[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

[zurlinden]

bonjour:

depuis hier, gros problème (

j'ai voulu télécharger un logiciel de téléchargement de vidéos, musique etc:

le nom est A TUBE CATCHER:

Depuis, je n'arrête pas d'avoir des fenêtres de pub qui s'ouvrent de manière aléatoire, et mon moteur de recherche par défaut (google) a été changé (:

Que me conseillez vous de faire?

mon ordi est un ACER, (neuf);sous Windows 8 (auquel je ne comprends rien d'ailleurs)

mon antivirus est Mac Affee, (fourni avec l'ordi et dont la période de validité expire ds quelques jours);

il avait décelé des fichiers "douteux" qu'il avait mis en quarantaine, mais comme je n'y connais rien en micro, j'ai continué l'installation de A TUBE CATCHER, et maintenant, j'ai ce problème de pub à répétition:o(

j'ai effectué un scan avec Macaffee et................il ne détecte rien ............(

depuis, j'ai supprimé ce logiciel A TUBE CATCHER avec REVO INSINTALLER, mais le problème persiste.

En outre, qd je clique sur google, sur le bureau, parfois, j'ai une page blanche qui s'affiche (

merci pour votre aide et bonne journée à vous

cordialement

ZURLINDEN

[bernard53]

Bonjour

Fait ceci s.t.p.

Télécharge AdwCleaner d'Xplode sur ton bureau.

 

Ensuite :

Valide le mode Scanner

 

 

Puis : valide Rapport et si des intrusions sont détectées valide alors le mode Nettoyer

 

Possibilité après ce lancement d’une demande de redémarrage pour valider toutes les suppressions.

 

- Au redémarrage, un rapport s'ouvrira. Postes le sur le forum.

 

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[s1].txt

Mets les rapports ici car ils prennent bien de la place.

http://cjoint.com/

ou.

http://www.1fichier.com/

 

Ensuite :

Télécharge Junkware Removal Tool sur le bureau: lien ici

( patientez quelques instants, ensuite clic sur " Enregistrer" à l'apparition du fichier à télécharger JRT.exe )

Une fois le téléchargement terminé,

 

Sous XP, double-clique sur l'icône de JRT.exe pour démarrer l'outil.

Sous Vista/Seven/et Windows 8, clic droit sur le fichier téléchargé( JRT.exe ) et choisir "exécuter en temps qu'administrateur".

 

Une fenêtre va s'ouvrir, appuie sur une touche pour continuer...

 

 

Afin de ne pas fausser les rapports, ne passer l'outil qu'une seule fois svp!

Si l'antivirus fait des siennes :arrow: désactive-le provisoirement. Si tu ne sais pas comment faire, reporte-toi à cet article.

 

Ensuite, patiente le temps du scan de l'outil, il va faire une sauvegarde du "registre" pour commencer et ensuite scanner différents modules de ton PC.

NB: Le bureau disparaitra quelques instants, c'est normal.

 

 

Une fois tout ton PC examiné tu auras cette fenêtre:

 

 

Poste le rapport généré à la fin de l'analyse.

 

Pour rappel:

Fais un ctrl + a, à l'intérieur de la fenêtre de ton bloc note ( présent sur le bureau ) puis un ctrl +c, pour copier ton rapport dans ta réponse sur le forum. ( ctrl+v )

 

 

Ensuite :

Télécharges http://nicolascoolman.webs.com/'> ZHPDIAG (de Nicolas Coolman) sur ton bureau...
Doubles-clique sur l'icône ZHPDiag .exe pour l’installation.

L'installation va créer raccourcis (ZHPDiag et ZHPFix et MBRchek) sur ton bureau

 

Double-clique ensuite sur l’icône ZHPDiag pour le lancer l’analyse puis :

 

A la fin du scan le rapport est sauvegardé directement sur ton bureau. ZHPDiag.txt

Mets le rapport ici car il prend bien de la place.

http://cjoint.com/

ou.

http://www.1fichier.com/

[zurlinden]

merci je vais faire ça; j'espère que j'y arriverai:

pour info la page blanche qui s'ouvre parfois qd j'ouvre Google s'intitule SU600.COM :O5

MERCI ENCORE POUR TON AIDE

[zurlinden]

je poste ici le ra# AdwCleaner v3.012 - Rapport créé le 22/11/2013 à 16:16:44

# Mis à jour le 11/11/2013 par Xplode
# Système d'exploitation : Windows 8 (64 bits)
# Nom d'utilisateur : martial - PC-BALOU
# Exécuté depuis : C:\Users\martial\Downloads\adwcleaner.exe
# Option : Nettoyer

***** [ Services ] *****

[#] Service Supprimé : Software_update
[#] Service Supprimé : Software_update_m

***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\ProgramData\boost_interprocess
Dossier Supprimé : C:\ProgramData\BoxUpdChk
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freesofttoday
Dossier Supprimé : C:\Program Files (x86)\Boxore
Dossier Supprimé : C:\Program Files (x86)\IminentToolbar
Dossier Supprimé : C:\Users\martial\AppData\Roaming\Tlapia
Dossier Supprimé : C:\Program Files (x86)\Software
Dossier Supprimé : C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Dossier Supprimé : C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Dossier Supprimé : C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa
Fichier Supprimé : C:\Users\Public\Desktop\eBay.lnk
Fichier Supprimé : C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Fichier Supprimé : C:\Windows\System32\Tasks\BoxSoftwareUpdate
Fichier Supprimé : C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
Fichier Supprimé : C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore
Fichier Supprimé : C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job
Fichier Supprimé : C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA

***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass.1
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\speedupmypc
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [boxore Client]
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@tools.Software.com/Software Update;version=3
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@tools.Software.com/Software Update;version=9
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Supprimée : HKCU\Software\Boxore
Clé Supprimée : HKCU\Software\Tutorials
Clé Supprimée : HKCU\Software\TutoTag
Clé Supprimée : HKLM\Software\Boxore
Clé Supprimée : HKLM\Software\FreeSoftToday
Clé Supprimée : HKLM\Software\Tutorials
Clé Supprimée : HKLM\Software\Uniblue
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA2B24FD-EE10-42B9-B049-AA80268E7E21}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Clé Supprimée : HKLM\Software\Classes\Installer\Features\DF42B2AC01EE9B240B94AA0862E8E712
Clé Supprimée : HKLM\Software\Classes\Installer\Products\DF42B2AC01EE9B240B94AA0862E8E712

***** [ Navigateurs ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Google Chrome v31.0.1650.57

[ Fichier : C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [4747 octets] - [22/11/2013 16:14:20]
AdwCleaner[s0].txt - [4482 octets] - [22/11/2013 16:16:44]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4542 octets] ##########pport AdwCleaner car je ne sais pas si j'ai fait la bonne manip sur le lien indiqué plus haut )

je passe maintenant à Junkware removal tool )

[zurlinden]

voilà le rapport de Junkware Removal Tool

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.0.8 (11.05.2013:1)

OS: Windows 8 x64

Ran by martial on 22/11/2013 at 16:32:44,24

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL

~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\1c875dde39636004ca8cdaec335b4160

