013 - 20:15:26 ---A- - C:\Windows\Prefetch\PHOTOSHOPELEMENTSEDITOR.EXE-280E676A.pf
O45 - LFCP:[MD5.5AC66F05ED5FF6A20BA6C3BDFE3FD001] - 07/08/2013 - 20:15:30 ---A- - C:\Windows\Prefetch\PDAPP.EXE-2F4BB84B.pf
O45 - LFCP:[MD5.28627A1134814864470CAC4A8DDD6B82] - 09/08/2013 - 16:00:49 ---A- - C:\Windows\Prefetch\WINZIP175.EXE-64CE9FFE.pf
O45 - LFCP:[MD5.51F3EEFD3A51FCACE19E3C9BB6983F80] - 09/08/2013 - 19:24:00 ---A- - C:\Windows\Prefetch\PAINTDOTNET.EXE-18B0375C.pf
O45 - LFCP:[MD5.76098C807048DD4439D7613F633936BD] - 09/08/2013 - 19:34:30 ---A- - C:\Windows\Prefetch\PHOTOSCAPE.EXE-8BA6AB44.pf
O45 - LFCP:[MD5.34BEEEEF2397C120D47DCBCA98C78B6A] - 10/08/2013 - 21:23:39 ---A- - C:\Windows\Prefetch\SIMS3SETUP.EXE-E7AE0CB8.pf
O45 - LFCP:[MD5.E47D14994C266D2659E2C95683582847] - 10/08/2013 - 21:24:02 ---A- - C:\Windows\Prefetch\THE SIMS 3_CODE.EXE-DE3556B9.pf
O45 - LFCP:[MD5.2622B0D837C283C5DDACA55819BC9AB0] - 10/08/2013 - 21:27:20 ---A- - C:\Windows\Prefetch\BICLIENT.EXE-F1D3AFFF.pf
O45 - LFCP:[MD5.5A6138836836B13A71534FEA2FCA9392] - 10/08/2013 - 21:29:11 ---A- - C:\Windows\Prefetch\IE_APPROVEEXT.EXE-CBFBC8B9.pf
O45 - LFCP:[MD5.16CF23D6EFBCD675132B55F711054060] - 10/08/2013 - 21:29:18 ---A- - C:\Windows\Prefetch\WAJAM_INSTALL.EXE-9743C161.pf  =>Toolbar.Wajam
O45 - LFCP:[MD5.ADA2D10C667A24C7D5629372A15B94C9] - 10/08/2013 - 21:29:35 ---A- - C:\Windows\Prefetch\OPTIMIZER_PRO.TMP-5998FD01.pf  =>PUP.OptimizerPro
O45 - LFCP:[MD5.9380F5090A0F2AEDE7580F2F68029F37] - 10/08/2013 - 21:31:09 ---A- - C:\Windows\Prefetch\WINZIP64.EXE-B99A5AE9.pf
O45 - LFCP:[MD5.81B7364EFC22EFA6EF735268E31A9439] - 10/08/2013 - 21:50:25 ---A- - C:\Windows\Prefetch\TASKKILL.EXE-1B91EAB2.pf
O45 - LFCP:[MD5.1D9079FA6B529781991124AD82645D2E] - 10/08/2013 - 21:56:29 ---A- - C:\Windows\Prefetch\PICKERHOST.EXE-299594AB.pf
O45 - LFCP:[MD5.55B6F002DE6428072AAFDD32B0D8B792] - 10/08/2013 - 22:03:38 ---A- - C:\Windows\Prefetch\MYPC BACKUP.EXE-EFC95E5E.pf  =>PUP.MyPCBackup
O45 - LFCP:[MD5.398A0A7D81D2D335B7AC607565250D26] - 10/08/2013 - 22:15:00 ---A- - C:\Windows\Prefetch\SIMS3SETUP.EXE-6F1363A5.pf
O45 - LFCP:[MD5.36604BFAE77138308D8F32392E9368D2] - 10/08/2013 - 22:15:19 ---A- - C:\Windows\Prefetch\THE SIMS 3_CODE.EXE-DA4851BF.pf
O45 - LFCP:[MD5.2616F3EE78D5185CF7C68DE0A5C69747] - 10/08/2013 - 22:36:02 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-6402ADC8.pf
O45 - LFCP:[MD5.0BC645CD6CA93FF7C79715C39BEF4AD0] - 11/08/2013 - 13:50:23 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-6B8EC6AB.pf
O45 - LFCP:[MD5.1060C0810A326653989CE1E8E06D0ED7] - 11/08/2013 - 13:50:46 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-9880D1BD.pf
O45 - LFCP:[MD5.0CEEA1499B36FCD6A3A661B617489A6E] - 11/08/2013 - 13:50:51 ---A- - C:\Windows\Prefetch\SNAPDO.EXE-28DB4684.pf
O45 - LFCP:[MD5.427903710E26D0DA9D486553B60B0D2E] - 11/08/2013 - 13:53:27 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-2CC367C2.pf
O45 - LFCP:[MD5.E636B8EA4E77E012CC6764D95B00D202] - 11/08/2013 - 13:53:38 ---A- - C:\Windows\Prefetch\REGASM.EXE-08442B64.pf
O45 - LFCP:[MD5.B70E3E602892AFFDDB18B673B79582DF] - 11/08/2013 - 13:54:07 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-45B60483.pf
O45 - LFCP:[MD5.2358886E750350674E6A26E5CF92D4D4] - 11/08/2013 - 14:09:15 ---A- - C:\Windows\Prefetch\PDR8.EXE-A6D9FDE6.pf
O45 - LFCP:[MD5.CF4F9EC1454377EB22C596922228DDBB] - 11/08/2013 - 14:17:22 ---A- - C:\Windows\Prefetch\PHOTOSHOPELEMENTSFILEAGENT.EX-3A07B1DB.pf
O45 - LFCP:[MD5.C120300BF8441428EA1314B73B5C985B] - 11/08/2013 - 14:45:48 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-18A3E3B8.pf
O45 - LFCP:[MD5.1174CD2A594F5C920187B131DD6B7762] - 11/08/2013 - 14:47:20 ---A- - C:\Windows\Prefetch\DEVICEPROPERTIES.EXE-2E5686C8.pf
O45 - LFCP:[MD5.AAAAFA92F1261281B92D0232D60E1EE3] - 11/08/2013 - 15:14:35 ---A- - C:\Windows\Prefetch\PCEE4E.EXE-4BB5C6F8.pf
O45 - LFCP:[MD5.559D97F544EC306B37E174967F1E2985] - 11/08/2013 - 15:19:04 ---A- - C:\Windows\Prefetch\CLUPDATER.EXE-B8F8D1B4.pf
O45 - LFCP:[MD5.8CBD2906245A11CC4F3305228B94811F] - 11/08/2013 - 15:19:08 ---A- - C:\Windows\Prefetch\YOUCAM.EXE-8BFD8B9F.pf
O45 - LFCP:[MD5.5A458804B5747C2DE705810DBCA070B3] - 11/08/2013 - 15:23:58 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-52A59F2D.pf
O45 - LFCP:[MD5.7682B2937304C4A66535D119C3901C65] - 11/08/2013 - 15:24:52 ---A- - C:\Windows\Prefetch\SPEECHUXWIZ.EXE-32DE5E2B.pf
O45 - LFCP:[MD5.B1DE1BF178105D9382409E4A352592AE] - 11/08/2013 - 15:27:24 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-7356B03A.pf
O45 - LFCP:[MD5.018E497E4242148382F3804408D46E24] - 11/08/2013 - 15:27:35 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-6485220B.pf
O45 - LFCP:[MD5.78589751B21804350A81C456C04B03F0] - 11/08/2013 - 15:45:15 ---A- - C:\Windows\Prefetch\FLASHUTIL32_11_7_700_224_PLUG-58447008.pf
O45 - LFCP:[MD5.78C78016A17BBFC1CA59C174363410CB] - 11/08/2013 - 16:46:22 ---A- - C:\Windows\Prefetch\SETUP_WM.EXE-2219259C.pf
O45 - LFCP:[MD5.75A1AD3A314ACDF8E2C7625F6139F669] - 11/08/2013 - 23:04:48 ---A- - C:\Windows\Prefetch\DISPLAYSWITCH.EXE-1FD4008F.pf
O45 - LFCP:[MD5.19D06B82AE3AB21524A5556DF1C74FFE] - 11/08/2013 - 23:08:48 ---A- - C:\Windows\Prefetch\XWIZARD.EXE-77F82ED4.pf
O45 - LFCP:[MD5.ADBF9A3AB169B74E26546E0C5987E957] - 11/08/2013 - 23:15:07 ---A- - C:\Windows\Prefetch\RASAUTOU.EXE-12541C13.pf
O45 - LFCP:[MD5.A6E3B25C9E95308C6ADF6053EA4EE94A] - 12/08/2013 - 03:36:26 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-7E9E9326.pf
O45 - LFCP:[MD5.8773FDF80628EE74207B4C6ED9680923] - 13/08/2013 - 21:21:38 ---A- - C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_7_700_22-E357C93F.pf
O45 - LFCP:[MD5.38C657C13763CDC3D24D0A660A0AAF39] - 13/08/2013 - 21:44:15 ---A- - C:\Windows\Prefetch\INSTALL_FLASHPLAYER11X32_MSSD-A0ADADDC.pf
O45 - LFCP:[MD5.24E88572EA3A9263B302990F01841E00] - 14/08/2013 - 00:10:22 ---A- - C:\Windows\Prefetch\SIMS3LAUNCHER.EXE-F2BB06F1.pf
O45 - LFCP:[MD5.3CD56A44A854AA65BC59C47FD34FBE17] - 14/08/2013 - 00:10:39 ---A- - C:\Windows\Prefetch\TS3.EXE-825164FE.pf
O45 - LFCP:[MD5.5D5CC4401D939F036627E465ED316454] - 14/08/2013 - 01:00:05 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-E52140E5.pf
O45 - LFCP:[MD5.14966694DECD91211150F93D001C874A] - 14/08/2013 - 01:07:05 ---A- - C:\Windows\Prefetch\OIS.EXE-0CDABC7A.pf
O45 - LFCP:[MD5.549E618EC9687696811D486BC2774CF1] - 15/08/2013 - 15:11:28 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-F60D3FA0.pf
O45 - LFCP:[MD5.3F14F5349FDB3E081DC8628A931BAB3B] - 15/08/2013 - 16:20:17 ---A- - C:\Windows\Prefetch\PLUGIN-HANG-UI.EXE-9BEE1828.pf
O45 - LFCP:[MD5.920B2DBDBE3BC9FAFC9738A90C5D487F] - 16/08/2013 - 13:45:35 ---A- - C:\Windows\Prefetch\WMPLAYER.EXE-75A07DA5.pf
O45 - LFCP:[MD5.656F7CADF7CE440FA3EC151BBA7A5B57] - 16/08/2013 - 14:44:42 ---A- - C:\Windows\Prefetch\EXCEL.EXE-2B641AB9.pf
O45 - LFCP:[MD5.8C6FA535F6A43EF8F23DA5550F22F760] - 16/08/2013 - 14:49:34 ---A- - C:\Windows\Prefetch\BTSENDTO_EXPLORER.EXE-C0F43E64.pf
O45 - LFCP:[MD5.671826CAC46A33D4657A1E2C5FBC3B23] - 19/08/2013 - 17:14:13 ---A- - C:\Windows\Prefetch\SETUP.EXE-32918322.pf
O45 - LFCP:[MD5.43B5391D1B632B3E7BF668E4E7E7F090] - 19/08/2013 - 17:14:27 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EFF006F9.pf
O45 - LFCP:[MD5.BB4A965B242B1D5FFC3EC5D7CA21D784] - 19/08/2013 - 17:41:37 ---A- - C:\Windows\Prefetch\dynreservedpri.db
O45 - LFCP:[MD5.95B6B1343F8675B79ADAEDBBA4D51A8B] - 19/08/2013 - 20:45:22 ---A- - C:\Windows\Prefetch\OPTIONALFEATURES.EXE-8D7D4310.pf
O45 - LFCP:[MD5.669313D0C45E9894DDFE06CC35FF64A6] - 19/08/2013 - 21:00:22 ---A- - C:\Windows\Prefetch\PERFMON.EXE-AAC092A2.pf
O45 - LFCP:[MD5.F365FE1307A0FFE5BCD8B6D04F11F192] - 19/08/2013 - 21:16:49 ---A- - C:\Windows\Prefetch\MSDT.EXE-6D6497A7.pf
O45 - LFCP:[MD5.3F8F0FBB2D31838C91ED7F7DA8F60B17] - 19/08/2013 - 21:18:41 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-CB9044FF.pf
O45 - LFCP:[MD5.ACD90367E6349FF9250488842833578D] - 19/08/2013 - 21:29:15 ---A- - C:\Windows\Prefetch\MSCONFIG.EXE-C6893BAD.pf
O45 - LFCP:[MD5.F67B738DEDA9D9ADA08A079C5D1EB15E] - 19/08/2013 - 21:38:04 ---A- - C:\Windows\Prefetch\JOURNAL.EXE-F98FC3FA.pf
O45 - LFCP:[MD5.CDDD2130EBA411B03EB55F8F79A46576] - 19/08/2013 - 21:42:10 ---A- - C:\Windows\Prefetch\SYSTEMPROPERTIESREMOTE.EXE-E142FD85.pf
O45 - LFCP:[MD5.6FE9C65BB83DEBF70DE8D5CE5882E82F] - 19/08/2013 - 21:42:29 ---A- - C:\Windows\Prefetch\SYSTEMPROPERTIESADVANCED.EXE-A4DBF9CF.pf
O45 - LFCP:[MD5.C5F30A9DF96BA972A9A5AC37400BF3AC] - 19/08/2013 - 21:44:25 ---A- - C:\Windows\Prefetch\SYSTEMPROPERTIESPROTECTION.EX-BB81C72C.pf
O45 - LFCP:[MD5.0C294A0CFCE12F2B4AE1B35EC942405A] - 20/08/2013 - 06:42:04 ---A- - C:\Windows\Prefetch\AgCx_SC5.db
O45 - LFCP:[MD5.5F094E260184B85BCE0FBC93235E1BBB] - 20/08/2013 - 06:44:05 ---A- - C:\Windows\Prefetch\DSMUSERTASK.EXE-24160A4D.pf
O45 - LFCP:[MD5.0ED961C213EEC0F3EE064A797E3ACADA] - 20/08/2013 - 17:16:39 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-A80B33F1.pf
O45 - LFCP:[MD5.9E363FDC17E7B0101BF8D884BB4E3241] - 20/08/2013 - 18:01:18 ---A- - C:\Windows\Prefetch\SYSTEMSETTINGS.EXE-94FD71BB.pf
O45 - LFCP:[MD5.7FD3A703493C76D6856C19412030A973] - 20/08/2013 - 18:12:20 ---A- - C:\Windows\Prefetch\MMC.EXE-08618A3A.pf
O45 - LFCP:[MD5.56C607AB678518CC9E88A4035BEF4905] - 20/08/2013 - 18:16:13 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B56F55D8.pf
O45 - LFCP:[MD5.0335A738A1C4EE271881F8F19E1D3EAA] - 20/08/2013 - 18:18:11 ---A- - C:\Windows\Prefetch\UPDATER.EXE-934D43EC.pf
O45 - LFCP:[MD5.BC5039CA7CEE349FA607CCDA0321187B] - 20/08/2013 - 18:18:56 ---A- - C:\Windows\Prefetch\MSASCUI.EXE-F24EB6A6.pf
O45 - LFCP:[MD5.B0C5B8C404897C840C3E155FF1046146] - 20/08/2013 - 18:29:27 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-BA44849A.pf