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}

Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}

Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}

Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}

~~~ Files

~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"

Successfully deleted: [Folder] "C:\Users\martial\appdata\local\software"

Failed to delete: [Folder] "C:\Windows\syswow64\ai_recyclebin"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 22/11/2013 at 16:36:06,80

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

je passe à la suite:o)

[zurlinden]

impossible de telecharger ZHPDIAG ;o(

jle lien indiqué ne semble pas fonctionner:

je ne trouve , en chercahnt sur telecharger .com que ZEB HELP PROCESS:

CELA CONVIENT IL,

MERCI

[Apollo]

Bonsoir,

 

Désolé pour l'incruste.

 

 

telecharger .com

 

Surtout pas! pas plus que sur 01.net.

 

Hébergé provisoirement par moi: Voir le Fichier : ZHPDiag2.exe

 

Je sors.

 

++

[bernard53]

Merci Apollo

[zurlinden]

merci les amis; je fais ça dés demain car là..................le moral ds les godasses et trop de strs )

je vous tiens au courant.

cordialement

[zurlinden]

bjr les amis;

je poste ici le rapport ZHPDIAG que j'ai enfin pu installer:

j'attends de vos nouvelles; et quoi qu'il se passe, je vous remercie du temps que vous avez bien voulu me consacrer:

 

~ Rapport de ZHPDiag v2013.11.22.46 - Nicolas Coolman (22/11/2013)

~ Lancé par martial (23/11/2013 10:17:29)

~ Adresse du Site Web http://nicolascoolman.webs.com

~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/

~ Traduit par Nicolas Coolman

~ Etat de la version :

~ Liste blanche : Désactivée par l'utilisateur

~ Elévation des Privilèges : OK

~ User Account Control (UAC): Activate by user

---\\ Navigateurs Internet

MSIE: Internet Explorer v10.0.9200.16736

GCIE: Google Chrome v31.0.1650.57 (Defaut)

---\\ Informations sur les produits Windows

~ Langage: Français

Windows 8 Home Premium Edition, 64-bit (Build 9200)

Windows Server License Manager Script : OK

~ ion : Windows® Operating System, OEM_DM channel

Windows ID Activation : OK

~ Windows Partial Key : 4RDHT

Windows License : OK

~ Windows Remaining Initializations Number : 999

Software Protection Service (Protection logicielle) : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK

---\\ Logiciels de protection du système

McAfee Internet Security Suite v12.8.856

Windows Defender W8

---\\ Logiciels d'optimisation du système

CCleaner v4.06 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels

---\\ Informations sur le système

~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel

~ Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 8144 MB (79% free)

System Restore: Activé (Enable)

System drive C: has 399 GB (87%) free of 458 GB

---\\ Mode de connexion au système

~ Computer Name: PC-BALOU

~ User Name: martial

~ All Users Names: martial, HomeGroupUser$, Administrateur,

~ Unselected Option: None

Logged in as Administrator

---\\ Variables d'environnement

~ System Unit : C:\

~ %AppZHP% : C:\Users\martial\AppData\Roaming\ZHP\

~ %AppData% : C:\Users\martial\AppData\Roaming\

~ %Desktop% : C:\Users\martial\Desktop\

~ %Favorites% : C:\Users\martial\Favorites\

~ %LocalAppData% : C:\Users\martial\AppData\Local\

~ %StartMenu% : C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques

C: Hard drive, Flash drive, Thumb drive (Free 399 Go of 458 Go)

D: Hard drive, Flash drive, Thumb drive (Free 457 Go of 458 Go)

E: CD-ROM drive (Not Inserted)

---\\ Etat du Centre de Sécurité Windows

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

~ Security Center: 41 Scanned in 00mn 00s

---\\ Recherche particulière de fichiers génériques

[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]

[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]

[MD5.9706C99DAEBE3FEAC811B239617E98C4] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.12/10/2013 - 09:45:20.) -- C:\Windows\System32\wininet.dll [2241536]

[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]

[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]

[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.04/09/2013 - 04:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]

[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]

[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]

[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]

[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]

[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]

[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]

[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]

[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]

[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]

[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]

[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]

[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]

[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]

[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]

[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]

~ Generic Processes: Scanned in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes Favoris (My Favorites) : 1/7

~ Mes Documents (My Documents) : 1/5

~ Mon Bureau (My Desktop) : 2/21

~ Menu demarrer (Programs) : 1/32

~ Hidden Files: Scanned in 00mn 00s

---\\ Processus lancés

[MD5.A826BF0E7373632ADA7C2A55C92B1AEA] - (...) -- C:\Users\martial\AppData\Local\fst_fr_17\upfst_fr_17.exe [3154416] [PID.2524] =>PUA.FSTfr9

[MD5.280B64F6BFCEDE6D67D261EB808AA617] - (.Acer Incorporated - Hotkey Utility.) -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [524944] [PID.1108]

[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.6172] =>Toolbar.Google

[MD5.BEFFB2D021E7FA9E92249F3997930A68] - (.Acer - ArcServer.) -- C:\Program Files (x86)\Acer Remote\ArcServer.exe [522144] [PID.2784]

[MD5.3E023F7852FEDDD5B938D054A84824AE] - (.Tlapia - sysTPL.) -- C:\Program Files (x86)\sysTPL\sysTPL.exe [875288] [PID.6316]

[MD5.0CED501E811F5C4745415FCC000CE043] - (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe [164864] [PID.2580]

[MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [10376704] [PID.4988]

[MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [10368512] [PID.3720]

[MD5.A78774AFAEC2CECFE8F61B40D8E0B940] - (...) -- C:\Program Files (x86)\fst_fr_17\fst_fr_17.exe [3993584] [PID.2524] =>PUA.FSTfr9

[MD5.E659E38D2D51DF5817C91D7386920C7E] - (.CyberLink - MediaEspresso DeviceDetector.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [995856] [PID.6888]

[MD5.60A3399135BEFC6F4BADBD6C13A4AC24] - (.Microsoft Corporation - Hôte Microsoft WWA.) -- C:\Windows\syswow64\wwahost.exe [333824] [PID.6412]

[MD5.636D97B3BAF854511FF3F4093E895FED] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863184] [PID.4820]

[MD5.06BC146E6C2E881A7235A142BA877B82] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8262144] [PID.2236]

~ Processes Running: Scanned in 00mn 00s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Preferences

G1 - GCS: Preference [user Data\Default] None

G2 - GCE: Preference [user Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google\u00C2 Store v.0.2 (Activé)

G2 - GCE: Preference [user Data\Default] [aohghmighlieiainnegkcijnfilokake] Documents Google v.0.5 (Activé)

G2 - GCE: Preference [user Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google\u00C2 Drive v.6.3 (Activé)

G2 - GCE: Preference [user Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)

G2 - GCE: Preference [user Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)

G2 - GCE: Preference [user Data\Default] [dcpfhaghaadpjpgocojgnlhjcieeooel] Re-markit v.1.135 (Désactivé) =>PUP.ReMarkIt

G2 - GCE: Preference [user Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)

G2 - GCE: Preference [user Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)

G2 - GCE: Preference [user Data\Default] [fheoggkfdfchfphceeifdbepaooicaho] SiteAdvisor v.3.6.3.1271 (Désactivé)

G2 - GCE: Preference [user Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)

G2 - GCE: Preference [user Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)

G2 - GCE: Preference [user Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)

G2 - GCE: Preference [user Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google\u00C2 Wallet v.0.0.5.0 (Activé)

G2 - GCE: Preference [user Data\Default] [pbpohikckhbcljgombipcdoinkaedlfa] Smart Display v.1.6 (Désactivé) =>Spyware.SmartDisplay

G2 - GCE: Preference [user Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)

~ Google Browser: 16 Scanned in 00mn 01s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\mcafee\msc\npMcSnFFPl64.dll

~ Firefox Browser: 1 Scanned in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com =>PUP.DoSearches

R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com =>PUP.DoSearches

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com =>PUP.DoSearches

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll

~ IE Browser: 12 Scanned in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8877;https=127.0.0.1:8877 =>Hijacker.Proxy

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Proxy management: Scanned in 00mn 00s

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs

F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\Windows\explorer.exe

F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe

~ Keys: Scanned in 00mn 00s

---\\ Hosts file redirection (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Hosts File: Scanned in 00mn 00s

~ Nombre de lignes (Lines number): 21

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Re-markit [64Bits] - {4480ad00-e608-4d22-a592-751680df3262} . (...) -- C:\Program Files (x86)\Re-markit\135.dll =>PUP.ReMarkIt

O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google

O2 - BHO: McAfee SiteAdvisor BHO [64Bits] - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll

~ BHO: 5 Scanned in 00mn 00s

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: McAfee SiteAdvisor Toolbar [64Bits] - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll

O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google

O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline

~ Toolbar: Scanned in 00mn 00s

---\\ Autres liens utilisateurs (O4)

O4 - GS\Desktop [Public]: 3D Vision Photo Viewer.lnk . (.NVIDIA Corporation - NVIDIA 3D Vision Photo Viewer.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe

O4 - GS\Desktop [Public]: Acer Remote.lnk . (.Acer - ArcServer.) -- C:\Program Files (x86)\Acer Remote\ArcServer.exe

O4 - GS\Desktop [Public]: AcerCloud.lnk . (.Acer Incorporated - AcerCloud.) -- C:\Program Files (x86)\Acer\Acer Cloud\acpanel_win.exe

O4 - GS\Desktop [Public]: Acheter en ligne.lnk . (...) -- C:\Program Files (x86)\Accessory Store\StartUrl.exe (.not file.)

O4 - GS\Desktop [Public]: Casino Classic.lnk . (.Microgaming Systems - Game Launcher.) -- C:\Microgaming\Casino\casinoclassic\casinogame.exe

O4 - GS\Desktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>Piriform Ltd

O4 - GS\Desktop [Public]: Demo Acer Remote.lnk . (...) -- C:\Program Files (x86)\Acer Remote Demo\Acer Remote_demo.mp4

O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://do-search.com =>PUP.DoSearches

O4 - GS\Desktop [Public]: Help and Support.lnk - Clé orpheline

O4 - GS\Desktop [Public]: McAfee Internet Security Suite.lnk . (.McAfee, Inc. - McAfee.) -- C:\Program Files (x86)\mcafee.com\agent\mcagent.exe

O4 - GS\Desktop [Public]: Norton Online Backup.lnk . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

O4 - GS\Desktop [Public]: OpenOffice.org 3.4.1.lnk . (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

O4 - GS\Desktop [Public]: WildTangent Games App - acer.lnk . (.WildTangent - WildTangent Games App.) -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe

O4 - GS\Desktop [Public]: ZHP.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZebHelpProcess\ZHPHep.exe =>.Nicolas Coolman

O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline

O4 - GS\Program [Public]: Microsoft Office.lnk . (.Microsoft Corporation - Microsoft Office.) -- C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.exe

O4 - GS\Program [Public]: Spotify.lnk . (...) -- C:\Program Files (x86)\Spotify\SpotifyLauncher.exe

O4 - GS\Program [Public]: WildTangent Games App - acer.lnk . (.WildTangent - WildTangent Games App.) -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe

O4 - GS\Program [Public]: Windows Store.lnk . (...) -- C:\Windows\WinStore\WinStore.htm

O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: Math Input Panel.lnk . (...) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe (.not file.)

O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\system32\mstsc.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d’écran.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Enregistreur d’actions.) -- C:\Windows\system32\psr.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation

O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation

O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\system32\charmap.exe =>.Microsoft Corporation

O4 - GS\QuickLaunch [martial]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://do-search.com =>PUP.DoSearches

O4 - GS\QuickLaunch [martial]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://do-search.com =>PUP.DoSearches

O4 - GS\TaskBar [martial]: Acer Docs.lnk . (...) -- C:\Program Files (x86)\Acer\AcerCloud Docs\AcerCloud Docs.exe

O4 - GS\TaskBar [martial]: Acer Media.lnk . (.Acer Incorporated - Acer Media.) -- C:\Program Files (x86)\Acer\clear.fi Media\ClearfiMedia.exe

O4 - GS\TaskBar [martial]: Acer Photo.lnk . (.Acer Incorporated - Acer Photo.) -- C:\Program Files (x86)\Acer\clear.fi Photo\ClearfiPhoto.exe

O4 - GS\TaskBar [martial]: Acer Power Button.lnk . (...) -- C:\Program Files (x86)\Acer\Acer Power Management\ePowerButton.exe (.not file.)

O4 - GS\TaskBar [martial]: File Explorer.lnk . (...) -- C:\Users\martial\AppData\Roaming\Microsoft\Windows\Libraries

O4 - GS\TaskBar [martial]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://do-search.com =>PUP.DoSearches

O4 - GS\TaskBar [martial]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://do-search.com =>PUP.DoSearches

O4 - GS\Program [martial]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://do-search.com =>PUP.DoSearches

O4 - GS\Accessories [martial]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation

O4 - GS\Desktop [martial]: Ludi.lnk - Clé orpheline

O4 - GS\Desktop [martial]: PokerStars.fr.lnk . (.PokerStars - PokerStars Update.) -- C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe

O4 - GS\Desktop [martial]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) -- C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe

O4 - GS\Desktop [martial]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman

O4 - GS\Desktop [martial]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman

~ Global Startup: 50 Scanned in 00mn 01s

---\\ Applications lancées au démarrage du sytème (O4)

O4 - GS\Startup [Public]: Acer Remote.lnk . (.Acer - ArcServer.) -- C:\Program Files (x86)\Acer Remote\ArcServer.exe

O4 - GS\Startup [martial]: OpenOffice.org 3.4.1.lnk . (...) -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp

O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google

O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIKE.exe =>.Epson Seiko Corporation

O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe

O4 - HKLM\..\Wow6432Node\Run: [Norton Online Backup] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

O4 - HKLM\..\Wow6432Node\Run: [mcpltui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe

O4 - HKLM\..\Wow6432Node\Run: [sysTPL] . (.Tlapia - sysTPL.) -- C:\Program Files (x86)\sysTPL\sysTPL.exe

O4 - HKLM\..\Wow6432Node\Run: [fst_fr_17] . (...) -- C:\Program Files (x86)\fst_fr_17\fst_fr_17.exe =>PUA.FSTfr9

O4 - HKLM\..\Wow6432Node\RunOnce: [upfst_fr_17.exe] . (...) -- C:\Users\martial\AppData\Local\fst_fr_17\upfst_fr_17.exe =>PUA.FSTfr9

O4 - HKUS\S-1-5-21-3778166341-1465188008-936229986-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google

O4 - HKUS\S-1-5-21-3778166341-1465188008-936229986-1001\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIKE.exe =>.Epson Seiko Corporation

~ Application: Scanned in 00mn 00s

---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)

O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no

~ IE Control Panel: 1 Scanned in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

~ Winsock: 6 Scanned in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{3EAD6CDF-D505-4FFC-B3C8-31B02CB49FF0}: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\..\{3EAD6CDF-D505-4FFC-B3C8-31B02CB49FF0}: DhcpDomain = bouyguesbox.fr

O17 - HKLM\System\CS1\Services\Tcpip\..\{3EAD6CDF-D505-4FFC-B3C8-31B02CB49FF0}: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CS1\Services\Tcpip\..\{3EAD6CDF-D505-4FFC-B3C8-31B02CB49FF0}: DhcpDomain = bouyguesbox.fr

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

~ Domain: Scanned in 00mn 00s

---\\ Protocole additionnel (O18)

O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation

O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation

~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

~ SSODL: 1 Scanned in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: CCDMonitorService (CCDMonitorService) . (.Acer Incorporated - CCD Monitor Service.) - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc

O23 - Service: McAfee Home Network (HomeNetSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Patch Tool..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe

O23 - Service: Intel® Capability Licensing Service Interface (Intel® Capability Licensing Service Interface) . (.Intel® Corporation - Intel® Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel® PROSet Monitoring Service (Intel® PROSet Monitoring Service) . (.Intel Corporation - Intel® PROSet Monitoring Service.) - C:\Windows\system32\IProsetMonitor.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel® Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: Intel® Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee AP Service (McAPExe) . (.McAfee, Inc. - McAfee Access Protection.) - C:\Program Files\McAfee\MSC\McAPexe.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe

O23 - Service: McAfee Platform Services (mcpltsvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe

O23 - Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe

O23 - Service: McAfee Application Statistics Service (MfeASUM) . (.McAfee, Inc. - McAfee Application Statistics Service.) - C:\Program Files\McAfee\AppStats\MfeASUM.exe

O23 - Service: McAfee Anti-Malware Core (mfecore) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) . (.McAfee, Inc. - McAfee Core Firewall Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\windows\system32\mfevtps.exe

O23 - Service: McAfee Anti-Spam Service (MSK80Service) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: c:\Program Files (x86)\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG - NeroUpdate.) - c:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: Norton Online Backup (NOBU) . (.Symantec Corporation - Norton Online Backup Service.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.1.) - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: sysTPLMonitor (sysTPLMonitor.exe) . (.Tlapia - sysTPLMonitor.) - C:\Program Files (x86)\sysTPL\sysTPLMonitor.exe

O23 - Service: sysTPLService (sysTPLService.exe) . (.Tlapia - sysTPLService.) - C:\Program Files (x86)\sysTPL\sysTPLService.exe

O23 - Service: Intel® Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

~ Services: 26 Scanned in 00mn 05s

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Desktop Component: 4 Scanned in 00mn 00s

---\\ Enumère les données de BootExecute (BEX) (O34)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

~ BEX: 1 Scanned in 00mn 00s

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1084]

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1088]

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Re-markit Update.job [406] =>PUP.ReMarkIt

[MD5.F368AE5801EE103008BA34773F83ECCE] [APT] [ALU] (...) -- C:\Program Files (x86)\Acer\Live Updater\updater.exe [3368008]

[MD5.B690DE3B3D28AD45112BE310780DBE8D] [APT] [ALUAgent] (...) -- C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [40008]