O45 - LFCP:[MD5.9BDB226B98375EB0BB4336232ADBF3D5] - 20/08/2013 - 18:31:38 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-C2BAE433.pf
O45 - LFCP:[MD5.AD809FB36C8FD265C0FFE3E4477FDCC2] - 20/08/2013 - 18:31:50 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-8C8B6BAA.pf
O45 - LFCP:[MD5.B64890C5CED49E6CA8486E86879CEE7F] - 20/08/2013 - 18:31:54 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-B6BE509D.pf
O45 - LFCP:[MD5.16B7B91367EA4F6DD1585CE1B94A51CA] - 20/08/2013 - 18:56:02 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-B7AD469C.pf
O45 - LFCP:[MD5.8D4F028E073482174E835BB09BA6EA02] - 20/08/2013 - 18:57:02 ---A- - C:\Windows\Prefetch\CHROME.EXE-46AA1511.pf
O45 - LFCP:[MD5.153B3A03F3887967B1701F37DF8E69E1] - 20/08/2013 - 19:00:33 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-49C2C2BC.pf
O45 - LFCP:[MD5.8083582E4B1C8CB1A335DC9FD7AA1E62] - 20/08/2013 - 19:00:33 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-EF9686EF.pf
O45 - LFCP:[MD5.9327C055F29DDC433EBAE463F40353D0] - 20/08/2013 - 19:01:33 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-26D073B4.pf
O45 - LFCP:[MD5.FA362D09BBAF0D0BFB365174D3C5E384] - 20/08/2013 - 19:05:01 ---A- - C:\Windows\Prefetch\FIREFOX SETUP STUB 23.0.1.EXE-22B88F60.pf
O45 - LFCP:[MD5.A6B0EDE23E312D7C3EACF59CCD823C86] - 20/08/2013 - 19:05:05 ---A- - C:\Windows\Prefetch\SETUP-STUB.EXE-95D86983.pf
O45 - LFCP:[MD5.DA2D97DD3C6C3042CD44B6429F0D5153] - 20/08/2013 - 19:24:21 ---A- - C:\Windows\Prefetch\OPENWITH.EXE-E8CAB075.pf
O45 - LFCP:[MD5.C644AACE4270523247DA8E7511250512] - 20/08/2013 - 19:38:56 ---A- - C:\Windows\Prefetch\VIDEOPERFORMERSETUP.EXE-D5B71C2A.pf  =>PUP.VideoPerformer
O45 - LFCP:[MD5.8B486DDFB61182CDA3C8B08CF060F8D9] - 20/08/2013 - 19:40:08 ---A- - C:\Windows\Prefetch\SETUP.EXE-40E6C48E.pf
O45 - LFCP:[MD5.94316C2ADE3A43A1A43CF449DF88A5EA] - 20/08/2013 - 19:41:31 ---A- - C:\Windows\Prefetch\COMPONENT_613-FD6E795C.pf
O45 - LFCP:[MD5.348B3055F7FF65E5BF365FBEEAB2CD93] - 20/08/2013 - 19:53:26 ---A- - C:\Windows\Prefetch\ADWCLEANER.EXE-54A52386.pf
O45 - LFCP:[MD5.8501B3A9AFD624BCC4487E96C168929B] - 20/08/2013 - 20:38:35 ---A- - C:\Windows\Prefetch\PCCONFIG(2).EXE-92D20B4C.pf
O45 - LFCP:[MD5.3EC85A0AFCA313B611EBC578E4A7A81F] - 20/08/2013 - 21:44:06 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-57A853C4.pf
O45 - LFCP:[MD5.CE2237AEBAB307091A71D978613D298F] - 20/08/2013 - 21:45:10 ---A- - C:\Windows\Prefetch\PCCONFIG.EXE-252A0377.pf
O45 - LFCP:[MD5.C2BE32CA39D7BFE556342A22432771B6] - 20/08/2013 - 21:56:11 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-319FC3CE.pf
O45 - LFCP:[MD5.0F3CE7C5861983CC4FBABE64D92D85AD] - 20/08/2013 - 22:00:28 ---A- - C:\Windows\Prefetch\QUICKTIMEPLAYER.EXE-6E8BA001.pf
O45 - LFCP:[MD5.651FDFA01A76FAF8BD804DBA7A31A4AB] - 20/08/2013 - 22:00:42 ---A- - C:\Windows\Prefetch\EXPORTCONTROLLER.EXE-3CEBBF90.pf
O45 - LFCP:[MD5.8860F74B5B7C70763D47D6D6694BADCC] - 20/08/2013 - 22:02:06 ---A- - C:\Windows\Prefetch\NET.EXE-2338FB6A.pf
O45 - LFCP:[MD5.FF417BE295D32F89C214C6E26ACA87CC] - 20/08/2013 - 22:02:06 ---A- - C:\Windows\Prefetch\NET1.EXE-E87E28CF.pf
O45 - LFCP:[MD5.93B58F7A98824FE7EA96BE0AE752E119] - 20/08/2013 - 22:02:07 ---A- - C:\Windows\Prefetch\NETSH.EXE-0D54B5F9.pf
O45 - LFCP:[MD5.977E33F4B2305C7FC6A314E48583CF9E] - 20/08/2013 - 22:04:45 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-AB98824D.pf
O45 - LFCP:[MD5.C3F17B30088C708734154C1DB8E17014] - 21/08/2013 - 02:00:01 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-3E4D497D.pf
O45 - LFCP:[MD5.8C3C21E7C6AD0BBF518FCEA86A8FC268] - 21/08/2013 - 02:00:08 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-E8429924.pf
O45 - LFCP:[MD5.685B11221444FDDD274398B4094CF62B] - 21/08/2013 - 02:00:10 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-8B25982C.pf
O45 - LFCP:[MD5.76F7831F02EC541EC8971D204CC53CFD] - 21/08/2013 - 02:00:10 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-6B19F16C.pf
O45 - LFCP:[MD5.9A5D369C8D5F10A61B25DFA3F47A4F46] - 21/08/2013 - 02:00:10 ---A- - C:\Windows\Prefetch\TASKHOSTEX.EXE-98FBADE5.pf
O45 - LFCP:[MD5.FA137EAADEB876C0741638C6D090D382] - 21/08/2013 - 02:00:11 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-16D5183F.pf
O45 - LFCP:[MD5.7A7B4F87D90B634A443BB721ECFF05FC] - 21/08/2013 - 02:00:11 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-8C2F1441.pf
O45 - LFCP:[MD5.B5CB6C4F1983E617FD3C50735A879036] - 21/08/2013 - 02:00:45 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-9474B9EE.pf
O45 - LFCP:[MD5.B6AEF9B463C7AAF27128308FE42DB106] - 21/08/2013 - 02:00:45 ---A- - C:\Windows\Prefetch\NGEN.EXE-FD329D8A.pf
O45 - LFCP:[MD5.E3365F1EB60F34A2AD46C7335E5B321D] - 21/08/2013 - 02:00:59 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-1F1ABDEC.pf
O45 - LFCP:[MD5.EBF58D84E905187D8B71C51F8E4E5B61] - 21/08/2013 - 02:00:59 ---A- - C:\Windows\Prefetch\NGEN.EXE-0729BF48.pf
O45 - LFCP:[MD5.3EDB2118251B38A894A904B9B418C9BA] - 21/08/2013 - 02:02:37 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-F02989C3.pf
O45 - LFCP:[MD5.42BF7BC7E54CEDA88FE2B78863D1B417] - 21/08/2013 - 02:02:37 ---A- - C:\Windows\Prefetch\WINSAT.EXE-8D63C195.pf
O45 - LFCP:[MD5.B9546FF8241D8D12945463B125CD9B73] - 21/08/2013 - 04:58:50 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-945222CE.pf
O45 - LFCP:[MD5.1C9177C54C80441CE91BC2647974DA3B] - 21/08/2013 - 05:06:10 ---A- - C:\Windows\Prefetch\MBAM-SETUP-1.75.0.1300.TMP-69DD1E75.pf
O45 - LFCP:[MD5.6789E47604404DFDB042FB76BBE776DD] - 21/08/2013 - 05:06:13 ---A- - C:\Windows\Prefetch\MBAM-SETUP-1.75.0.1300.EXE-1B5E5657.pf
O45 - LFCP:[MD5.E4D4BADE3289D20806F95960475F3EA9] - 21/08/2013 - 05:06:13 ---A- - C:\Windows\Prefetch\MBAM-SETUP-1.75.0.1300.TMP-BA27CB88.pf
O45 - LFCP:[MD5.7BD18751C46EA8D4DA377C1B8F596670] - 21/08/2013 - 05:07:59 ---A- - C:\Windows\Prefetch\MBAMGUI.EXE-61969F2F.pf
O45 - LFCP:[MD5.F60968A6DDA51EAC92A0E543412AD9BE] - 21/08/2013 - 05:07:59 ---A- - C:\Windows\Prefetch\MBAMSCHEDULER.EXE-96EB71B9.pf
O45 - LFCP:[MD5.9BEE97DB987F0CEB46FED14E125649C1] - 21/08/2013 - 05:07:59 ---A- - C:\Windows\Prefetch\MBAMSERVICE.EXE-AFBB6D13.pf
O45 - LFCP:[MD5.6CE99FA62732403A66F72BF23DBF8AE2] - 21/08/2013 - 05:13:17 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-614DD671.pf
O45 - LFCP:[MD5.D2911E268905F76411E8CCF84CA42235] - 21/08/2013 - 05:13:26 ---A- - C:\Windows\Prefetch\MBAM.EXE-DB76B65E.pf
O45 - LFCP:[MD5.8F946C971A604375C185F0A08B541533] - 21/08/2013 - 06:22:14 ---A- - C:\Windows\Prefetch\REGEDIT.EXE-0CD4EFEC.pf
O45 - LFCP:[MD5.BCCB1F6FFA079F9B35856F90751FB37E] - 21/08/2013 - 06:27:31 ---A- - C:\Windows\Prefetch\ISMAGENT.EXE-C19339B3.pf
O45 - LFCP:[MD5.90ADFB306EC1BB961D7BAC326CC76E95] - 21/08/2013 - 06:53:26 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-0544ABC9.pf
O45 - LFCP:[MD5.B1B5ADDD71BAB233D723F6D33BD5D1BE] - 21/08/2013 - 12:24:11 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-D0853078.pf
O45 - LFCP:[MD5.9250D19AE8F5B69DF075CF181D15E277] - 21/08/2013 - 12:24:11 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.DA5FC14702DDC270A6EA23F08CC52E1F] - 21/08/2013 - 12:24:16 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.F68BF89FC32C991B026EC4546EF76E43] - 21/08/2013 - 12:25:17 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.4237B5641356AC78CE5639EF29788087] - 21/08/2013 - 13:08:49 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-C719225B.pf
O45 - LFCP:[MD5.1F112981BE0998C867C6EF12D789772A] - 21/08/2013 - 17:57:11 ---A- - C:\Windows\Prefetch\WUDFHOST.EXE-3C35C0DB.pf
O45 - LFCP:[MD5.847BD6C9BCB5D627AA57993584B20787] - 21/08/2013 - 17:57:48 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-3540232944-3643166865-3503105569-1001.db
O45 - LFCP:[MD5.92DC6457486DB883721D054F3AA3A9B2] - 21/08/2013 - 17:57:48 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-3540232944-3643166865-3503105569-1001.db
O45 - LFCP:[MD5.232EFBB63868A9BE735B66187E75E633] - 21/08/2013 - 18:04:37 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-ACCA5D8C.pf
O45 - LFCP:[MD5.EAB013272214F4050EBCD01C891910A0] - 21/08/2013 - 18:04:39 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-DBEF3AE5.pf
O45 - LFCP:[MD5.CC5C8228D0F949CCF6C32FDF951A97F4] - 21/08/2013 - 18:04:40 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-6D783811.pf
O45 - LFCP:[MD5.CC1341ED37F15D658D62980647DED485] - 21/08/2013 - 18:04:56 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-4FCA2B33.pf
O45 - LFCP:[MD5.4261829AA1245E69B600A7496B95A07F] - 21/08/2013 - 18:07:24 ---A- - C:\Windows\Prefetch\PCCONFIG.EXE-B12807E0.pf
O45 - LFCP:[MD5.666634ED3570E7933C94F79BFCF06D42] - 21/08/2013 - 18:07:34 ---A- - C:\Windows\Prefetch\REG.EXE-2BDCBF7D.pf
O45 - LFCP:[MD5.D0E18583363DC1694928B0F5BB681A36] - 21/08/2013 - 18:07:35 ---A- - C:\Windows\Prefetch\FINDSTR.EXE-F60D9C59.pf
O45 - LFCP:[MD5.A07ACDAE74CC490DB8BA44C68C4B101A] - 21/08/2013 - 18:14:22 ---A- - C:\Windows\Prefetch\HELPPANE.EXE-886E0A92.pf
O45 - LFCP:[MD5.C5C7F02F87C4261580A36F2BBE477B98] - 21/08/2013 - 18:15:21 ---A- - C:\Windows\Prefetch\SNIPPINGTOOL.EXE-36C3795D.pf
O45 - LFCP:[MD5.83D307C3D3670B61B18AA1918DBD431C] - 21/08/2013 - 18:21:34 ---A- - C:\Windows\Prefetch\MMC.EXE-11B25F17.pf
O45 - LFCP:[MD5.6EED57A791ECD5FD7FF041E6C4B34D7B] - 21/08/2013 - 18:22:05 ---A- - C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_8_800_94-B1486452.pf
O45 - LFCP:[MD5.55FEB482D21CE0B5F595A8C4DFF16099] - 21/08/2013 - 18:22:05 ---A- - C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-5EC0925A.pf
O45 - LFCP:[MD5.0B04CD6B1C23BEC43D2986C5BAB1600A] - 21/08/2013 - 18:24:52 ---A- - C:\Windows\Prefetch\CONTROL.EXE-48F0BB94.pf
O45 - LFCP:[MD5.55515295B1C81C53E514650CC686522C] - 21/08/2013 - 18:25:04 ---A- - C:\Windows\Prefetch\MMC.EXE-83A3AA59.pf