[MD5.22621F4BC16C5C47E76E40F251F0CC79] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3905304] =>Piriform Ltd

[MD5.E659E38D2D51DF5817C91D7386920C7E] [APT] [DeviceDetector] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [995856]

[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]

[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]

[MD5.280B64F6BFCEDE6D67D261EB808AA617] [APT] [Hotkey Utility] (.Acer Incorporated.) -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [524944]

[MD5.7A69532E7D92A0B31E9A55DE1D1CF7E2] [APT] [Power Management] (.Acer Incorporated.) -- C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [5303368]

[MD5.66218637966A5BC3AA056A7491418F65] [APT] [Re-markit Update] (...) -- C:\Program Files (x86)\Re-markit\ReMarkit_up.exe [236544] =>PUP.ReMarkIt

[MD5.C6CAB8F629AE677E4B5AE0D9E28241E6] [APT] [Notification] (.Acer Incorporated.) -- C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [523848]

~ Scheduled Task: 15 Scanned in 00mn 02s

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation

O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation

O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll

O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation

O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll

O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation

O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll

~ Active Setup: 9 Scanned in 00mn 00s

---\\ Pilotes lancés au démarrage du système (O41)

O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys

O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys

O41 - Driver: (ccSet_NARA) . (.Symantec Corporation - Common Client Settings Driver.) - C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys

O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys

O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys

O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys

O41 - Driver: (MfeASKM) . (.McAfee, Inc. - McAfee Application Statistics Device Driver.) - C:\Program Files\McAfee\AppStats\MfeASKM.sys

O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys

O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys

O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys

O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys

~ Drivers: 36 Scanned in 00mn 00s

---\\ Logiciels installés (O42)

O42 - Logiciel: Acer Docs - (.Acer Incorporated.) [HKLM][64Bits] -- {CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}

O42 - Logiciel: Acer Media - (.Acer Incorporated.) [HKLM][64Bits] -- {E9AF1707-3F3A-49E2-8345-4F2D629D0876}

O42 - Logiciel: Acer Photo - (.Acer Incorporated.) [HKLM][64Bits] -- {B5AD89F2-03D3-4206-8487-018298007DD0}

O42 - Logiciel: Acer Power Management - (.Acer Incorporated.) [HKLM][64Bits] -- {91F52DE4-B789-42B0-9311-A349F10E5479}

O42 - Logiciel: Acer Recovery Management - (.Acer Incorporated.) [HKLM][64Bits] -- {07F2005A-8CAC-4A4B-83A2-DA98A722CA61}

O42 - Logiciel: Acer Remote - (.Acer Inc..) [HKLM][64Bits] -- Acer Remote1.0

O42 - Logiciel: AcerCloud Portal - (.Acer Incorporated.) [HKLM][64Bits] -- {A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}

O42 - Logiciel: Bejeweled 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-ce66965d-5117-4f5b-ac76-2f79aa4dd782

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>Piriform Ltd

O42 - Logiciel: Casino Classic - (...) [HKLM][64Bits] -- casinoclassic

O42 - Logiciel: CyberLink MediaEspresso 6.5 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}

O42 - Logiciel: CyberLink MediaEspresso 6.5 - (.CyberLink Corp..) [HKLM][64Bits] -- {E3739848-5329-48E3-8D28-5BBD6E8BE384}

O42 - Logiciel: DMUninstaller - (...) [HKLM][64Bits] -- DMUninstaller

O42 - Logiciel: Delicious: Emily's Childhood Memories Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-ddc1064d-2e22-4de1-a1b5-c35c89d3aeb7

O42 - Logiciel: EPSON XP-302 303 305 306 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM][64Bits] -- EPSON XP-302 303 305 306 Series

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>Toolbar.Google

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Governor of Poker 2 Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-a2d92771-6c0f-473f-a967-dc972ff0699f

O42 - Logiciel: Hotkey Utility - (.Acer Incorporated.) [HKLM][64Bits] -- {A6DC88AD-501A-44BC-884D-57435F972E2C}

O42 - Logiciel: Identity Card - (.Acer Incorporated.) [HKLM][64Bits] -- {3D9CB654-99AD-4301-89C6-0D12A790767C}

O42 - Logiciel: Intel® Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}

O42 - Logiciel: Intel® Network Connections 17.2.153.0 - (.Intel.) [HKLM][64Bits] -- PROSetDX

O42 - Logiciel: Intel® Network Connections 17.2.153.0 - (.Intel.) [HKLM][64Bits] -- {858C1B33-C3D5-4377-B77B-1E2F338C7F66}

O42 - Logiciel: Intel® Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}

O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}

O42 - Logiciel: Jewel Match 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-281dff9b-2df8-43e1-bd6a-622c9e1a96d1

O42 - Logiciel: John Deere Drive Green - (.WildTangent.) [HKLM][64Bits] -- WTA-5325c9f8-ab95-464d-9101-7f05ed6c99e5

O42 - Logiciel: Live Updater - (.Acer Incorporated.) [HKLM][64Bits] -- {EE26E302-876A-48D9-9058-3129E5B99999}

O42 - Logiciel: Ludi - (...) [HKLM][64Bits] -- Ludi

O42 - Logiciel: Magic Academy - (.WildTangent.) [HKLM][64Bits] -- WTA-8687c51b-2852-4c45-9339-47372bbba88c

O42 - Logiciel: McAfee Internet Security Suite - (.McAfee, Inc..) [HKLM][64Bits] -- MSC

O42 - Logiciel: NVIDIA Logiciel système PhysX 9.12.1031 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX

O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {8B922CF8-8A6C-41CE-A858-F1755D7F5D29}

O42 - Logiciel: NVIDIA Pilote 3D Vision 311.15 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision

O42 - Logiciel: NVIDIA Pilote audio HD : 1.3.18.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver

O42 - Logiciel: NVIDIA Pilote du contrôleur 3D Vision 311.06 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB

O42 - Logiciel: NVIDIA Pilote graphique 311.15 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver

O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIAStereo

O42 - Logiciel: Nero BackItUp - (.Nero AG.) [HKLM][64Bits] -- {DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}

O42 - Logiciel: Nero BackItUp 12 Essentials OEM.a01 - (.Nero AG.) [HKLM][64Bits] -- {4CA8F973-6377-4ABF-9ED5-CC2323B3C000}

O42 - Logiciel: Nero BackItUp Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {EF0D1292-8FC1-41BE-9740-DBC134F66415}

O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {ABC88553-8770-4B97-B43E-5A90647A5B63}

O42 - Logiciel: Nero ControlCenter Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {C994C746-C6D0-4EBA-B09E-DF7B18381B69}

O42 - Logiciel: Nero Core Components - (.Nero AG.) [HKLM][64Bits] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263}

O42 - Logiciel: Nero Launcher - (.Nero AG.) [HKLM][64Bits] -- {0E4630AF-0AB7-440E-A978-1A78FC4F43B9}

O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM][64Bits] -- {A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}

O42 - Logiciel: Nero RescueAgent Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {0B311221-05A5-4766-8D03-7A6446794156}

O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM][64Bits] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A}

O42 - Logiciel: Norton Online Backup - (.Symantec Corporation.) [HKLM][64Bits] -- {40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}

O42 - Logiciel: Norton Online Backup ARA - (.Symantec Corporation.) [HKLM][64Bits] -- NARA

O42 - Logiciel: Office Addin - (.Acer.) [HKLM][64Bits] -- {6D2BBE1D-E600-4695-BA37-0B0E605542CC}

O42 - Logiciel: Office Addin 2003 - (.Acer.) [HKLM][64Bits] -- {1FCC073B-CC01-4443-AD20-E559F66E6E83}

O42 - Logiciel: OpenOffice.org 3.4.1 - (.Apache Software Foundation.) [HKLM][64Bits] -- {9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}

O42 - Logiciel: Plants vs. Zombies - Game of the Year - (.WildTangent.) [HKLM][64Bits] -- WTA-9b007d41-5cf7-4ade-b4f6-8809e1108379

O42 - Logiciel: PokerStars.fr - (.PokerStars.fr.) [HKLM][64Bits] -- PokerStars.fr

O42 - Logiciel: QuickEngine - (.Tlapia.) [HKLM][64Bits] -- QuickEngine 1.0.1

O42 - Logiciel: QuickEngine - (.Tlapia.) [HKLM][64Bits] -- {FE1FC5C3-6A09-4D3F-B084-6A5288AFE8F9}

O42 - Logiciel: Re-markit - (.Re-markit Software.) [HKLM][64Bits] -- {49b4f70f-f101-435c-ac77-0d6be35fbb33} =>PUP.ReMarkIt

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}

O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller

O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054}

O42 - Logiciel: Spotify - (.Spotify AB.) [HKLM][64Bits] -- Spotify

O42 - Logiciel: Tales of Lagoona - (.WildTangent.) [HKLM][64Bits] -- WTA-21fca457-e155-422a-a7fb-c0522834482d

O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App

O42 - Logiciel: Visual Studio 2005 Tools pour Office Second Edition Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Visual Studio 2005 Tools for Office Runtime

O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- Visual Studio Tools for the Office system 3.0 Runtime

O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8FB53850-246A-3507-8ADE-0060093FFEA6}

O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949 - (.Microsoft Corporation.) [HKLM][64Bits] -- {8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258

O42 - Logiciel: WildTangent Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent wildgames Master Uninstall

O42 - Logiciel: WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer

O42 - Logiciel: ZebHelpProcess 2013 - (.Nicolas Coolman.) [HKLM][64Bits] -- ZebHelpProcess_is1

O42 - Logiciel: clear.fi SDK - Video 2 - (.CyberLink Corp..) [HKLM][64Bits] -- {EBA33CAD-E071-48d5-A168-FBA4EEB42E93}

O42 - Logiciel: clear.fi SDK- Movie 2 - (.CyberLink Corp..) [HKLM][64Bits] -- {35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}

O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM][64Bits] -- {91589413-6675-4C27-8AFC-EFB9103B90A5} =>Toolbar.eBay

O42 - Logiciel: fst_fr_17 - (.FREESOFTTODAY.) [HKLM][64Bits] -- fst_fr_17_is1 =>Adware.FreeSoftToday

O42 - Logiciel: sysTPL - (.Tlapia.) [HKLM][64Bits] -- {4B74BC31-B353-4B8F-8CBE-DAB4FF326FF1}