O45 - LFCP:[MD5.98E602BA259E68DAE5E793F36BDB895F] - 21/08/2013 - 18:26:16 ---A- - C:\Windows\Prefetch\Op-EXPLORER.EXE-319FC3CE-000000F5.pf
O45 - LFCP:[MD5.EF85AFA8D3500424DCF0595367716689] - 21/08/2013 - 18:26:48 ---A- - C:\Windows\Prefetch\SYSTEMPROPERTIESCOMPUTERNAME.-0AF2D4D9.pf
O45 - LFCP:[MD5.25118B4B7E5B8F2AEF30E94B65D4CD2E] - 21/08/2013 - 18:32:34 ---A- - C:\Windows\Prefetch\MMC.EXE-13D555FA.pf
O45 - LFCP:[MD5.89C2F18FC2CA2AFD4194E80D3B79CEA2] - 21/08/2013 - 18:34:18 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-0C79BE25.pf
O45 - LFCP:[MD5.1E4C2B8AF7FCF022F763487F2E8305AB] - 21/08/2013 - 18:36:29 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.F2DB1BBC82D0A093559189BCCDCF1BB7] - 21/08/2013 - 18:36:29 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.C73D05E111DDB84AC7AFEA0CA8E49D26] - 21/08/2013 - 18:36:29 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.966A6FF2207739EE72D4CBAF549CF2A3] - 21/08/2013 - 18:36:30 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.F5B3394380C450AC4A5F8A31D6825BE0] - 21/08/2013 - 18:37:41 ---A- - C:\Windows\Prefetch\GLBA7C4.TMP-15AB8F5C.pf
O45 - LFCP:[MD5.D26557AAA4451FFD40E1FD01EE5056AB] - 21/08/2013 - 18:37:41 ---A- - C:\Windows\Prefetch\MCPR.EXE-4F405DEA.pf
O45 - LFCP:[MD5.3318512FF26564EA964C1BCCF4106068] - 21/08/2013 - 18:37:52 ---A- - C:\Windows\Prefetch\MCCLNUI.EXE-BD82A2A5.pf
O45 - LFCP:[MD5.A9307BD67F4F1FF4912334C71A445745] - 21/08/2013 - 18:37:56 ---A- - C:\Windows\Prefetch\TASKENG.EXE-10460F00.pf
O45 - LFCP:[MD5.36CCF5C1BE4A81BEC5E87BFC2E88C9D2] - 21/08/2013 - 18:37:57 ---A- - C:\Windows\Prefetch\MCCLEANUP.EXE-E566AE9E.pf
O45 - LFCP:[MD5.8F6FED12C08414E5EAAAD877D30F7421] - 21/08/2013 - 18:38:09 ---A- - C:\Windows\Prefetch\REGEDIT.EXE-E795271F.pf
O45 - LFCP:[MD5.C6F34A20C62EFE89E6460684C8492AC1] - 21/08/2013 - 18:38:10 ---A- - C:\Windows\Prefetch\NET.EXE-84C882AE.pf
O45 - LFCP:[MD5.2E9D1B8E68725CF133E32D5A88D75347] - 21/08/2013 - 18:38:10 ---A- - C:\Windows\Prefetch\NET1.EXE-A1088373.pf
O45 - LFCP:[MD5.62F0BE7B2BE57747E887A75C4705A8E8] - 21/08/2013 - 18:38:10 ---A- - C:\Windows\Prefetch\UI0DETECT.EXE-788A4CC2.pf
O45 - LFCP:[MD5.606A81A955DCE6686E00DF2C88881D00] - 21/08/2013 - 18:38:12 ---A- - C:\Windows\Prefetch\CMD.EXE-8E75B5BB.pf
O45 - LFCP:[MD5.2614015190C0B68BFD54A33AC8FB8E9A] - 21/08/2013 - 18:38:12 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-1098A44D.pf
O45 - LFCP:[MD5.2C87D8339880A0B9DE817A48CA04FB6B] - 21/08/2013 - 18:38:54 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-05557A97.pf
O45 - LFCP:[MD5.8860D58D8C08AA68FED7B637F9250D84] - 21/08/2013 - 18:38:56 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.6256AEAD19081D91E675656E9298CD12] - 21/08/2013 - 18:42:47 ---A- - C:\Windows\Prefetch\INTELMEFWSERVICE.EXE-AC078086.pf
O45 - LFCP:[MD5.A256BA1B709E05BB73D68F921FE3CACA] - 21/08/2013 - 18:42:48 ---A- - C:\Windows\Prefetch\LMS.EXE-9AB5CC4C.pf
O45 - LFCP:[MD5.B5D30DF07BEEACF7A57FCF54FE5DDD3B] - 21/08/2013 - 18:43:08 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-9DAF2683.pf
O45 - LFCP:[MD5.6DA6B732ED59768E161B682429816BAE] - 21/08/2013 - 18:43:14 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-C215DBE0.pf
O45 - LFCP:[MD5.DFBF1D4765A9ABA7B93226A1A43E798C] - 21/08/2013 - 18:43:18 ---A- - C:\Windows\Prefetch\UNS.EXE-F5296B40.pf
O45 - LFCP:[MD5.4D12E383915BBBA5504CB7C014629913] - 21/08/2013 - 18:43:21 ---A- - C:\Windows\Prefetch\IGFXSRVC.EXE-22DB5C03.pf
O45 - LFCP:[MD5.4579BAAFDDAFCAEA76C226662D8CF721] - 21/08/2013 - 18:43:23 ---A- - C:\Windows\Prefetch\HKCMD.EXE-C9BBDB22.pf
O45 - LFCP:[MD5.350FB113706E542962732D0ABAA542DF] - 21/08/2013 - 18:43:23 ---A- - C:\Windows\Prefetch\IGFXTRAY.EXE-507AEBDD.pf
O45 - LFCP:[MD5.CEAD580FD37F889975E1367526B67438] - 21/08/2013 - 18:43:23 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-30C0D75E.pf
O45 - LFCP:[MD5.0F6CE3768E9410F5B12B184577FCAB3C] - 21/08/2013 - 18:43:24 ---A- - C:\Windows\Prefetch\IGFXPERS.EXE-B1848267.pf
O45 - LFCP:[MD5.9504EFB91F6A0F752FDDCF4113C51A10] - 21/08/2013 - 18:43:25 ---A- - C:\Windows\Prefetch\AMICOSINGLUN64.EXE-493A6F1C.pf
O45 - LFCP:[MD5.2D6A10B74CA22BB5ED62A4354D341A09] - 21/08/2013 - 18:43:25 ---A- - C:\Windows\Prefetch\MUISTARTMENU.EXE-95635E0A.pf
O45 - LFCP:[MD5.BC00CFBF3B7DE6C81E3F2AE772FDA482] - 21/08/2013 - 18:43:28 ---A- - C:\Windows\Prefetch\BTTRAY.EXE-87E7C92B.pf
O45 - LFCP:[MD5.3B47F7630771D66B1C9EE8D2DA21531D] - 21/08/2013 - 18:43:31 ---A- - C:\Windows\Prefetch\AVASTEMUPDATE.EXE-5D3FAB3A.pf
O45 - LFCP:[MD5.06D62B7E74E61E5C0C328862BD415C0E] - 21/08/2013 - 18:43:32 ---A- - C:\Windows\Prefetch\VM332STI.EXE-47ED9B78.pf
O45 - LFCP:[MD5.EDAF0715C638DE890955C33C76EF22E9] - 21/08/2013 - 18:43:34 ---A- - C:\Windows\Prefetch\ENERGY MANAGEMENT.EXE-AE7287B9.pf
O45 - LFCP:[MD5.1B5BE73E4AC6AEC83484DF8515A41E20] - 21/08/2013 - 18:43:36 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-E618712D.pf
O45 - LFCP:[MD5.F22CD3904FFEC1B849F8F80FAA595ADF] - 21/08/2013 - 18:43:38 ---A- - C:\Windows\Prefetch\AVASTUI.EXE-9EC1568F.pf
O45 - LFCP:[MD5.72FDC271AA6BC2D988D0C9ADA39B4A82] - 21/08/2013 - 18:43:42 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-2E3D451A.pf
O45 - LFCP:[MD5.43267FFED373A2124DE951F336A4CE2A] - 21/08/2013 - 18:43:45 ---A- - C:\Windows\Prefetch\BTSTACKSERVER.EXE-ECAC6054.pf
O45 - LFCP:[MD5.81A306ADF15625020C637379E5C20C54] - 21/08/2013 - 18:44:01 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-9FB27C0E.pf
O45 - LFCP:[MD5.8D3AFDF63DE17C26DB9477AD972592F3] - 21/08/2013 - 18:44:01 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-23DB6E8D.pf
O45 - LFCP:[MD5.CB72525D077649ADF5E182CD47D3C49A] - 21/08/2013 - 18:44:02 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-DDB228B1.pf
O45 - LFCP:[MD5.8D1B35670188A08D174266F9CC05AF52] - 21/08/2013 - 18:44:24 ---A- - C:\Windows\Prefetch\CCLEANER64.EXE-DE05DBE1.pf  =>Piriform Ltd
O45 - LFCP:[MD5.731B16378EFA84FC3410099E87EC23B8] - 21/08/2013 - 18:44:30 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-3FA5A921.pf
O45 - LFCP:[MD5.D8F355120346158FEADB22997B83479F] - 21/08/2013 - 18:45:20 ---A- - C:\Windows\Prefetch\WINWORD.EXE-B410C66E.pf
O45 - LFCP:[MD5.A6DE6017FD759CDC3699DBA194B19848] - 21/08/2013 - 18:45:28 ---A- - C:\Windows\Prefetch\SPLWOW64.EXE-B30DB99F.pf
O45 - LFCP:[MD5.55147DCE1E94B71B7A807803B52A1B1E] - 21/08/2013 - 18:46:00 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-856E5CA0.pf
O45 - LFCP:[MD5.8EFE93F07233AE206356227E14549D7E] - 21/08/2013 - 18:46:06 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-89BBBD82.pf
O45 - LFCP:[MD5.4FAECFDE881697D57320EDE6D6C89169] - 21/08/2013 - 18:46:12 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-21849C31.pf
O45 - LFCP:[MD5.3DCD392A737CD989F02F354F400242B4] - 21/08/2013 - 18:46:12 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-3470DB6B.pf
O45 - LFCP:[MD5.EA0D4DEF92D1A2F7E467B87E7015DFA2] - 21/08/2013 - 18:46:20 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-8D64B00B.pf
O45 - LFCP:[MD5.F68EC5117AD0725122FDBD85256EFCEC] - 21/08/2013 - 18:46:24 ---A- - C:\Windows\Prefetch\THUMBNAILEXTRACTIONHOST.EXE-38FED75E.pf
O45 - LFCP:[MD5.9FF42617142FAA58B3C38A296D51DECD] - 21/08/2013 - 18:46:29 ---A- - C:\Windows\Prefetch\RUNTIMEBROKER.EXE-EA73507C.pf
O45 - LFCP:[MD5.73B926563CCFA1D0C3F33B95251F3D4B] - 21/08/2013 - 18:46:31 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-6F7B2AEE.pf
O45 - LFCP:[MD5.C514E669A2095E7F60BBD24989372699] - 21/08/2013 - 18:46:50 ---A- - C:\Windows\Prefetch\AVAST.SETUP-A0215ABD.pf
O45 - LFCP:[MD5.590719EA0DCEC169B995DDC4BD5C671D] - 21/08/2013 - 18:46:50 ---A- - C:\Windows\Prefetch\AVBUGREPORT.EXE-39B1CF2B.pf
O45 - LFCP:[MD5.BCD11D57363836BB6843E82281C2EC22] - 21/08/2013 - 18:46:50 ---A- - C:\Windows\Prefetch\CONHOST.EXE-E6AFC9F5.pf
O45 - LFCP:[MD5.F3CA401FF8F8A8172B54CDFB4E4CC942] - 21/08/2013 - 18:47:26 ---A- - C:\Windows\Prefetch\CONSENT.EXE-1A8D0661.pf
O45 - LFCP:[MD5.2129FE135D07599DB6892398760E3A9E] - 21/08/2013 - 18:47:31 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6FC4F289.pf
O45 - LFCP:[MD5.0865CAA8D3A7E3F225C04DD50C3E5FEB] - 21/08/2013 - 18:48:15 ---A- - C:\Windows\Prefetch\CMD.EXE-F0053CFF.pf
O45 - LFCP:[MD5.EA9F31BDA45B9323951D78001CEA4EDB] - 21/08/2013 - 18:48:25 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-634A3CB0.pf
O45 - LFCP:[MD5.C07659602665A384C284180124D7C066] - 21/08/2013 - 18:49:08 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-EBC7B73B.pf
O45 - LFCP:[MD5.229E3D063E515115E0091A70614FCFD5] - 21/08/2013 - 18:49:20 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-C38B63DD.pf
O45 - LFCP:[MD5.364F9BD6B8B0FC86A45355E71F9CD35D] - 21/08/2013 - 18:49:25 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-98D1211E.pf
O45 - LFCP:[MD5.B2849C5DE7C8788ACEBDEC185EA0127C] - 21/08/2013 - 18:49:35 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-2434205E.pf
O45 - LFCP:[MD5.682DC3544ED05BD7675DC241CABEC315] - 21/08/2013 - 18:50:23 ---A- - C:\Windows\Prefetch\FP_SMBIOS.EXE-9C9C8640.pf
O45 - LFCP:[MD5.BF19558F19B638BB086AAFE63E07C096] - 21/08/2013 - 18:50:24 ---A- - C:\Windows\Prefetch\LSCSERVICE.EXE-31BE46CD.pf
O45 - LFCP:[MD5.70FB522DB91C2D778FAA2B95D8B08245] - 21/08/2013 - 18:50:32 ---A- - C:\Windows\Prefetch\FHSETUP64.EXE-A786FDC1.pf
O45 - LFCP:[MD5.624163EC6EEEA0129AD7DBF38EF7E159] - 21/08/2013 - 18:50:32 ---A- - C:\Windows\Prefetch\LSC.EXE-8CE24D87.pf
O45 - LFCP:[MD5.2E37217C8CE27CB778B378743DB36AA7] - 21/08/2013 - 18:50:33 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-D7251EA3.pf
O45 - LFCP:[MD5.7DA13D3F58FCD6629EBF12840BCB7439] - 21/08/2013 - 18:50:33 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-8DDA8D43.pf
O45 - LFCP:[MD5.CFE27A0033A46663A2F9425B03E57304] - 21/08/2013 - 18:50:37 ---A- - C:\Windows\Prefetch\LDIAG_STORAGE_X64.EXE-C7F7C301.pf