~ Logic: 136 Scanned in 00mn 00s

---\\ HKCU & HKLM Software Keys

[HKCU\Software\AppDataLow\Software\Re_markit] =>PUP.ReMarkIt

[HKCU\Software\AppDataLow]

[HKCU\Software\Borland]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Cyberlink]

[HKCU\Software\EPSON]

[HKCU\Software\Google]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Ludi]

[HKCU\Software\MGS]

[HKCU\Software\Macromedia]

[HKCU\Software\McAfee]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\OEM]

[HKCU\Software\OpenOffice.org]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Realtek]

[HKCU\Software\RegisteredApplications]

[HKCU\Software\SIEN SA]

[HKCU\Software\Software]

[HKCU\Software\Trolltech]

[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\VSRevoGroup]

[HKCU\Software\Wow6432Node]

[HKCU\Software\ZebHelpProcess Helper]

[HKCU\Software\sysTPL]

[HKLM\Software\AGEIA Technologies]

[HKLM\Software\ATI Technologies]

[HKLM\Software\Borland]

[HKLM\Software\Classes]

[HKLM\Software\Clearfi]

[HKLM\Software\Clients]

[HKLM\Software\CyberLink]

[HKLM\Software\DTS]

[HKLM\Software\Dolby]

[HKLM\Software\EPSON]

[HKLM\Software\Intel]

[HKLM\Software\Khronos]

[HKLM\Software\Knowles]

[HKLM\Software\Logitech]

[HKLM\Software\Macromedia]

[HKLM\Software\McAfee.com]

[HKLM\Software\McAfee]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\ODBC]

[HKLM\Software\OEM]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\SRS Labs]

[HKLM\Software\SonicFocus]

[HKLM\Software\Symantec]

[HKLM\Software\Waves Audio]

[HKLM\Software\Wow6432Node\AGEIA Technologies]

[HKLM\Software\Wow6432Node\AdwCleaner]

[HKLM\Software\Wow6432Node\Borland]

[HKLM\Software\Wow6432Node\Caphyon]

[HKLM\Software\Wow6432Node\Classes]

[HKLM\Software\Wow6432Node\Clearfi]

[HKLM\Software\Wow6432Node\Clients]

[HKLM\Software\Wow6432Node\CyberLink]

[HKLM\Software\Wow6432Node\EPSON]

[HKLM\Software\Wow6432Node\Google]

[HKLM\Software\Wow6432Node\Intel]

[HKLM\Software\Wow6432Node\Khronos]

[HKLM\Software\Wow6432Node\Macromedia]

[HKLM\Software\Wow6432Node\McAfee.com]

[HKLM\Software\Wow6432Node\McAfee]

[HKLM\Software\Wow6432Node\MozillaPlugins]

[HKLM\Software\Wow6432Node\Mozilla]

[HKLM\Software\Wow6432Node\NVIDIA Corporation]

[HKLM\Software\Wow6432Node\Nero]

[HKLM\Software\Wow6432Node\Norton]

[HKLM\Software\Wow6432Node\ODBC]

[HKLM\Software\Wow6432Node\OEM]

[HKLM\Software\Wow6432Node\OpenOffice.org]

[HKLM\Software\Wow6432Node\Policies]

[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]

[HKLM\Software\Wow6432Node\Realtek]

[HKLM\Software\Wow6432Node\RegisteredApplications]

[HKLM\Software\Wow6432Node\SIEN SA]

[HKLM\Software\Wow6432Node\SiteAdvisor]

[HKLM\Software\Wow6432Node\Software]

[HKLM\Software\Wow6432Node\Symantec]

[HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive

[HKLM\Software\Wow6432Node\WildTangent]

[HKLM\Software\Wow6432Node\do-searchSoftware] =>PUP.DoSearches

[HKLM\Software\Wow6432Node]

~ Key Software: 155 Scanned in 00mn 00s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 09/10/2013 - 19:53:19 - [421,479] ----D C:\Program Files (x86)\Acer

O43 - CFD: 04/07/2013 - 21:57:00 - [9,832] ----D C:\Program Files (x86)\Acer Remote

O43 - CFD: 04/07/2013 - 21:57:02 - [157,893] ---AD C:\Program Files (x86)\Acer Remote Demo

O43 - CFD: 04/07/2013 - 22:09:55 - [0] ----D C:\Program Files (x86)\AGEIA Technologies

O43 - CFD: 22/11/2013 - 17:03:12 - [381,404] ----D C:\Program Files (x86)\Common Files

O43 - CFD: 01/03/2013 - 07:20:02 - [159,468] ----D C:\Program Files (x86)\CyberLink

O43 - CFD: 21/11/2013 - 19:28:53 - [0] ----D C:\Program Files (x86)\DsNET Corp

O43 - CFD: 06/10/2013 - 10:35:37 - [3,221] ----D C:\Program Files (x86)\enginesysTPL

O43 - CFD: 21/11/2013 - 19:04:06 - [8,184] ----D C:\Program Files (x86)\fst_fr_17 =>PUA.FSTfr9

O43 - CFD: 06/10/2013 - 10:56:08 - [484,771] ----D C:\Program Files (x86)\Google

O43 - CFD: 04/07/2013 - 22:28:24 - [67,552] --H-D C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 04/07/2013 - 22:12:43 - [17,936] ----D C:\Program Files (x86)\Intel

O43 - CFD: 15/11/2013 - 22:04:36 - [4,622] ----D C:\Program Files (x86)\Internet Explorer

O43 - CFD: 22/11/2013 - 20:24:13 - [0,728] ----D C:\Program Files (x86)\Ludi

O43 - CFD: 18/10/2013 - 07:43:29 - [29,419] ----D C:\Program Files (x86)\McAfee

O43 - CFD: 01/03/2013 - 07:16:03 - [0,515] ----D C:\Program Files (x86)\mcafee.com

O43 - CFD: 04/07/2013 - 22:23:33 - [2,168] ----D C:\Program Files (x86)\Microsoft Office

O43 - CFD: 26/07/2012 - 09:12:59 - [0,023] ----D C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 21/11/2013 - 19:04:15 - [0] ----D C:\Program Files (x86)\Mozilla Firefox

O43 - CFD: 01/03/2013 - 06:27:18 - [0,025] ----D C:\Program Files (x86)\MSBuild

O43 - CFD: 01/03/2013 - 07:18:53 - [150,860] ----D C:\Program Files (x86)\Nero

O43 - CFD: 04/07/2013 - 22:24:06 - [20,119] ----D C:\Program Files (x86)\Norton Online Backup ARA

O43 - CFD: 04/07/2013 - 22:23:59 - [24,843] ----D C:\Program Files (x86)\NortonInstaller

O43 - CFD: 04/07/2013 - 22:09:59 - [96,921] ----D C:\Program Files (x86)\NVIDIA Corporation

O43 - CFD: 05/10/2013 - 08:15:22 - [0,351] ----D C:\Program Files (x86)\OEM

O43 - CFD: 06/10/2013 - 10:41:52 - [296,261] ----D C:\Program Files (x86)\OpenOffice.org 3

O43 - CFD: 17/11/2013 - 18:55:42 - [110,627] ----D C:\Program Files (x86)\PokerStars.FR

O43 - CFD: 21/11/2013 - 19:27:30 - [1,105] ----D C:\Program Files (x86)\Re-markit =>PUP.ReMarkIt

O43 - CFD: 04/07/2013 - 22:13:56 - [31,149] ----D C:\Program Files (x86)\Realtek

O43 - CFD: 01/03/2013 - 06:27:18 - [36,536] ----D C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 04/07/2013 - 22:16:43 - [42,601] ----D C:\Program Files (x86)\Spotify

O43 - CFD: 04/07/2013 - 22:24:39 - [8,374] ----D C:\Program Files (x86)\Symantec

O43 - CFD: 21/11/2013 - 20:43:07 - [2,898] ----D C:\Program Files (x86)\sysTPL

O43 - CFD: 04/07/2013 - 22:14:08 - [0] --H-D C:\Program Files (x86)\Temp

O43 - CFD: 21/11/2013 - 19:27:57 - [6,523] ----D C:\Program Files (x86)\VS Revo Group

O43 - CFD: 01/03/2013 - 07:15:46 - [387,206] ----D C:\Program Files (x86)\WildGames

O43 - CFD: 01/03/2013 - 07:15:52 - [32,035] ----D C:\Program Files (x86)\WildTangent Games

O43 - CFD: 06/10/2013 - 15:44:52 - [1,038] ----D C:\Program Files (x86)\Windows Defender

O43 - CFD: 05/07/2013 - 07:49:08 - [5,466] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation

O43 - CFD: 05/07/2013 - 07:49:08 - [3,494] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation

O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Multimedia Platform

O43 - CFD: 26/07/2012 - 09:12:59 - [7,243] ----D C:\Program Files (x86)\Windows NT

O43 - CFD: 06/10/2013 - 15:40:50 - [5,226] ----D C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 26/07/2012 - 09:12:59 - [0] -SH-D C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 22/11/2013 - 17:03:38 - [138,557] ----D C:\Program Files (x86)\ZebHelpProcess

O43 - CFD: 23/11/2013 - 10:16:31 - [17,182] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman

O43 - CFD: 22/11/2013 - 17:03:12 - [7,320] ----D C:\Program Files (x86)\Common Files\Borland Shared

O43 - CFD: 04/07/2013 - 22:13:54 - [2,009] ----D C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 06/10/2013 - 09:05:18 - [0,322] ----D C:\Program Files (x86)\Common Files\logishrd

O43 - CFD: 05/10/2013 - 19:11:43 - [4,188] ----D C:\Program Files (x86)\Common Files\mcafee

O43 - CFD: 06/10/2013 - 15:44:56 - [340,267] ----D C:\Program Files (x86)\Common Files\Microsoft Shared

O43 - CFD: 01/03/2013 - 07:18:36 - [17,704] ----D C:\Program Files (x86)\Common Files\Nero

O43 - CFD: 04/07/2013 - 22:11:23 - [0,185] ----D C:\Program Files (x86)\Common Files\postureAgent

O43 - CFD: 26/07/2012 - 09:13:01 - [0,003] ----D C:\Program Files (x86)\Common Files\Services

O43 - CFD: 05/07/2013 - 07:49:08 - [9,406] ----D C:\Program Files (x86)\Common Files\System

O43 - CFD: 04/07/2013 - 22:35:23 - [0,059] ----D C:\ProgramData\Acer

O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Application Data

O43 - CFD: 22/11/2013 - 16:18:32 - [0,040] ----D C:\ProgramData\boost_interprocess

O43 - CFD: 05/10/2013 - 08:02:58 - [0] -SH-D C:\ProgramData\Bureau

O43 - CFD: 09/10/2013 - 19:49:15 - [0,114] ----D C:\ProgramData\clear.fi

O43 - CFD: 04/07/2013 - 22:28:21 - [0] ----D C:\ProgramData\CLSK

O43 - CFD: 13/10/2013 - 18:39:05 - [0,017] ----D C:\ProgramData\CyberLink

O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Desktop

O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Documents

O43 - CFD: 22/11/2013 - 15:57:43 - [5,940] ----D C:\ProgramData\EPSON

O43 - CFD: 06/10/2013 - 10:55:48 - [0,012] ----D C:\ProgramData\Google

O43 - CFD: 04/07/2013 - 22:28:24 - [0,257] ----D C:\ProgramData\install_clap

O43 - CFD: 04/07/2013 - 22:12:43 - [0,016] ----D C:\ProgramData\Intel

O43 - CFD: 07/10/2013 - 07:08:48 - [206,941] ----D C:\ProgramData\McAfee

O43 - CFD: 05/10/2013 - 08:02:58 - [0] -SH-D C:\ProgramData\Menu Démarrer

O43 - CFD: 18/10/2013 - 17:03:20 - [-1224,440] ----D C:\ProgramData\MGS

O43 - CFD: 06/10/2013 - 07:26:36 - [1322,541] -S--D C:\ProgramData\Microsoft

O43 - CFD: 05/10/2013 - 08:02:58 - [0] -SH-D C:\ProgramData\Modèles

O43 - CFD: 01/03/2013 - 07:18:36 - [0,867] ----D C:\ProgramData\Nero

O43 - CFD: 04/07/2013 - 22:24:05 - [0,220] ----D C:\ProgramData\Norton

O43 - CFD: 04/07/2013 - 22:23:59 - [0,864] ----D C:\ProgramData\NortonInstaller

O43 - CFD: 22/11/2013 - 16:18:25 - [2,267] ----D C:\ProgramData\NVIDIA

O43 - CFD: 04/07/2013 - 22:09:02 - [2,105] ----D C:\ProgramData\NVIDIA Corporation

O43 - CFD: 05/10/2013 - 08:58:07 - [0,431] ----D C:\ProgramData\OEM

O43 - CFD: 05/10/2013 - 08:15:08 - [0] ----D C:\ProgramData\OEM_YAHOO

O43 - CFD: 06/10/2013 - 15:51:27 - [0,038] ----D C:\ProgramData\PRICache

O43 - CFD: 04/07/2013 - 22:23:36 - [0,002] ----D C:\ProgramData\regid.1991-06.com.microsoft

O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Start Menu

O43 - CFD: 04/07/2013 - 22:24:39 - [0,415] ----D C:\ProgramData\Symantec

O43 - CFD: 04/07/2013 - 22:28:24 - [1,409] ----D C:\ProgramData\Temp

O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Templates

O43 - CFD: 01/03/2013 - 07:15:52 - [1081,423] ----D C:\ProgramData\WildTangent