O45 - LFCP:[MD5.AC5250761388611A753BAEA8530248E2] - 21/08/2013 - 18:50:37 ---A- - C:\Windows\Prefetch\PV.EXE-AC69E3A9.pf
O45 - LFCP:[MD5.9CE26CBDE5075AB0F1D7652310E8C0D6] - 21/08/2013 - 18:50:39 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-DF1B2B47.pf
O45 - LFCP:[MD5.EAD484F3E610EC9E3D902598EFC5923C] - 21/08/2013 - 18:50:40 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-6025096A.pf
O45 - LFCP:[MD5.3960FC721AEFBA253BF8619B64FA9DA0] - 21/08/2013 - 18:50:51 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-58930B20.pf
O45 - LFCP:[MD5.B4496A28D630376190AD33D28147B981] - 21/08/2013 - 18:50:52 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-E9C29A2C.pf
O45 - LFCP:[MD5.2FFF1B00FD857A8B9ECBCBECE86AD8C9] - 21/08/2013 - 18:50:54 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-AC4C71BD.pf
O45 - LFCP:[MD5.BD06C6F58D6EB3DBC3AE1E1A7CA38D15] - 21/08/2013 - 18:50:54 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-399051B7.pf
O45 - LFCP:[MD5.158F0FF0B7251B3D666D638CD17202F5] - 21/08/2013 - 18:50:54 ---A- - C:\Windows\Prefetch\TIWORKER.EXE-13A67EE4.pf
O45 - LFCP:[MD5.41D927AA71CE96134B3D185364FED45B] - 21/08/2013 - 18:50:57 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-25E44A5A.pf
O45 - LFCP:[MD5.8ADA7088FB40260739DC18DE4C4E850C] - 21/08/2013 - 18:50:57 ---A- - C:\Windows\Prefetch\VSSVC.EXE-D44D9F00.pf
O45 - LFCP:[MD5.AB1436E7F44CDFE0C129F23A1AC09908] - 21/08/2013 - 18:51:00 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-6A46892D.pf
O45 - LFCP:[MD5.46F10305F40F0D98883ECD429FD4110D] - 22/07/2013 - 13:54:36 ---A- - C:\Windows\Prefetch\FLV-MEDIA-PLAYER.EXE-6E3DCC83.pf
O45 - LFCP:[MD5.CE3DAA15FF500D1A0F2DAA42ABD3283B] - 22/07/2013 - 13:55:26 ---A- - C:\Windows\Prefetch\SILVERLIGHT.EXE-132F3E5F.pf
O45 - LFCP:[MD5.36EC0095E4B24D2849DBFB8B607D7F5D] - 22/07/2013 - 17:45:56 ---A- - C:\Windows\Prefetch\NOTIFICATION.EXE-FD9E74C1.pf
O45 - LFCP:[MD5.2F2C53CCDB44238F69BB1EA7C41D41F0] - 22/07/2013 - 17:56:18 ---A- - C:\Windows\Prefetch\UPSTV_FR_5.EXE-FAF3360A.pf
~ Prefetcher: 244 Scanned in 00mn 04s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ MWPE Keys: 3 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.4F18D4C7EA14F11A7211F60D553C03DB] - 26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys   [106736]
~ Drivers:  Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 19/08/2013 - 16:44:21 ---A- C:\Users\DORINE\AppData\Roaming\Skype\shared.xml   [66939]
O61 - LFC: 19/08/2013 - 16:44:36 ---A- C:\Users\DORINE\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\LiveComm.etl   [655360]
O61 - LFC: 19/08/2013 - 16:44:36 ---A- C:\Users\DORINE\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\Microsoft.WindowsLive.ModernPhotos.etl   [3276800]
O61 - LFC: 19/08/2013 - 16:44:36 ---A- C:\Users\DORINE\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\ModernPhoto.edb   [180387840]
O61 - LFC: 19/08/2013 - 17:07:46 ---A- C:\Users\DORINE\AppData\Local\Diagnostics\460911090\2013081916.000\results.xsl   [49097]
O61 - LFC: 19/08/2013 - 17:07:55 ---A- C:\Users\DORINE\AppData\Local\Diagnostics\460911090\2013081916.000\DBD3321F-40F9-45DE-8AA5-33E31FA03150.Diagnose.0.etl   [196608]
O61 - LFC: 19/08/2013 - 17:07:55 ---A- C:\Users\DORINE\AppData\Local\Temp\DBD3321F-40F9-45DE-8AA5-33E31FA03150.Diagnose.0.etl   [196608]
O61 - LFC: 19/08/2013 - 17:07:56 ---A- C:\Users\DORINE\AppData\Local\Diagnostics\460911090\2013081916.000\NetworkConfiguration.cab   [1845]
O61 - LFC: 19/08/2013 - 17:08:16 ---A- C:\Users\DORINE\AppData\Local\Diagnostics\460911090\2013081916.000\NetworkDiagnostics.debugreport.xml   [6661]
O61 - LFC: 19/08/2013 - 17:08:16 ---A- C:\Users\DORINE\AppData\Local\Diagnostics\460911090\2013081916.000\ResultReport.xml   [40823]
O61 - LFC: 19/08/2013 - 17:08:16 ---A- C:\Users\DORINE\AppData\Local\Diagnostics\460911090\2013081916.000\results.xml   [237]
O61 - LFC: 19/08/2013 - 17:08:16 ---A- C:\Users\DORINE\AppData\Local\Diagnostics\460911090\latest.cab   [18120]
O61 - LFC: 19/08/2013 - 17:14:06 ---A- C:\Users\DORINE\AppData\Local\Temp\C6BF7D8A-BAB0-7891-AD4F-B06CBBE75ECF\bab457.TB_NewWay.dat   [173]
O61 - LFC: 19/08/2013 - 17:14:07 ---A- C:\Users\DORINE\AppData\Local\Temp\C6BF7D8A-BAB0-7891-AD4F-B06CBBE75ECF\bab098.claroico.zpb   [953]
O61 - LFC: 19/08/2013 - 17:14:07 ---A- C:\Users\DORINE\AppData\Local\Temp\C6BF7D8A-BAB0-7891-AD4F-B06CBBE75ECF\bab138.deltatb_dmn.zpb   [254]  =>Toolbar.DeltaSearch
O61 - LFC: 19/08/2013 - 17:14:07 ---A- C:\Users\DORINE\AppData\Local\Temp\C6BF7D8A-BAB0-7891-AD4F-B06CBBE75ECF\bab149.spreg.zpb   [299]
O61 - LFC: 19/08/2013 - 17:14:14 ---A- C:\Users\DORINE\AppData\Local\Temp\C6BF7D8A-BAB0-7891-AD4F-B06CBBE75ECF\BUsolution_enh.zpb   [227012]
O61 - LFC: 19/08/2013 - 17:17:14 ---A- C:\Users\DORINE\Downloads\adwcleaner.exe   [666633]
O61 - LFC: 19/08/2013 - 17:23:44 ---A- C:\Users\DORINE\AppData\Roaming\Skype\shared_dynco\dc.db   [2318336]
O61 - LFC: 19/08/2013 - 17:23:45 ---A- C:\Users\DORINE\AppData\Roaming\Skype\shared_dynco\dc.db-journal   [1161944]
O61 - LFC: 19/08/2013 - 21:00:56 ---A- C:\Users\DORINE\AppData\Local\resmon.resmoncfg   [7598]
O61 - LFC: 19/08/2013 - 21:16:40 ---A- C:\Users\DORINE\AppData\Local\ElevatedDiagnostics\460911090\2013081920.000\results.xsl   [49097]
O61 - LFC: 19/08/2013 - 21:17:10 ---A- C:\Users\DORINE\AppData\Local\ElevatedDiagnostics\460911090\2013081920.000\NetworkDiagnostics.debugreport.xml   [5135]
O61 - LFC: 19/08/2013 - 21:17:10 ---A- C:\Users\DORINE\AppData\Local\ElevatedDiagnostics\460911090\2013081920.000\ResultReport.xml   [40822]
O61 - LFC: 19/08/2013 - 21:17:10 ---A- C:\Users\DORINE\AppData\Local\ElevatedDiagnostics\460911090\2013081920.000\results.xml   [237]
O61 - LFC: 19/08/2013 - 21:17:10 ---A- C:\Users\DORINE\AppData\Local\ElevatedDiagnostics\460911090\latest.cab   [12333]
O61 - LFC: 19/08/2013 - 21:24:23 ---A- C:\Users\DORINE\AppData\Roaming\Microsoft\Word\Enregistrement automatique deDocument1.asd   [0]
O61 - LFC: 20/08/2013 - 06:50:05 ---A- C:\Users\DORINE\AppData\Roaming\LSC\Local Store\lscStatus.xml   [835]
O61 - LFC: 20/08/2013 - 06:59:40 ---A- C:\Users\DORINE\AppData\Local\Packages\BrowserChoice_cw5n1h2txyewy\Settings\settings.dat   [8192]
O61 - LFC: 20/08/2013 - 06:59:42 ---A- C:\Users\DORINE\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 20/08/2013 - 06:59:44 ---A- C:\Users\DORINE\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\Settings\settings.dat   [262144]
O61 - LFC: 20/08/2013 - 06:59:45 ---A- C:\Users\DORINE\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\Settings\settings.dat   [262144]
O61 - LFC: 20/08/2013 - 07:12:45 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\BackgroundT72ca5658#\ca2c273ad9c2061f9f2eb7f4c5dc463e\BackgroundTasks_MetricCollection.ni.dll   [389632]
O61 - LFC: 20/08/2013 - 07:12:45 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\BackgroundT72ca5658#\ca2c273ad9c2061f9f2eb7f4c5dc463e\BackgroundTasks_MetricCollection.ni.dll.aux   [4968]
O61 - LFC: 20/08/2013 - 07:12:45 ---A- C:\Users\DORINE\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\f8fd27e3e4e647f2d66d35467e85ac09\Platform.ni.dll   [3164672]
O61 - LFC: 20/08/2013 - 07:12:45 ---A- C:\Users\DORINE\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\f8fd27e3e4e647f2d66d35467e85ac09\Platform.ni.dll.aux   [6900]
O61 - LFC: 20/08/2013 - 07:12:46 ---A- C:\Users\DORINE\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\AppEx.Commo18fc006f#\492be605f01b316765b917ffc49e1ffc\AppEx.Common.NewsBdiTransformer.ni.dll   [390144]
O61 - LFC: 20/08/2013 - 07:12:46 ---A- C:\Users\DORINE\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\AppEx.Commo18fc006f#\492be605f01b316765b917ffc49e1ffc\AppEx.Common.NewsBdiTransformer.ni.dll.aux   [3188]
O61 - LFC: 20/08/2013 - 07:12:47 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\BackgroundT30ed4b94#\4aecb28faf92e83426dbcc4c7c4c4c67\BackgroundTasks_Notifications.ni.dll   [942592]
O61 - LFC: 20/08/2013 - 07:12:47 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\BackgroundT30ed4b94#\4aecb28faf92e83426dbcc4c7c4c4c67\BackgroundTasks_Notifications.ni.dll.aux   [5104]
O61 - LFC: 20/08/2013 - 07:12:48 ---A- C:\Users\DORINE\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\CollectionProvider\2ccbd8735d61b07aba14ae566c8ff20d\CollectionProvider.ni.dll   [651776]
O61 - LFC: 20/08/2013 - 07:12:48 ---A- C:\Users\DORINE\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\CollectionProvider\2ccbd8735d61b07aba14ae566c8ff20d\CollectionProvider.ni.dll.aux   [5948]
O61 - LFC: 20/08/2013 - 07:12:49 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\Support\68d6fb0bed9bca0f308dfdc3456f6aeb\Support.ni.exe   [201728]
O61 - LFC: 20/08/2013 - 07:12:49 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\Support\68d6fb0bed9bca0f308dfdc3456f6aeb\Support.ni.exe.aux   [6876]
O61 - LFC: 20/08/2013 - 07:12:50 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\Common\c02508df0dbe3dd21c85c3edf6c42693\Common.ni.dll   [1331200]
O61 - LFC: 20/08/2013 - 07:12:50 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\Common\c02508df0dbe3dd21c85c3edf6c42693\Common.ni.dll.aux   [7484]
O61 - LFC: 20/08/2013 - 07:12:51 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\Components_2a72ee8c#\a4a6bec262ba05a5e07e423931337405\Components_MessageBulletin.ni.dll.aux   [5688]
O61 - LFC: 20/08/2013 - 07:12:52 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\Components_2a72ee8c#\a4a6bec262ba05a5e07e423931337405\Components_MessageBulletin.ni.dll   [287232]
O61 - LFC: 20/08/2013 - 07:12:52 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\Sections_Services\bde28a9574bec57f4fe6ef576a5aa267\Sections_Services.ni.dll   [162304]