O43 - CFD: 09/10/2013 - 19:45:12 - [0] ----D C:\Users\martial\AppData\Roaming\acer

O43 - CFD: 05/10/2013 - 08:15:16 - [0] ----D C:\Users\martial\AppData\Roaming\AcerRemote

O43 - CFD: 05/10/2013 - 08:14:43 - [0] ----D C:\Users\martial\AppData\Roaming\Adobe

O43 - CFD: 09/11/2013 - 13:04:04 - [0] ----D C:\Users\martial\AppData\Roaming\Google

O43 - CFD: 05/10/2013 - 08:14:43 - [0,001] ----D C:\Users\martial\AppData\Roaming\Macromedia

O43 - CFD: 09/10/2013 - 19:53:22 - [0,712] -S--D C:\Users\martial\AppData\Roaming\Microsoft

O43 - CFD: 06/10/2013 - 10:43:24 - [30,915] ----D C:\Users\martial\AppData\Roaming\OpenOffice.org

O43 - CFD: 23/11/2013 - 10:17:40 - [0,016] ----D C:\Users\martial\AppData\Roaming\ZHP =>.Nicolas Coolman

O43 - CFD: 09/10/2013 - 19:53:48 - [0,005] ----D C:\Users\martial\AppData\Local\Acer

O43 - CFD: 09/10/2013 - 19:51:58 - [84,627] ----D C:\Users\martial\AppData\Local\AcerCloud

O43 - CFD: 05/10/2013 - 08:13:49 - [0] -SH-D C:\Users\martial\AppData\Local\Application Data

O43 - CFD: 10/10/2013 - 17:58:46 - [6,926] ----D C:\Users\martial\AppData\Local\clear.fi

O43 - CFD: 09/10/2013 - 19:48:40 - [248,290] ----D C:\Users\martial\AppData\Local\ClearfiMedia

O43 - CFD: 09/10/2013 - 19:44:51 - [153,957] ----D C:\Users\martial\AppData\Local\ClearfiPhoto

O43 - CFD: 21/11/2013 - 19:36:21 - [0] ----D C:\Users\martial\AppData\Local\CrashDumps

O43 - CFD: 13/10/2013 - 18:38:58 - [0,103] ----D C:\Users\martial\AppData\Local\Cyberlink

O43 - CFD: 09/10/2013 - 19:51:04 - [35,079] ----D C:\Users\martial\AppData\Local\Doc

O43 - CFD: 23/11/2013 - 09:52:52 - [7,311] ----D C:\Users\martial\AppData\Local\fst_fr_17 =>PUA.FSTfr9

O43 - CFD: 08/10/2013 - 08:54:06 - [217,418] ----D C:\Users\martial\AppData\Local\Google

O43 - CFD: 05/10/2013 - 08:13:49 - [0] -SH-D C:\Users\martial\AppData\Local\Historique

O43 - CFD: 06/10/2013 - 09:35:52 - [20,968] ----D C:\Users\martial\AppData\Local\Ludi

O43 - CFD: 09/10/2013 - 13:44:32 - [138,184] ----D C:\Users\martial\AppData\Local\Microsoft

O43 - CFD: 06/10/2013 - 15:51:28 - [113,011] ----D C:\Users\martial\AppData\Local\Packages

O43 - CFD: 22/11/2013 - 20:00:45 - [2,738] ----D C:\Users\martial\AppData\Local\PokerStars.FR

O43 - CFD: 21/11/2013 - 19:04:00 - [0] ----D C:\Users\martial\AppData\Local\Programs

O43 - CFD: 23/11/2013 - 10:16:06 - [32,815] ----D C:\Users\martial\AppData\Local\Temp

O43 - CFD: 05/10/2013 - 08:13:49 - [0] -SH-D C:\Users\martial\AppData\Local\Temporary Internet Files

O43 - CFD: 13/10/2013 - 18:38:53 - [0,494] ----D C:\Users\martial\AppData\Local\VirtualStore

O43 - CFD: 26/07/2012 - 09:13:00 - [0,004] R---D C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

O43 - CFD: 26/07/2012 - 09:13:00 - [0,001] R---D C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

O43 - CFD: 15/10/2013 - 10:02:25 - [0] R---D C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

O43 - CFD: 05/10/2013 - 08:25:36 - [0,003] ----D C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ludi

O43 - CFD: 26/07/2012 - 09:13:00 - [0] ----D C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

O43 - CFD: 05/10/2013 - 20:23:04 - [0,003] ----D C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.FR

O43 - CFD: 21/11/2013 - 19:27:58 - [0,005] ----D C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller

O43 - CFD: 15/10/2013 - 10:02:25 - [0,001] R---D C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

O43 - CFD: 26/07/2012 - 09:13:00 - [0,005] R---D C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

~ Program Folder: 125 Scanned in 00mn 24s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.97F8694D6CDD8A3BBDF0A24D9B321C7B] - 14/11/2013 - 08:21:21 ---A- . (.Microsoft Corporation - Interface utilisateur d’authentification Wi.) -- C:\Windows\SysNative\authui.dll [2304512]

O44 - LFC:[MD5.97F8694D6CDD8A3BBDF0A24D9B321C7B] - 14/11/2013 - 08:21:21 ---A- . (.Microsoft Corporation - Interface utilisateur d’authentification Wi.) -- C:\Windows\System32\authui.dll [2304512]

O44 - LFC:[MD5.4F54EB37483A890F8C19478207FC5004] - 14/11/2013 - 08:21:28 ---A- . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\SysNative\schannel.dll [419328]

O44 - LFC:[MD5.4F54EB37483A890F8C19478207FC5004] - 14/11/2013 - 08:21:28 ---A- . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll [419328]

O44 - LFC:[MD5.BEB9FF627ACB97F10D0B65D404D62C7A] - 14/11/2013 - 08:21:30 ---A- . (.Microsoft Corporation - Direct3D 11 Runtime.) -- C:\Windows\SysNative\d3d11.dll [2062848]

O44 - LFC:[MD5.BEB9FF627ACB97F10D0B65D404D62C7A] - 14/11/2013 - 08:21:30 ---A- . (.Microsoft Corporation - Direct3D 11 Runtime.) -- C:\Windows\System32\d3d11.dll [2062848]

O44 - LFC:[MD5.EFB4937249C7E4D57F69CC4B1986BC4B] - 14/11/2013 - 08:21:33 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\SysNative\jscript.dll [855552]

O44 - LFC:[MD5.EFB4937249C7E4D57F69CC4B1986BC4B] - 14/11/2013 - 08:21:33 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript.dll [855552]

O44 - LFC:[MD5.3E86B4126D4CD0D9CA5B78DBE9F8D7CB] - 14/11/2013 - 08:21:33 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\SysNative\ie4uinit.exe [51712]

O44 - LFC:[MD5.3E86B4126D4CD0D9CA5B78DBE9F8D7CB] - 14/11/2013 - 08:21:33 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe [51712]

O44 - LFC:[MD5.1E47964351EA38C20A8E28B413769C80] - 14/11/2013 - 08:21:34 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\SysNative\msfeeds.dll [603136]

O44 - LFC:[MD5.1E47964351EA38C20A8E28B413769C80] - 14/11/2013 - 08:21:34 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [603136]

O44 - LFC:[MD5.A96B3E9D360DE75B09EE77698A54412B] - 14/11/2013 - 08:21:35 ---A- . (.Microsoft Corporation - Utilitaire à l’exécution pour Internet Expl.) -- C:\Windows\SysNative\iertutil.dll [2648576]

O44 - LFC:[MD5.A96B3E9D360DE75B09EE77698A54412B] - 14/11/2013 - 08:21:35 ---A- . (.Microsoft Corporation - Utilitaire à l’exécution pour Internet Expl.) -- C:\Windows\System32\iertutil.dll [2648576]

O44 - LFC:[MD5.9706C99DAEBE3FEAC811B239617E98C4] - 14/11/2013 - 08:21:36 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\SysNative\wininet.dll [2241536]

O44 - LFC:[MD5.9706C99DAEBE3FEAC811B239617E98C4] - 14/11/2013 - 08:21:36 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2241536]

O44 - LFC:[MD5.F13305A81317DDAEA3968D2D8EC0C0A4] - 14/11/2013 - 08:21:36 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysNative\urlmon.dll [1364992]

O44 - LFC:[MD5.F13305A81317DDAEA3968D2D8EC0C0A4] - 14/11/2013 - 08:21:36 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1364992]

O44 - LFC:[MD5.90868BDD4047BF951E03620961945149] - 14/11/2013 - 08:21:37 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\SysNative\jscript9.dll [3959808]

O44 - LFC:[MD5.90868BDD4047BF951E03620961945149] - 14/11/2013 - 08:21:37 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript9.dll [3959808]

O44 - LFC:[MD5.9991ABD246ED906CF420B2CA08BF685A] - 14/11/2013 - 08:21:37 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\SysNative\ieframe.dll [15404544]

O44 - LFC:[MD5.9991ABD246ED906CF420B2CA08BF685A] - 14/11/2013 - 08:21:37 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [15404544]

O44 - LFC:[MD5.25C356A79B7002E0A20AAF592ED59DE4] - 14/11/2013 - 08:21:42 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\SysNative\mshtml.dll [19269632]

O44 - LFC:[MD5.25C356A79B7002E0A20AAF592ED59DE4] - 14/11/2013 - 08:21:42 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll [19269632]

O44 - LFC:[MD5.E455C83E029121270BED73CDAC381F37] - 14/11/2013 - 08:21:56 ---A- . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\SysNative\IKEEXT.DLL [1160192]

O44 - LFC:[MD5.E455C83E029121270BED73CDAC381F37] - 14/11/2013 - 08:21:56 ---A- . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\IKEEXT.DLL [1160192]

O44 - LFC:[MD5.53AA55632B94622F2DC3695E86EF9363] - 14/11/2013 - 08:21:56 ---A- . (.Microsoft Corporation - Moteur de filtrage de base.) -- C:\Windows\SysNative\BFE.DLL [723968]

O44 - LFC:[MD5.53AA55632B94622F2DC3695E86EF9363] - 14/11/2013 - 08:21:56 ---A- . (.Microsoft Corporation - Moteur de filtrage de base.) -- C:\Windows\System32\BFE.DLL [723968]

O44 - LFC:[MD5.44BB9C31E6242C4BD1CE7C2B440C2533] - 14/11/2013 - 08:21:56 ---A- . (.Microsoft Corporation - WFP NDIS 6.30 Lightweight Filter Driver.) -- C:\Windows\System32\Drivers\wfplwfs.sys [96600]

O44 - LFC:[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - 14/11/2013 - 08:21:57 ---A- . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\Windows\System32\Drivers\afd.sys [576512]

O44 - LFC:[MD5.61EE56D354A5B425845F6A38CE401F92] - 14/11/2013 - 08:22:03 ---A- . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\SysNative\crypt32.dll [1890816]

O44 - LFC:[MD5.61EE56D354A5B425845F6A38CE401F92] - 14/11/2013 - 08:22:03 ---A- . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll [1890816]

O44 - LFC:[MD5.2299D30B0C3F41687127DDAC5B3CAC32] - 14/11/2013 - 08:22:05 ---A- . (.Microsoft Corporation - GDI Client DLL.) -- C:\Windows\SysNative\gdi32.dll [1300992]

O44 - LFC:[MD5.2299D30B0C3F41687127DDAC5B3CAC32] - 14/11/2013 - 08:22:05 ---A- . (.Microsoft Corporation - GDI Client DLL.) -- C:\Windows\System32\gdi32.dll [1300992]

O44 - LFC:[MD5.59A3F0EE45069600241CEF1A3A165000] - 14/11/2013 - 08:22:15 ---A- . (.Microsoft Corporation - Authentication Provider.) -- C:\Windows\SysNative\storewuauth.dll [175104]

O44 - LFC:[MD5.59A3F0EE45069600241CEF1A3A165000] - 14/11/2013 - 08:22:15 ---A- . (.Microsoft Corporation - Authentication Provider.) -- C:\Windows\System32\storewuauth.dll [175104]

O44 - LFC:[MD5.C85F997D1BC04C5D0C8193183C70D6E4] - 14/11/2013 - 08:22:15 ---A- . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\SysNative\wuapp.exe [40448]

O44 - LFC:[MD5.C85F997D1BC04C5D0C8193183C70D6E4] - 14/11/2013 - 08:22:15 ---A- . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\System32\wuapp.exe [40448]

O44 - LFC:[MD5.71966AEA65DCCE5A749B27D07DFA524E] - 14/11/2013 - 08:22:15 ---A- . (.Microsoft Corporation - Windows Update WUDriver Stub.) -- C:\Windows\SysNative\wudriver.dll [99328]

O44 - LFC:[MD5.71966AEA65DCCE5A749B27D07DFA524E] - 14/11/2013 - 08:22:15 ---A- . (.Microsoft Corporation - Windows Update WUDriver Stub.) -- C:\Windows\System32\wudriver.dll [99328]