O61 - LFC: 20/08/2013 - 07:12:52 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\Sections_Services\bde28a9574bec57f4fe6ef576a5aa267\Sections_Services.ni.dll.aux   [5056]
O61 - LFC: 20/08/2013 - 07:12:53 ---A- C:\Users\DORINE\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Map\da31931506f0d7564c3b6910a7abbdb8\Map.ni.exe   [2900480]
O61 - LFC: 20/08/2013 - 07:12:53 ---A- C:\Users\DORINE\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Map\da31931506f0d7564c3b6910a7abbdb8\Map.ni.exe.aux   [7652]
O61 - LFC: 20/08/2013 - 07:12:54 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\Sections_Re2d4030b1#\8a23b13de7382babef67c8f6c5c3de0d\Sections_Registration.ni.dll   [349696]
O61 - LFC: 20/08/2013 - 07:12:54 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\Sections_Re2d4030b1#\8a23b13de7382babef67c8f6c5c3de0d\Sections_Registration.ni.dll.aux   [6920]
O61 - LFC: 20/08/2013 - 07:12:55 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\Sections_Guides\cbb3c91dcf6b396da7f8d66bdec9592f\Sections_Guides.ni.dll   [279040]
O61 - LFC: 20/08/2013 - 07:12:55 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\Sections_Guides\cbb3c91dcf6b396da7f8d66bdec9592f\Sections_Guides.ni.dll.aux   [5024]
O61 - LFC: 20/08/2013 - 07:12:56 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\Components_1726dc93#\13890e517a518b433205dfd48113a74b\Components_Communities.ni.dll   [412160]
O61 - LFC: 20/08/2013 - 07:12:56 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\Components_1726dc93#\13890e517a518b433205dfd48113a74b\Components_Communities.ni.dll.aux   [5840]
O61 - LFC: 20/08/2013 - 07:12:57 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\Sections_Sy8cf81cd9#\dd348a64ce527ec6182951272a25fb0d\Sections_SystemHealth.ni.dll.aux   [5116]
O61 - LFC: 20/08/2013 - 07:12:58 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\Sections_Sy8cf81cd9#\dd348a64ce527ec6182951272a25fb0d\Sections_SystemHealth.ni.dll   [508416]
O61 - LFC: 20/08/2013 - 07:12:59 ---A- C:\Users\DORINE\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\632ed9e7a560c042296479755e3c898e\Platform.ni.dll   [3164672]
O61 - LFC: 20/08/2013 - 07:12:59 ---A- C:\Users\DORINE\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\632ed9e7a560c042296479755e3c898e\Platform.ni.dll.aux   [6900]
O61 - LFC: 20/08/2013 - 07:13:01 ---A- C:\Users\DORINE\AppData\Local\Packages\rara.com.rara.com_2tghmx54nqzjm\AC\Microsoft\CLR_v4.0_32\NativeImages\rara.Metro\e91c4e50fd3195e87ba63138afe002a0\rara.Metro.ni.exe   [2569728]
O61 - LFC: 20/08/2013 - 07:13:01 ---A- C:\Users\DORINE\AppData\Local\Packages\rara.com.rara.com_2tghmx54nqzjm\AC\Microsoft\CLR_v4.0_32\NativeImages\rara.Metro\e91c4e50fd3195e87ba63138afe002a0\rara.Metro.ni.exe.aux   [8012]
O61 - LFC: 20/08/2013 - 07:13:03 ---A- C:\Users\DORINE\AppData\Local\Packages\rara.com.rara.com_2tghmx54nqzjm\AC\Microsoft\CLR_v4.0_32\NativeImages\Omnifone.Mars\3ee25546f00458a8b30049b14c67ec77\Omnifone.Mars.ni.dll   [525824]
O61 - LFC: 20/08/2013 - 07:13:03 ---A- C:\Users\DORINE\AppData\Local\Packages\rara.com.rara.com_2tghmx54nqzjm\AC\Microsoft\CLR_v4.0_32\NativeImages\Omnifone.Mars\3ee25546f00458a8b30049b14c67ec77\Omnifone.Mars.ni.dll.aux   [4500]
O61 - LFC: 20/08/2013 - 07:13:05 ---A- C:\Users\DORINE\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\75744eabdf38d48ba54b57588f178d7c\Platform.ni.dll   [3164672]
O61 - LFC: 20/08/2013 - 07:13:05 ---A- C:\Users\DORINE\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\75744eabdf38d48ba54b57588f178d7c\Platform.ni.dll.aux   [6900]
O61 - LFC: 20/08/2013 - 07:13:15 ---A- C:\Users\DORINE\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\AppEx.Trave4979206f#\6c199237f29a5a41dfaddcc9a2c21cc3\AppEx.Travel.Services.ni.dll   [5706752]
O61 - LFC: 20/08/2013 - 07:13:15 ---A- C:\Users\DORINE\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\AppEx.Trave4979206f#\6c199237f29a5a41dfaddcc9a2c21cc3\AppEx.Travel.Services.ni.dll.aux   [7512]
O61 - LFC: 20/08/2013 - 07:13:16 ---A- C:\Users\DORINE\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\AppEx.Travee71ecb87#\0432cacae54777df9a8cb36a0e21e8bb\AppEx.Travel.Utilities.ni.dll   [53760]
O61 - LFC: 20/08/2013 - 07:13:16 ---A- C:\Users\DORINE\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\AppEx.Travee71ecb87#\0432cacae54777df9a8cb36a0e21e8bb\AppEx.Travel.Utilities.ni.dll.aux   [2580]
O61 - LFC: 20/08/2013 - 18:29:03 ---A- C:\Users\DORINE\Downloads\ChromeSetup.exe   [784880]
O61 - LFC: 20/08/2013 - 19:26:43 ---A- C:\Users\DORINE\Downloads\adwcleaner(1).exe   [975858]
O61 - LFC: 20/08/2013 - 19:36:50 ---A- C:\Users\DORINE\AppData\Local\GDIPFONTCACHEV1.DAT   [119184]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\2972.html   [13316]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\2973.html   [5674]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\2976.html   [3831]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\2977.html   [5418]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\2978.html   [3848]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\2979.html   [2886]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\2998.html   [7032]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\3143.html   [7871]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\3231.html   [6179]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\3330.html   [8512]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\3363.html   [5569]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\3384.html   [5709]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\3389.html   [20139]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\3597.html   [19686]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\3598.html   [8096]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\3878.html   [19516]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\3940.html   [20138]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\ajax-loader.gif   [3208]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\ajax-loader2.gif   [6820]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\check.jpg   [1039]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\conditions\conditions.js   [1742]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\events\events.js   [22396]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\ib\arrow.gif   [207]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\ib\arrow.png   [911]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\ib\b-bg.gif   [295]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\ib\b3.gif   [384]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\ib\b4.gif   [661]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\ib\btn.png   [716]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\ib\btn2.png   [402]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\ib\center2.jpg   [305]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\ib\corn1.png   [139]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\ib\corn2.png   [136]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\ib\corn3.png   [138]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\ib\corn4.png   [130]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\ib\lbg-bottom.gif   [9289]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\ib\lbg-top.gif   [13909]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\ib\lbg.gif   [5373]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\ib\main.css   [8474]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\ib\mid.jpg   [403]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\ib\trust.gif   [437]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\js\config.js   [1037]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\js\jquery-1.7.min.js   [94020]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\js\jquery.noselect.min.js   [299]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\js\smart.js   [23124]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_2972_attr_3.png   [10529]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_2972_attr_46.bmp   [42546]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_2972_feature_.png   [7862]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_2973_attr_3.png   [10529]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_2973_attr_46.bmp   [42546]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_2976_attr_15.png   [13027]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_2976_attr_3.png   [10529]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_2976_attr_46.bmp   [42546]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_2977_attr_15.png   [13027]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_2977_attr_3.png   [10529]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_2977_attr_46.bmp   [42546]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_2978_attr_3.png   [10529]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_2978_attr_46.bmp   [42546]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_2979_attr_3.png   [10529]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_2979_attr_46.bmp   [42546]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_2998_attr_3.png   [10529]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_2998_attr_46.bmp   [42546]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3143_attr_3.png   [10529]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3143_attr_46.bmp   [42546]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3231_attr_3.png   [10529]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3231_attr_46.bmp   [42546]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3231_feature_405.png   [5608]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3330_attr_3.png   [10529]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3330_attr_46.bmp   [42546]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3363_attr_3.png   [10529]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3363_attr_46.bmp   [42546]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3384_attr_3.png   [10529]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3384_attr_46.bmp   [42546]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3389_attr_3.png   [10529]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3389_attr_46.bmp   [42546]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3597_attr_3.png   [10529]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3597_attr_46.bmp   [42546]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3597_feature_646.png   [2700]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3598_attr_3.png   [10529]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3598_attr_46.bmp   [42546]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3878_attr_3.png   [10529]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3878_attr_46.bmp   [42546]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3940_attr_3.png   [10529]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\page_3940_attr_46.bmp   [42546]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\pb-bg-left.jpg   [460]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\pb-bg-right.jpg   [468]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\pb-bg.jpg   [333]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\red-pb-act-left.jpg   [681]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\red-pb-act-right.jpg   [694]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\red-pb-act.jpg   [380]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\seesimilar.ico   [99678]  =>Adware.SeeSimilar
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\speedanalysis.ico   [30894]  =>PUP.SpeedAnalysis
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\template_40.png   [110]
O61 - LFC: 20/08/2013 - 19:38:52 ---A- C:\Users\DORINE\AppData\Roaming\speedanalysis.ico   [30894]  =>PUP.SpeedAnalysis
O61 - LFC: 20/08/2013 - 19:39:24 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\component_610   [784368]
O61 - LFC: 20/08/2013 - 19:39:57 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\intallLog   [192]
O61 - LFC: 20/08/2013 - 19:41:25 ---A- C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\component_369.part   [0]
O61 - LFC: 20/08/2013 - 20:05:43 ---A- C:\Users\DORINE\AppData\Local\LSC\StartupProgram\data\datastartup.fit   [4720]
O61 - LFC: 20/08/2013 - 20:09:47 ---A- C:\Users\DORINE\Downloads\PCConfig(1).exe   [99034]
O61 - LFC: 20/08/2013 - 20:38:13 ---A- C:\Users\DORINE\Downloads\PCConfig(2).exe   [2248280]
O61 - LFC: 20/08/2013 - 22:00:49 ---A- C:\Users\DORINE\AppData\Local\Apple Computer\QuickTime\QTPlayerSession.xml   [2025]
O61 - LFC: 21/08/2013 - 05:05:51 ---A- C:\Users\DORINE\Downloads\mbam-setup-1.75.0.1300.exe   [10285040]
O61 - LFC: 21/08/2013 - 06:22:14 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\2112072240.data   [747]
O61 - LFC: 21/08/2013 - 06:22:14 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\2112072240.quar   [366]
O61 - LFC: 21/08/2013 - 06:22:14 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\2339245026.data   [769]
O61 - LFC: 21/08/2013 - 06:22:14 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\2339245026.quar   [806272]
O61 - LFC: 21/08/2013 - 06:22:14 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\3414878693.data   [745]
O61 - LFC: 21/08/2013 - 06:22:14 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\3414878693.quar   [218]
O61 - LFC: 21/08/2013 - 06:22:14 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\4343805682.data   [740]
O61 - LFC: 21/08/2013 - 06:22:14 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\4343805682.quar   [9027352]
O61 - LFC: 21/08/2013 - 06:22:14 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\8108407532.data   [764]
O61 - LFC: 21/08/2013 - 06:22:14 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\8108407532.quar   [785488]
O61 - LFC: 21/08/2013 - 06:22:14 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\9758428214.data   [746]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\0835852334.data   [740]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\0835852334.quar   [55363]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\2287744758.data   [775]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\2287744758.quar   [10320]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\2385527997.data   [754]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\2385527997.quar   [393064]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\2689226168.data   [726]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\2689226168.quar   [1107512]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\3445331426.data   [757]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\3445331426.quar   [784368]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\3498998441.data   [1155]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\4100649491.data   [753]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\4100649491.quar   [806272]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\4108829060.data   [781]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\4108829060.quar   [427088]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\4218512620.data   [1148]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\4673934881.data   [765]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\4673934881.quar   [2200857]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\4894550668.data   [761]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\4894550668.quar   [182240]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\5107269495.data   [747]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\5107269495.quar   [2576280]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\5245168137.data   [1149]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\6528306432.data   [739]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\6528306432.quar   [1116584]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\6985023388.data   [729]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\6985023388.quar   [4482832]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\7076303141.data   [763]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\7076303141.quar   [1294848]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\8629525251.data   [1158]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\9284450170.data   [744]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\9284450170.quar   [8124782]
O61 - LFC: 21/08/2013 - 06:22:15 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\9758428214.quar   [4620384]
O61 - LFC: 21/08/2013 - 06:22:16 ---A- C:\Users\DORINE\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2013-08-21 (06-13-40).txt   [10002]
O61 - LFC: 21/08/2013 - 06:33:51 ---A- C:\Users\DORINE\AppData\Local\LSC\RestorePoint\data\dataRestorePoint.fit   [1870]
O61 - LFC: 21/08/2013 - 18:03:21 ---A- C:\Users\DORINE\Downloads\ZHPDiag2.exe   [5075028]
O61 - LFC: 21/08/2013 - 18:32:06 ---A- C:\Users\DORINE\AppData\Local\Temp\DORINE.bmp   [31832]
O61 - LFC: 21/08/2013 - 18:33:49 ---A- C:\Users\DORINE\AppData\Local\LSC\SoftwareChange\data\dataSoftwareChange.fit   [34052]
O61 - LFC: 21/08/2013 - 18:37:09 ---A- C:\Users\DORINE\Downloads\MCPR.exe   [608344]
O61 - LFC: 21/08/2013 - 18:38:52 ---A- C:\Users\DORINE\AppData\Roaming\Microsoft\Office\Word11.pip   [1692]
O61 - LFC: 21/08/2013 - 18:38:53 --HA- C:\Users\DORINE\AppData\Local\IconCache.db   [117350]
O61 - LFC: 21/08/2013 - 18:43:40 ---A- C:\Users\DORINE\AppData\Roaming\Microsoft\Network\Connections\Pbk\rasphone.pbk   [2070]
O61 - LFC: 21/08/2013 - 18:45:11 ---A- C:\Users\DORINE\AppData\Roaming\Microsoft\Office\Récent\conflit anti virus windows8 et autres.lnk   [505]
O61 - LFC: 21/08/2013 - 18:45:19 ---A- C:\Users\DORINE\AppData\Roaming\Microsoft\Office\Récent\maintenance ordi windows8_vista.lnk   [487]
O61 - LFC: 21/08/2013 - 18:45:19 ---A- C:\Users\DORINE\AppData\Roaming\Microsoft\Office\Récent\maintenance ordi.lnk   [307]
O61 - LFC: 21/08/2013 - 18:45:19 --H-- C:\Users\DORINE\AppData\Roaming\Microsoft\Office\Récent\index.dat   [330]
O61 - LFC: 21/08/2013 - 18:45:49 ---A- C:\Users\DORINE\AppData\Local\Temp\~DF039481982AA4FFD5.TMP   [16384]
O61 - LFC: 21/08/2013 - 18:46:20 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\LocalState\MachineInformation.xml   [1071]
O61 - LFC: 21/08/2013 - 18:46:21 ---A- C:\Users\DORINE\AppData\Local\Packages\E046963F.LenovoSupport_k1h2ywk1493x8\Settings\settings.dat   [262144]
O61 - LFC: 21/08/2013 - 18:50:26 ---A- C:\Users\DORINE\AppData\Roaming\LSC\Local Store\MemoryCapacity.xml   [773]
O61 - LFC: 21/08/2013 - 18:50:40 ---A- C:\Users\DORINE\AppData\Roaming\LSC\Local Store\alerts.xml   [892]
O61 - LFC: 21/08/2013 - 18:50:45 ---A- C:\Users\DORINE\AppData\Local\LSC\CriticalEvents\data\dataCriticalEvents.fit   [1806640]
O61 - LFC: 21/08/2013 - 18:50:45 ---A- C:\Users\DORINE\AppData\Local\LSC\CriticalEvents\log\logCriticalEvents.fit   [1817980]
O61 - LFC: 21/08/2013 - 18:50:46 ---A- C:\Users\DORINE\AppData\Local\LSC\SoftwareChange\log\logSoftwareChange.fit   [27366]
O61 - LFC: 21/08/2013 - 18:50:49 ---A- C:\Users\DORINE\AppData\Local\LSC\HardwareChange\data\dataHardwareChange.fit   [99958]
O61 - LFC: 21/08/2013 - 18:50:49 ---A- C:\Users\DORINE\AppData\Local\LSC\HardwareChange\log\logHardwareChange.fit   [91790]