O44 - LFC:[MD5.96486A251B78FFBD9C559C78054BAD59] - 14/11/2013 - 08:22:16 ---A- . (.Microsoft Corporation - DLL de l’API des services Web pour périphér.) -- C:\Windows\SysNative\WSDApi.dll [599040]

O44 - LFC:[MD5.96486A251B78FFBD9C559C78054BAD59] - 14/11/2013 - 08:22:16 ---A- . (.Microsoft Corporation - DLL de l’API des services Web pour périphér.) -- C:\Windows\System32\WSDApi.dll [599040]

O44 - LFC:[MD5.05238CE241F616ECFE061C3363FFD8F7] - 14/11/2013 - 08:22:16 ---A- . (.Microsoft Corporation - Windows Update Modern WuApp.) -- C:\Windows\SysNative\WUSettingsProvider.dll [252928]

O44 - LFC:[MD5.05238CE241F616ECFE061C3363FFD8F7] - 14/11/2013 - 08:22:16 ---A- . (.Microsoft Corporation - Windows Update Modern WuApp.) -- C:\Windows\System32\WUSettingsProvider.dll [252928]

O44 - LFC:[MD5.7F77886AC6F915075DC0C37264B02713] - 14/11/2013 - 08:22:16 ---A- . (.Microsoft Corporation - Windows Update Vista Web Control.) -- C:\Windows\SysNative\wuwebv.dll [142848]

O44 - LFC:[MD5.7F77886AC6F915075DC0C37264B02713] - 14/11/2013 - 08:22:16 ---A- . (.Microsoft Corporation - Windows Update Vista Web Control.) -- C:\Windows\System32\wuwebv.dll [142848]

O44 - LFC:[MD5.DA041324BA6417672F464BCCD7B4028F] - 14/11/2013 - 08:22:16 ---A- . (.Microsoft Corporation - Windows Update.) -- C:\Windows\SysNative\wuauclt.exe [59416]

O44 - LFC:[MD5.DA041324BA6417672F464BCCD7B4028F] - 14/11/2013 - 08:22:16 ---A- . (.Microsoft Corporation - Windows Update.) -- C:\Windows\System32\wuauclt.exe [59416]

O44 - LFC:[MD5.C1646A95EAC515F60CDB2A7A8A013C1E] - 14/11/2013 - 08:22:17 ---A- . (.Microsoft Corporation - BitLocker Drive Encryption Driver.) -- C:\Windows\System32\Drivers\fvevol.sys [465240]

O44 - LFC:[MD5.07C872F13ACC81A5F10DEC6CF37BF9A8] - 14/11/2013 - 08:22:17 ---A- . (.Microsoft Corporation - Crash Dump Driver.) -- C:\Windows\System32\Drivers\crashdmp.sys [61784]

O44 - LFC:[MD5.16C7029B1FBD1F80B2337933E66BF793] - 14/11/2013 - 08:22:17 ---A- . (.Microsoft Corporation - DLL du Gestionnaire de processus d’arrière-.) -- C:\Windows\SysNative\ubpm.dll [328192]

O44 - LFC:[MD5.16C7029B1FBD1F80B2337933E66BF793] - 14/11/2013 - 08:22:17 ---A- . (.Microsoft Corporation - DLL du Gestionnaire de processus d’arrière-.) -- C:\Windows\System32\ubpm.dll [328192]

O44 - LFC:[MD5.4AF9E996881DD382EF34C094FFF26670] - 14/11/2013 - 08:22:17 ---A- . (.Microsoft Corporation - Expérience utilisateur du client Windows Up.) -- C:\Windows\SysNative\wucltux.dll [1622016]

O44 - LFC:[MD5.4AF9E996881DD382EF34C094FFF26670] - 14/11/2013 - 08:22:17 ---A- . (.Microsoft Corporation - Expérience utilisateur du client Windows Up.) -- C:\Windows\System32\wucltux.dll [1622016]

O44 - LFC:[MD5.510A64BC84EA509337AAA67A888F101C] - 14/11/2013 - 08:22:17 ---A- . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\SysNative\kerberos.dll [817152]

O44 - LFC:[MD5.510A64BC84EA509337AAA67A888F101C] - 14/11/2013 - 08:22:17 ---A- . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll [817152]

O44 - LFC:[MD5.E94F7A7B48C7638D1F3F8089344C97B7] - 14/11/2013 - 08:22:17 ---A- . (.Microsoft Corporation - Pilote de périphérique TPM.) -- C:\Windows\System32\Drivers\tpm.sys [151896]

O44 - LFC:[MD5.11F1BA1F5D9D63DA9332FB48E316CF20] - 14/11/2013 - 08:22:18 ---A- . (.Microsoft Corporation - API du client Windows Update.) -- C:\Windows\SysNative\wuapi.dll [773120]

O44 - LFC:[MD5.11F1BA1F5D9D63DA9332FB48E316CF20] - 14/11/2013 - 08:22:18 ---A- . (.Microsoft Corporation - API du client Windows Update.) -- C:\Windows\System32\wuapi.dll [773120]

O44 - LFC:[MD5.58FE249FBABBA09A98EBAF28B0E0C382] - 14/11/2013 - 08:22:18 ---A- . (.Microsoft Corporation - Programme principal d’automation de l’inter.) -- C:\Windows\SysNative\UIAutomationCore.dll [1173504]

O44 - LFC:[MD5.58FE249FBABBA09A98EBAF28B0E0C382] - 14/11/2013 - 08:22:18 ---A- . (.Microsoft Corporation - Programme principal d’automation de l’inter.) -- C:\Windows\System32\UIAutomationCore.dll [1173504]

O44 - LFC:[MD5.5EE919B9C3056B399E488A9B253E258A] - 14/11/2013 - 08:22:19 ---A- . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\SysNative\wuaueng.dll [3279360]

O44 - LFC:[MD5.5EE919B9C3056B399E488A9B253E258A] - 14/11/2013 - 08:22:19 ---A- . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll [3279360]

O44 - LFC:[MD5.B37AF4CB7C5BBE8ABF0CD7E796AB1EB3] - 14/11/2013 - 08:22:21 ---A- . (.Microsoft Corporation - Windows.UI.Xaml dll.) -- C:\Windows\SysNative\Windows.UI.Xaml.dll [13661696]

O44 - LFC:[MD5.B37AF4CB7C5BBE8ABF0CD7E796AB1EB3] - 14/11/2013 - 08:22:21 ---A- . (.Microsoft Corporation - Windows.UI.Xaml dll.) -- C:\Windows\System32\Windows.UI.Xaml.dll [13661696]

O44 - LFC:[MD5.971BCACC7310DB7B8373F6D6DD5B956F] - 14/11/2013 - 08:25:51 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\SysNative\MRT.exe [82896128]

O44 - LFC:[MD5.971BCACC7310DB7B8373F6D6DD5B956F] - 14/11/2013 - 08:25:51 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [82896128]

O44 - LFC:[MD5.CAC3C21BC3C76622ABD491774F03C914] - 21/11/2013 - 21:00:07 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [307832]

O44 - LFC:[MD5.CAC3C21BC3C76622ABD491774F03C914] - 21/11/2013 - 21:00:07 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [307832]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/11/2013 - 15:56:50 ---A- . (...) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.0761A20F62DDB60A0DBE3FB8EFEA909B] - 22/11/2013 - 15:56:52 ---A- . (...) -- C:\Windows\setupact.log [778]

O44 - LFC:[MD5.8159960E8BA20F1C4A4EBCF0DAEC60E5] - 22/11/2013 - 15:57:33 ---A- . (.SEIKO EPSON CORPORATION - ECBTEGB AMD64.) -- C:\Windows\SysNative\E_ID4BIKE.DLL [83968]

O44 - LFC:[MD5.8159960E8BA20F1C4A4EBCF0DAEC60E5] - 22/11/2013 - 15:57:33 ---A- . (.SEIKO EPSON CORPORATION - ECBTEGB AMD64.) -- C:\Windows\System32\E_ID4BIKE.DLL [83968]

O44 - LFC:[MD5.9459134133FB09BA956A28AAFAE78186] - 22/11/2013 - 15:57:33 ---A- . (.SEIKO EPSON CORPORATION - EPSON Bi-directional Monitor AMD64.) -- C:\Windows\SysNative\E_ILMIKE.DLL [120320]

O44 - LFC:[MD5.9459134133FB09BA956A28AAFAE78186] - 22/11/2013 - 15:57:33 ---A- . (.SEIKO EPSON CORPORATION - EPSON Bi-directional Monitor AMD64.) -- C:\Windows\System32\E_ILMIKE.DLL [120320]

O44 - LFC:[MD5.BAC5074667751F72A9CE48CDC31BAC48] - 22/11/2013 - 15:57:34 ---A- . (.SEIKO EPSON CORP. - E_GCINST.) -- C:\Windows\SysNative\E_GCINST.DLL [10752]

O44 - LFC:[MD5.BAC5074667751F72A9CE48CDC31BAC48] - 22/11/2013 - 15:57:34 ---A- . (.SEIKO EPSON CORP. - E_GCINST.) -- C:\Windows\System32\E_GCINST.DLL [10752]

O44 - LFC:[MD5.75FCBFA584A33DB66C59DC5438332C88] - 22/11/2013 - 16:23:07 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1793362]

O44 - LFC:[MD5.1A7FD75AC7B4441E71CFB850D73B3A35] - 22/11/2013 - 16:23:07 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [132416]

O44 - LFC:[MD5.135E0B5BFD81B10DF44C5AA43307DFFE] - 22/11/2013 - 16:23:07 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [155444]

O44 - LFC:[MD5.9FAE5AC327A1A9793D46D7543702B9D6] - 22/11/2013 - 16:23:07 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [710046]

O44 - LFC:[MD5.CCC1B9ABDD545C149B70791EF1CBC330] - 22/11/2013 - 16:23:07 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [799736]

O44 - LFC:[MD5.75FCBFA584A33DB66C59DC5438332C88] - 22/11/2013 - 16:23:07 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1793362]

O44 - LFC:[MD5.1A7FD75AC7B4441E71CFB850D73B3A35] - 22/11/2013 - 16:23:07 ---A- . (...) -- C:\Windows\System32\perfc009.dat [132416]

O44 - LFC:[MD5.135E0B5BFD81B10DF44C5AA43307DFFE] - 22/11/2013 - 16:23:07 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [155444]

O44 - LFC:[MD5.9FAE5AC327A1A9793D46D7543702B9D6] - 22/11/2013 - 16:23:07 ---A- . (...) -- C:\Windows\System32\perfh009.dat [710046]

O44 - LFC:[MD5.CCC1B9ABDD545C149B70791EF1CBC330] - 22/11/2013 - 16:23:07 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [799736]

O44 - LFC:[MD5.0AE4FE7EEBFB622892D8E1BEEF696716] - 22/11/2013 - 21:48:46 ---A- . (...) -- C:\PDOXUSRS.NET [13030]

O44 - LFC:[MD5.E00BA18D7F4D2F86C0F70442602D1407] - 23/11/2013 - 09:19:21 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.A5F35A66D32D586FD72FD73944636D98] - 23/11/2013 - 09:39:47 ---A- . (...) -- C:\Windows\WindowsUpdate.log [172612]

~ Files: 90 Scanned in 00mn 54s

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)

O45 - LFCP:[MD5.9EE1ACC6DC25136AE01CBC1C701CC778] - 02/11/2013 - 09:54:46 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-7761B15A.pf

O45 - LFCP:[MD5.E7A2053C1E8989A02497BC30EA97B9D6] - 03/11/2013 - 20:59:06 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-39AABA37.pf

O45 - LFCP:[MD5.58FA3F35C24CD832363DF458F92AC256] - 16/11/2013 - 08:19:09 ---A- - C:\Windows\Prefetch\AgCx_SC4.db

O45 - LFCP:[MD5.CBC30147EA452836929BF996BC5D4C9B] - 16/11/2013 - 19:04:40 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-276AC160.pf

O45 - LFCP:[MD5.F3F7C2AB8B17CF85693F93CD94798F50] - 19/11/2013 - 14:51:50 ---A- - C:\Windows\Prefetch\AgCx_SC2.db

O45 - LFCP:[MD5.4D979D38DD1AB4EEEF689599E3E68162] - 19/11/2013 - 18:33:27 ---A- - C:\Windows\Prefetch\WEBCAM.EXE-0FC158C9.pf

O45 - LFCP:[MD5.913B5303B6E1A5638B6A35D245452EBC] - 21/11/2013 - 08:18:31 ---A- - C:\Windows\Prefetch\ARA.EXE-A6FD5EAC.pf

O45 - LFCP:[MD5.04BD4B31D37FA5657C0755C86DDE3228] - 21/11/2013 - 09:12:39 ---A- - C:\Windows\Prefetch\dynreservedpri.db

O45 - LFCP:[MD5.39F25A5A9E9B5005CA171D4DEA1C56C1] - 21/11/2013 - 13:39:41 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-F7FB8768.pf

O45 - LFCP:[MD5.881393E2006D5CB6B7331AF0BDAC2DCE] - 21/11/2013 - 13:47:36 ---A- - C:\Windows\Prefetch\SETUP_WM.EXE-5D2609E7.pf

O45 - LFCP:[MD5.9DA269072ECE0E9DD90B6E759B0CE515] - 21/11/2013 - 13:48:00 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-08E78623.pf

O45 - LFCP:[MD5.384CBB28162789619D67A460C17BA05F] - 21/11/2013 - 13:48:04 ---A- - C:\Windows\Prefetch\CREDENTIALUIBROKER.EXE-E9F92FD0.pf

O45 - LFCP:[MD5.B0B1EAB91AC3FC0A0E673EDD19F41F8F] - 21/11/2013 - 13:51:35 ---A- - C:\Windows\Prefetch\CLEARFIPHOTO.EXE-2A1AA70C.pf

O45 - LFCP:[MD5.8C0A083604B3CD7FBFD712D2F2B3E35F] - 21/11/2013 - 13:56:14 ---A- - C:\Windows\Prefetch\FIRSTRUN.EXE-3834855C.pf

O45 - LFCP:[MD5.47006D8C25228CF49DF4A0B4050D39B6] - 21/11/2013 - 19:03:04 ---A- - C:\Windows\Prefetch\INS3505.EXE-95E26A3F.pf