O61 - LFC: 21/08/2013 - 18:50:49 ---A- C:\Users\DORINE\AppData\Local\LSC\InitialServices\data\dataInitService.fit   [85160]
O61 - LFC: 21/08/2013 - 18:50:49 ---A- C:\Users\DORINE\AppData\Local\LSC\RestorePoint\log\logRestorePoint.fit   [9106]
O61 - LFC: 21/08/2013 - 18:50:49 ---A- C:\Users\DORINE\AppData\Local\LSC\StartupProgram\log\logstartup.fit   [5486]
O61 - LFC: 21/08/2013 - 18:50:50 ---A- C:\Users\DORINE\AppData\Local\LSC\InitialServices\log\logInitService.fit   [174538]
~ 103 Fichiers temporaires (Temporary files)
~ Files: 247 Scanned in 01mn 14s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS:  Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ FASS Keys: 19 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [DORINE - rjfbnvs7.default] user_pref("extensions.crossrider.bic", "1406d70d2279c4f2ecd2f05284b19398");  =>PUP.CrossRider
~ Keys:  Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [190976]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [149504]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [149504]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [309248]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [1366016]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [1071104]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [99840]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll   [358400]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [107520]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [62976]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [438784]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [305664]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [3241472]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [826368]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [565760]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [894464]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [151552]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [105472]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [1285632]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [219648]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [80896]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [209920]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [291328]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [190976]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll   [1964544]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [47104]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll   [207872]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll   [161792]
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll   [180224]
~ Services: 34 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.5AA3E89A59E3D556B5F9B6D8D8EE3A82] [SPRF][13/08/2013] (.Somoto Ltd. - Better Installer Cleaner.) -- C:\Users\DORINE\AppData\Local\Temp\bi_cleaner.exe   [42080]  =>Adware.MegaSearch
[MD5.B5EA241BE06D8BC0B9680AD0D8BDE608] [SPRF][11/08/2013] (...) -- C:\Users\DORINE\AppData\Local\Temp\readSTILog.dll   [118352]
[MD5.B0F6507F8666E89DD9F192313D88EB98] [SPRF][16/06/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\DORINE\AppData\Local\Temp\uninst1.exe   [389632]  =>Toolbar.Babylon
[MD5.18BB65E7709E8CFDFB1F3E287893C282] [SPRF][11/08/2013] (...) -- C:\Users\DORINE\AppData\Local\Temp\uninstallkit.exe   [97744]
[MD5.FEBAE5DF537D87F52D1F821C2670A62E] [SPRF][20/08/2013] (.Pas de propriétaire - Configuration du PC.) -- C:\Users\DORINE\Desktop\PCConfig.exe   [2248280]
[MD5.F4D084A00E509340D115667ACBBC5A66] [SPRF][26/07/2013] (.Pas de propriétaire - Nettoyage des fichiers temporaires.) -- C:\Users\DORINE\Desktop\SFTGC.exe   [1064194]
~ Files:  Scanned in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "vm-monitoring-rpc" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "vm-monitoring-dcom" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe
O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Netlogon-TCP-RPC-In" | In - None - P6 - FALSE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "ProximityUxHost-Sharing-In-TCP-NoScope" | In - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe
O87 - FAEL: "ProximityUxHost-Sharing-Out-TCP-NoScope" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-DAS-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-DAS-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-In-UDP-NoScope" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-UDP-LocalSubnetScope" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-NoScope" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-LocalSubnetScope" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-NoScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-LocalSubnetScope" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-SSDP-Discovery-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-In-TCP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-Out-TCP-PlayToScope" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TPMVSCMGR-Server-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-Server-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TPMVSCMGR-Server-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-Server-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-TERMSRV-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{19497863-D5BA-4727-B7F2-F6195C443773}" | In - None - P6 - TRUE | .(.CyberLink Corp. - CyberLink PowerDVD Cinema 10 Main Program.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
O87 - FAEL: "{085E0F05-D11F-4CE2-A9DA-B37EA3EB9B9B}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDVD 10.0.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.exe
O87 - FAEL: "{47AC0336-727C-4D84-B21B-6E5163555A6C}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{A5AC0DCD-F2BE-41F4-ACCE-C21BB272DEEA}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{30E0F3DA-EE79-479C-962F-3F94715D1EA8}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "{CD1B0CEC-EBC7-43D1-A892-924416B31132}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{E3B9094D-75C0-4006-89A8-1D219D02BEB8}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{E4956CFA-BFD8-4A69-91B3-24C73DDA728F}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{793B9DA9-7DE6-444E-8B78-039BA372A9B3}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{1E5AA202-435B-47CA-BB00-F24D1E94D05C}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{94A55D90-FA65-4D1A-AE31-CAB5D6892249}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{B5740053-0D60-460A-A040-30305E679145}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{7B57A150-56BA-4072-B4B5-A877B8274B64}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{92405AB7-0363-4413-A85E-5533B186B18A}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{99C7AF5F-7866-4959-9DFE-3712DFCC34F8}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{0DD55D34-DD62-4445-8342-1FF6C9AB0369}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{1F441FCE-923E-499B-AA58-8C51AC1D28D0}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{ED85F23C-1CAE-432C-B2E3-8DD6FEE7053F}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{91D46E73-5A89-444F-B794-ADE46D0FC4B5}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{60136622-ED19-4CF2-826A-A55D48E1F236}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{53A8BAE7-3702-43F1-A7C4-F52274D2A050}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{52AA238A-A97F-44FE-9C75-35D4D116C5C0}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TCP Query User{15697688-5C8A-4743-8A53-9C9085FA7930}C:\program files (x86)\skype\phone\skype.exe" | In - Private - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\program files (x86)\skype\phone\skype.exe
O87 - FAEL: "UDP Query User{CF45ECF6-9C6A-4ACF-A9F9-FD99D387DE5C}C:\program files (x86)\skype\phone\skype.exe" | In - Private - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\program files (x86)\skype\phone\skype.exe
O87 - FAEL: "TCP Query User{70EB54A7-A434-41CA-914E-424C17C97065}C:\program files (x86)\skype\phone\skype.exe" | In - Public - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\program files (x86)\skype\phone\skype.exe
O87 - FAEL: "UDP Query User{453E4976-F89B-4EAC-9FCD-6F13CF12B362}C:\program files (x86)\skype\phone\skype.exe" | In - Public - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\program files (x86)\skype\phone\skype.exe
O87 - FAEL: "{7488323F-5369-4620-81BE-792B37304928}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{A3EB2998-B902-43A7-BC92-F60384F5CEC1}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{C3AF78A0-BA17-4F16-AD98-1D3DCC5AB9D3}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{3D5E4CFE-16E6-4762-8302-AF85F52A9C9B}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{8E790D36-12A5-4E50-B925-D2BB424D7B5F}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{DC136A0B-E605-42B2-8C53-412806A73DE1}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "{445AEFFA-6C8D-47CF-B7DC-C513E9BE147A}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{4CEF9D1E-C93A-49B2-9B37-01F50ACEAFB5}" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{9A01E116-FC38-4AC5-8D76-A078F16742E7}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{9A2EF45A-A96F-4A9C-93AA-B07DE443DC22}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{AF8E5107-2FCB-43B6-83E5-ED31F086DCCC}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{F407E0D6-6ACC-4D28-9CDA-F84A8DB4F023}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{DFA6C33A-8C03-42AB-91A2-39D517FA6D5B}" |In - None - P17 - TRUE | .(...) -- C:\Users\DORINE\Downloads\VideoPerformerSetup.exe (.not file.)  =>PUP.VideoPerformer
O87 - FAEL: "{4CBE7986-9938-4E99-82DB-5FBD9650914B}" |Out - None - P17 - TRUE | .(...) -- C:\Users\DORINE\Downloads\VideoPerformerSetup.exe (.not file.)  =>PUP.VideoPerformer
~ Firewall: 228 Scanned in 00mn 01s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "00004159070000000000000000F01FEC" . (.Microsoft Office.) -- C:\WINDOWS\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe
O90 - PUC: "098990BCF5D15D11E99A0005AB3E711E" . (.PowerDirector.) -- C:\WINDOWS\Installer\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\ARPPRODUCTICON.exe
O90 - PUC: "11C6590D06F0EF3499DA25E4384317BB" . (.Energy Management.) -- C:\WINDOWS\Installer\{D0956C11-0F60-43FE-99AD-524E833471BB}\ARPPRODUCTICON.exe
O90 - PUC: "30DE9D6CFCF60144C97B54AC82F5E911" . (.Lenovo Bluetooth with Enhanced Data Rate Software.) -- C:\WINDOWS\Installer\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}\ARPPRODUCTICON.exe
O90 - PUC: "421D4F645E0221D4EB25CE71A7A7B424" . (.OneKey Recovery.) -- C:\WINDOWS\Installer\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\ARPPRODUCTICON.exe
O90 - PUC: "4559AC80EF5B313439F84D4A718B1157" . (.QuickTime.) -- C:\WINDOWS\Installer\{08CA9554-B5FE-4313-938F-D4A417B81175}\Installer.ico
O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico
O90 - PUC: "681939E1344B26242A87C32849E97ACA" . (.Lenovo Solution Center.) -- C:\WINDOWS\Installer\{1E939186-B443-4262-A278-3C82949EA7AC}\ARPPRODUCTICON.exe
O90 - PUC: "8994BF104C33134458DE70E9E3FE7ED5" . (.YouCam.) -- C:\WINDOWS\Installer\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\ARPPRODUCTICON.exe
O90 - PUC: "8FC2C70F35C43CE418266A22E163BE88" . (.Guide de l’utilisateur.) -- C:\WINDOWS\Installer\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}\ARPPRODUCTICON.exe
O90 - PUC: "A7C07E9B58F993A44A3AFB3A3CFB6731" . (.Dolby Advanced Audio v2.) -- C:\WINDOWS\Installer\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}\DolbyBlue.exe
O90 - PUC: "B0951AEFA045CF149AC56644398CA212" . (.Classic Shell.) -- C:\WINDOWS\Installer\{FEA1590B-540A-41FC-A95C-664493C82A21}\icon.ico
O90 - PUC: "C040110900063D11C8EF10054038389C" . (.Microsoft Office Professional Edition 2003.) -- C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe,6
O90 - PUC: "C040620900063D11C8EF10054038389C" . (.Microsoft Office XP Web Components.) -- C:\WINDOWS\Installer\{9026040C-6000-11D3-8CFE-0150048383C9}\owcico.exe,0
O90 - PUC: "C3F6D7A0BA2FDE84EB329997B1FF786D" . (.Amazon Browser App.) -- C:\WINDOWS\Installer\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}\amazonicon.ico
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\WINDOWS\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "DE532CED4A8571542A874CE1D8EABAB3" . (.PowerDVD.) -- C:\WINDOWS\Installer\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\ARPPRODUCTICON.exe
O90 - PUC: "E7FF67E4ABEA78C47B88DC745E24B5D9" . (.Skype™ 6.6.) -- C:\WINDOWS\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O90 - PUC: "E8096DF3E400A1E4E871FCCE8BDF0087" . (.Alcor Micro USB Card Reader.) -- C:\WINDOWS\Installer\{3FD6908E-004E-4E1A-8E17-CFECB8FD0078}\ARPPRODUCTICON.exe
~ Update Products: 30 Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.30A7CA0334F88AE32E8F9B5351A8517C] [WIS][16/05/2012] (.Lenovo - UserGuide.) -- C:\Windows\Installer\232d9.msi   [852480]
[MD5.1E2039E20A8FB9B5B5306BBC2AFA4DC7] [WIS][07/10/2012] (.Lenovo Group Limited - Lenovo Solution Center.) -- C:\Windows\Installer\23309.msi   [37020160]
[MD5.9C64B0E9A375F180450149CBF73B397F] [WIS][12/07/2012] (.Amazon - Amazon Browser App.) -- C:\Windows\Installer\23311.msi   [1122304]
[MD5.7C2488C7A174D1D7B299822BC64160D3] [WIS][07/10/2012] (.Lenovo - Blank Project Template.) -- C:\Windows\Installer\23329.msi   [71430144]
[MD5.FE72D2B842E2BF232387219C3392797F] [WIS][13/08/2013] (.IvoSoft - Classic Shell.) -- C:\Windows\Installer\2d7873.msi   [4456448]
[MD5.B9E06BB685AE21D88F0449A6269829F3] [WIS][17/05/2012] (.Dolby Laboratories Inc - Dolby Advanced Audio v2.) -- C:\Windows\Installer\445ee.msi   [13357056]
[MD5.6BD38F64FDB6ED8FECFC1A5F5CB529B1] [WIS][26/06/2012] (.Alcor Micro Corp. - AmIcoSinglun.) -- C:\Windows\Installer\445f2.msi   [1532416]
[MD5.DCCB7F12931909C8F60F990A1F315BF5] [WIS][30/07/2012] (.Broadcom Corp. - WIDCOMM Bluetooth Profile Pack.) -- C:\Windows\Installer\445fb.msi   [10659840]
[MD5.73122534D527893BDEFD1F707FFB34F6] [WIS][05/08/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\a963aae.msi   [21803008]
~ WIS: 30 Scanned in 00mn 03s



---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 09/05/2013 46808 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 26/07/2012 2252600 |  (BcmBtRSupport) . (.Broadcom Corporation..) - C:\Windows\System32\BtwRSupportService.exe
SR - | Auto 29/07/2012 953720 |  (btwdins) . (.Broadcom Corporation..) - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
SR - | Auto 29/06/2013 68608 |  (ClassicShellService) . (.IvoSoft.) - C:\Program Files\Classic Shell\ClassicShellService.exe
SS - | Demand 24/08/2012 276288 |  (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SR - | Auto 20/04/2012 635104 |  (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 17/07/2012 128896 |  (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 17/07/2012 165760 |  (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 17/07/2012 276864 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 04/04/2013 418376 |  (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 |  (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 14/08/2013 117656 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 21/06/2013 162408 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 17/07/2012 364416 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto  0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 04s



---\\ Recherche dinfection sur le Master Boot Record (MBR)(O80)
Run by DORINE at 21/08/2013 19:53:01
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Recherche dinfection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by DORINE at 21/08/2013 19:53:03

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR:  Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : v2.12862 - (21/08/2013)
Clés trouvées (Keys found) : 7
Valeurs trouvées (Values found) : 1
Dossiers trouvés  (Folders found) : 1
Fichiers trouvés  (Files found) : 19

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]   =>Toolbar.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]   =>Toolbar.Tarma
[HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff]   =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]   =>Toolbar.Avast
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}]   =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}]   =>PUP.OptimizerPro
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:startertv_fr_5   =>Adware.StarterTV^
C:\Users\DORINE\AppData\Roaming\Mozilla\Firefox\Profiles\rjfbnvs7.default\94ae0976-89df-4347-9771-5371c6e203bf@3796dc63-d06d-4575-a997-9b5c935fe915.com   =>Adware.Pricora^
C:\Windows\Tasks\Pricora-chromeinstaller.job   =>Adware.Pricora^
C:\Windows\Tasks\Pricora-codedownloader.job   =>Adware.Pricora^
C:\Windows\Tasks\Pricora-enabler.job   =>Adware.Pricora^
C:\Windows\Tasks\Pricora-firefoxinstaller.job   =>Adware.Pricora^
C:\Windows\Tasks\Pricora-updater.job   =>Adware.Pricora^
[HKCU\Software\AppDataLow\Software\Pricora]   =>Adware.Pricora^
[HKLM\Software\Wow6432Node\Pricora]   =>Adware.Pricora^
C:\Windows\Prefetch\WAJAM_INSTALL.EXE-9743C161.pf   =>Toolbar.Wajam^
C:\Windows\Prefetch\OPTIMIZER_PRO.TMP-5998FD01.pf   =>PUP.OptimizerPro^
C:\Windows\Prefetch\MYPC BACKUP.EXE-EFC95E5E.pf   =>PUP.MyPCBackup^
C:\Windows\Prefetch\VIDEOPERFORMERSETUP.EXE-D5B71C2A.pf   =>PUP.VideoPerformer^
C:\Users\DORINE\AppData\Local\Temp\C6BF7D8A-BAB0-7891-AD4F-B06CBBE75ECF\bab138.deltatb_dmn.zpb   [254]   =>Toolbar.DeltaSearch^
C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\seesimilar.ico   [99678]   =>Adware.SeeSimilar^
C:\Users\DORINE\AppData\Local\Temp\ibtmpc810551\config\speedanalysis.ico   [30894]   =>PUP.SpeedAnalysis^
C:\Users\DORINE\AppData\Roaming\speedanalysis.ico   [30894]   =>PUP.SpeedAnalysis^
C:\Users\DORINE\AppData\Local\Temp\bi_cleaner.exe   =>Adware.MegaSearch^
C:\Users\DORINE\AppData\Local\Temp\uninst1.exe   =>Toolbar.Babylon^
~ Additionnel Scan: 216038 Items scanned in 00mn 21s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/29294184-adware-pricora   =>Adware.Pricora
~ http://nicolascoolman.webs.com/apps/blog/show/29259213-adware-startertv   =>Adware.StarterTV
~ http://nicolascoolman.webs.com/apps/blog/show/27379491-toolbar-wajam   =>Toolbar.Wajam
~ http://nicolascoolman.webs.com/apps/blog/show/28204239-pup-optimizerpro   =>PUP.OptimizerPro
~ http://nicolascoolman.webs.com/apps/blog/show/32174815-pup-mypcbackup   =>PUP.MyPCBackup
~ http://nicolascoolman.webs.com/apps/blog/show/29895028-pup-videoperformer   =>PUP.VideoPerformer
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch   =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/31473015-adware-seesimilar   =>Adware.SeeSimilar
~ http://nicolascoolman.webs.com/apps/blog/show/28153012-pup-speedanalysis   =>PUP.SpeedAnalysis
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider   =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/26919368-adware-megasearch   =>Adware.MegaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon  =>Toolbar.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma   =>Toolbar.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch   =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/30898585-toolbar-avast   =>Toolbar.Avast
~ MSI: 15 link(s) detected in 00mn 21s



End of the scan (1784 lines in 02mn 58s)(0)