O45 - LFCP:[MD5.8854EC267423106D74D2EC2570A0CF91] - 21/11/2013 - 19:03:52 ---A- - C:\Windows\Prefetch\IMINENTSETUP_2810-7318364C.EX-EA0163E7.pf =>Adware.IMBooster

O45 - LFCP:[MD5.A156B96252472CF748B48CAF3C28C1BD] - 21/11/2013 - 19:04:06 ---A- - C:\Windows\Prefetch\FST_FR_1411-2D39FE62.TMP-284611FC.pf =>PUA.FSTfr9

O45 - LFCP:[MD5.E22E3F68CA4779759AEC27BE77705AE7] - 21/11/2013 - 19:04:14 ---A- - C:\Windows\Prefetch\IMINENTMINIBARIE.EXE-17DEEEE9.pf =>Adware.IMBooster

O45 - LFCP:[MD5.FA6D4621FD24E23BC8C5D361792B8CCC] - 21/11/2013 - 19:05:11 ---A- - C:\Windows\Prefetch\APN_ATU3_.EXE-87D19F27.pf

O45 - LFCP:[MD5.63E91A1069EBCF295638D96B7D28D3BE] - 21/11/2013 - 19:07:24 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-3714B256.pf

O45 - LFCP:[MD5.7A84B2FCAC71E33DB2AEDB7D9E548E96] - 21/11/2013 - 19:10:02 ---A- - C:\Windows\Prefetch\YCT.EXE-6FF63400.pf

O45 - LFCP:[MD5.9425F3AB7526EBB6AECAFA9389048258] - 21/11/2013 - 19:16:07 ---A- - C:\Windows\Prefetch\MCUIHOST.EXE-AE5E0AD4.pf

O45 - LFCP:[MD5.67C6A1C006253F0A3816DFB753A95B90] - 21/11/2013 - 19:27:04 ---A- - C:\Windows\Prefetch\SETUP.EXE-5E268D1B.pf

O45 - LFCP:[MD5.950E29026B508DA2E58D9179BA6C20C5] - 21/11/2013 - 19:27:39 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC.TMP-298106D4.pf =>Rogue.SpeedUpMyPC

O45 - LFCP:[MD5.C72F636D884646D3AC5345166E06AC42] - 21/11/2013 - 19:27:43 ---A- - C:\Windows\Prefetch\REVO-UNINSTALLER.EXE-96FBFD73.pf

O45 - LFCP:[MD5.027D31BC3F74984E06F6A765C9E05573] - 21/11/2013 - 19:27:55 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC-STANDALONE-SETUP.-83BB7324.pf =>Rogue.SpeedUpMyPC

O45 - LFCP:[MD5.C6D3F90C941EECA5967D486CD41E5633] - 21/11/2013 - 19:28:53 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-615B0FDD.pf

O45 - LFCP:[MD5.62EDA25817BE88F4582626D9F00B4AE3] - 21/11/2013 - 19:29:52 ---A- - C:\Windows\Prefetch\ATUBE_CATCHER.EXE-68902735.pf

O45 - LFCP:[MD5.F4081077976DF4D69DEC0EEAEFCD017F] - 21/11/2013 - 19:29:54 ---A- - C:\Windows\Prefetch\APN_ATU3_.EXE-F4D7F051.pf

O45 - LFCP:[MD5.55410B6D4B2D6234239B6965391916C2] - 21/11/2013 - 19:31:02 ---A- - C:\Windows\Prefetch\BOOTSTRAPPER.EXE-A76488EF.pf

O45 - LFCP:[MD5.6B64F98FD1341E5A7476850E72F4D028] - 21/11/2013 - 19:31:05 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-BAE57A74.pf

O45 - LFCP:[MD5.3C49B51FF8B14A6171E365B9023F859D] - 21/11/2013 - 19:31:10 ---A- - C:\Windows\Prefetch\AU_.EXE-DE061371.pf

O45 - LFCP:[MD5.01D4F9A8585F1B64BB967C32EDC650EC] - 21/11/2013 - 19:32:24 ---A- - C:\Windows\Prefetch\LOLLIPOP.EXE-45FC8545.pf =>Adware.Lollipop

O45 - LFCP:[MD5.1DD01F4306B91DF7DF68D88B83F34C6B] - 21/11/2013 - 19:39:38 ---A- - C:\Windows\Prefetch\Op-EXPLORER.EXE-03C49D11-000000F5.pf

O45 - LFCP:[MD5.48E7AB10DA05026ECE5049473B269473] - 21/11/2013 - 19:41:10 ---A- - C:\Windows\Prefetch\SUMP.EXE-9DEFAA97.pf

O45 - LFCP:[MD5.03B670F3FB20046943933B82B1F63E4A] - 21/11/2013 - 21:02:09 ---A- - C:\Windows\Prefetch\UNINS000.EXE-8FFE38A7.pf

O45 - LFCP:[MD5.EE745964BD2E1A36AA3347DB4769E35D] - 21/11/2013 - 21:02:11 ---A- - C:\Windows\Prefetch\_IU14D2N.TMP-15217156.pf

O45 - LFCP:[MD5.66B5DDAC93D6CBD074069279C2CD0505] - 21/11/2013 - 21:09:02 ---A- - C:\Windows\Prefetch\SYSTEMSETTINGS.EXE-D8CC3B5E.pf

O45 - LFCP:[MD5.EBD9B8BE66C01B040B8AD9D4E1C32431] - 21/11/2013 - 21:09:30 ---A- - C:\Windows\Prefetch\SYSTEMRESET.EXE-3E7CD9FA.pf

O45 - LFCP:[MD5.36461A18B90E8D606E1CA2CA6E55AAD9] - 22/11/2013 - 09:20:08 ---A- - C:\Windows\Prefetch\CASINOHOST.EXE-F76EE611.pf

O45 - LFCP:[MD5.5E2EA968460D7DA33BC81C01B2633B86] - 22/11/2013 - 09:22:56 ---A- - C:\Windows\Prefetch\CASINOGAME.EXE-901BA985.pf

O45 - LFCP:[MD5.5D3131ED55EEFB919F447F35E98B8C61] - 22/11/2013 - 10:10:55 ---A- - C:\Windows\Prefetch\ACEREXPLORER.EXE-CFB053F7.pf

O45 - LFCP:[MD5.B0994799DE2B2903B9E6ECDD32A220E1] - 22/11/2013 - 10:36:08 ---A- - C:\Windows\Prefetch\CCLEANER64.EXE-1137D9AC.pf =>Piriform Ltd

O45 - LFCP:[MD5.C5BFB30DFD00480E00B4143DA15C5361] - 22/11/2013 - 11:49:41 ---A- - C:\Windows\Prefetch\TRACER.EXE-A64CDF9C.pf

O45 - LFCP:[MD5.A240F5BD592E5EF1B4B16126AA664D15] - 22/11/2013 - 12:10:32 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf

O45 - LFCP:[MD5.C8B98E015FE40063E549D70F2CCB5558] - 22/11/2013 - 12:10:33 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf

O45 - LFCP:[MD5.3AAFA495B7814726213B647C333C5A10] - 22/11/2013 - 16:04:36 ---A- - C:\Windows\Prefetch\PICKERHOST.EXE-03F09186.pf

O45 - LFCP:[MD5.B272747312BA791D2816720AE48156A9] - 22/11/2013 - 16:07:09 ---A- - C:\Windows\Prefetch\XPSRCHVW.EXE-5C2D99EB.pf

O45 - LFCP:[MD5.F89836E0927B73D1CF219A9155550C64] - 22/11/2013 - 16:14:52 ---A- - C:\Windows\Prefetch\OPENWITH.EXE-BA0DC300.pf

O45 - LFCP:[MD5.C8D1BF919C83A544AF298C4C5F3F3F55] - 22/11/2013 - 16:17:33 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin

O45 - LFCP:[MD5.624BCF36722EF98C9C6F8A771E47CABB] - 22/11/2013 - 16:24:25 ---A- - C:\Windows\Prefetch\PICKERHOST.EXE-103A256A.pf

O45 - LFCP:[MD5.6B1CD94CC926247359B5778DEFA9A20F] - 22/11/2013 - 16:27:00 ---A- - C:\Windows\Prefetch\GLCND.EXE-DD45F588.pf

O45 - LFCP:[MD5.8148249BB648615448F4AA5BF6EAA85C] - 22/11/2013 - 16:32:44 ---A- - C:\Windows\Prefetch\ERUNT.EXE-4FB63CC1.pf

O45 - LFCP:[MD5.FEFCD0B4226677DAB9D58B658FEBC534] - 22/11/2013 - 16:33:48 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf

O45 - LFCP:[MD5.A1CE78C22F452BB9C075D44DF364CBF3] - 22/11/2013 - 16:36:17 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-F0516D55.pf

O45 - LFCP:[MD5.3E7B4EB8D5D793A43E0A2B26934C0AEF] - 22/11/2013 - 17:02:50 ---A- - C:\Windows\Prefetch\ZHP 2013.TMP-FB47722B.pf

O45 - LFCP:[MD5.2C38031CBECCDC4FB28826779E4311F6] - 22/11/2013 - 17:03:12 ---A- - C:\Windows\Prefetch\MINIREG.EXE-E64BE2B3.pf

O45 - LFCP:[MD5.4FBE527C70413BA45643EAA7861EEB7C] - 22/11/2013 - 17:03:35 ---A- - C:\Windows\Prefetch\ZHP2.EXE-298CA9E4.pf

O45 - LFCP:[MD5.7927D7EDBA61BD30B28AA27A48D7457E] - 22/11/2013 - 17:16:16 ---A- - C:\Windows\Prefetch\REVOUNINSTALLER.EXE-3D1962E3.pf

O45 - LFCP:[MD5.0E62745B131AA3848771ED7A04E1F95F] - 22/11/2013 - 18:38:21 ---A- - C:\Windows\Prefetch\E_IARNIKE.EXE-385A9BEA.pf

O45 - LFCP:[MD5.0953EF30E2EAB669FC65C47882558727] - 22/11/2013 - 18:43:59 ---A- - C:\Windows\Prefetch\MCAGENT.EXE-88404BE0.pf

O45 - LFCP:[MD5.F7D6C564360507B9A5B9D39754527F0C] - 22/11/2013 - 18:44:08 ---A- - C:\Windows\Prefetch\MCSVHOST.EXE-A6A2EB7B.pf

O45 - LFCP:[MD5.253E8D4C435A5590FACB0C50C0C1CCE3] - 22/11/2013 - 18:44:12 ---A- - C:\Windows\Prefetch\MCSVHOST.EXE-57FFFCAE.pf

O45 - LFCP:[MD5.962231B5FC154618C5AD72D8D05FE8E1] - 22/11/2013 - 19:02:08 ---A- - C:\Windows\Prefetch\MCINFO.EXE-545FA787.pf

O45 - LFCP:[MD5.E5C72DFAAB47ACDA7A482246BAB9ADCA] - 22/11/2013 - 19:02:10 ---A- - C:\Windows\Prefetch\MCMIGR~1.EXE-564F8E99.pf

O45 - LFCP:[MD5.91EA3EC9DCA1000A8A0AEF6E38A1A006] - 22/11/2013 - 19:17:10 ---A- - C:\Windows\Prefetch\REMARKIT_UP.EXE-703396F6.pf

O45 - LFCP:[MD5.555058B6AC3937A97423FAD83BC812C5] - 22/11/2013 - 19:22:33 ---A- - C:\Windows\Prefetch\MCHLP32.EXE-C76241FD.pf

O45 - LFCP:[MD5.45D5C08B5973AC7014BFD6BAC1760F49] - 22/11/2013 - 19:22:33 ---A- - C:\Windows\Prefetch\MCSYNC.EXE-8559D2BC.pf

O45 - LFCP:[MD5.F807E68DA1994B3B9B08E9DBE7E63CF4] - 22/11/2013 - 19:22:33 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-6520183E.pf

O45 - LFCP:[MD5.626F66A240D6F1539D8C02FE5594EFA1] - 22/11/2013 - 20:00:02 ---A- - C:\Windows\Prefetch\MCODS.EXE-B2C51095.pf

O45 - LFCP:[MD5.176A58155073FCA81E63630E91B39D71] - 22/11/2013 - 20:00:45 ---A- - C:\Windows\Prefetch\POKERSTARSUPDATE.EXE-0FBB664C.pf

O45 - LFCP:[MD5.7D8268239302B86D6809D1C60D509E0A] - 22/11/2013 - 20:00:55 ---A- - C:\Windows\Prefetch\POKERSTARS.EXE-8628E145.pf

O45 - LFCP:[MD5.E7CD24BD054B3F2DB572FDC6954C93D4] - 22/11/2013 - 20:23:27 ---A- - C:\Windows\Prefetch\LCPLUGIN27.EXE-D073CFC3.pf

O45 - LFCP:[MD5.84E0A871B5DC35465F1A0B05ECE0C346] - 22/11/2013 - 20:23:35 ---A- - C:\Windows\Prefetch\LCPLUGIN27 (1).EXE-641DB045.pf

O45 - LFCP:[MD5.B6B6AA0AF2B8F30DCB8B79B9BFA7A6C8] - 22/11/2013 - 20:24:27 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3F4.pf

O45 - LFCP:[MD5.62145E78F5395099F95913B2C4735062] - 22/11/2013 - 20:26:06 ---A- - C:\Windows\Prefetch\LCBELOTE.EXE-C2BB5F6D.pf

O45 - LFCP:[MD5.77246E5F2FEE68A101D95A3A4FD74E8E] - 22/11/2013 - 20:31:09 ---A- - C:\Windows\Prefetch\LUDI.EXE-0B61340F.pf

O45 - LFCP:[MD5.E93AF314925331AE89A78C9CC8548809] - 22/11/2013 - 20:31:19 ---A- - C:\Windows\Prefetch\LCSOLITAIRE.EXE-4E0B3917.pf

O45 - LFCP:[MD5.EFEC32233811ED9CD9C6AB3C389C89FE] - 22/11/2013 - 21:10:01 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx

O45 - LFCP:[MD5.C1C246440FB5381993B73B64EAEE47C9] - 22/11/2013 - 21:11:01 ---A- - C:\Windows\Prefetch\AgCx_SC1.db

O45 - LFCP:[MD5.CB1FA1A79A979F78DFA1BA82D534066A] - 22/11/2013 - 21:14:15 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-3778166341-1465188008-936229986-1001.db

O45 - LFCP:[MD5.D2DCB171EB779510DC85F6D489AFD243] - 22/11/2013 - 21:14:15 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-3778166341-1465188008-936229986-1001.db

O45 - LFCP:[MD5.D0EA54E94EDD5E1A35AEA8D66BCFD6A7] - 22/11/2013 - 21:30:21 ---A- - C:\Windows\Prefetch\FST_FR_17.EXE-1679EDB1.pf =>PUA.FSTfr9

O45 - LFCP:[MD5.D22169D3937C4730236F1909425F8FA3] - 22/11/2013 - 21:48:45 ---A- - C:\Windows\Prefetch\EPOWERBUTTON.EXE-98D06F6A.pf

O45 - LFCP:[MD5.F45E4791A420C837476FA30208049434] - 22/11/2013 - 21:48:45 ---A- - C:\Windows\Prefetch\SMSS.EXE-81AD91F0.pf

O45 - LFCP:[MD5.99F2D35F43D91F5941D83AF652A37EB0] - 22/11/2013 - 21:48:46 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-E35F76FB.pf

O45 - LFCP:[MD5.E5C0EB07BDAC7A805F793EBED31FC924] - 23/11/2013 - 09:19:24 ---A- - C:\Windows\Prefetch\CSRSS.EXE-A7A2B218.pf

O45 - LFCP:[MD5.CEDD580B89216149EB19F445DA2BD4BB] - 23/11/2013 - 09:19:24 ---A- - C:\Windows\Prefetch\DWM.EXE-F29FE9E2.pf

O45 - LFCP:[MD5.1D13153490AFD908F9F6E75D2520857E] - 23/11/2013 - 09:19:24 ---A- - C:\Windows\Prefetch\NVVSVC.EXE-D5489D80.pf

O45 - LFCP:[MD5.7245D9D0F987C85404216384D167B872] - 23/11/2013 - 09:19:24 ---A- - C:\Windows\Prefetch\NVXDSYNC.EXE-7855AED2.pf

O45 - LFCP:[MD5.F77864F36C4D6E493DD4738FFB627982] - 23/11/2013 - 09:19:24 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-676DE1C7.pf

O45 - LFCP:[MD5.B63A405DD7F80B08E00DFA97E776B28F] - 23/11/2013 - 09:19:24 ---A- - C:\Windows\Prefetch\WINLOGON.EXE-0D9AB72B.pf

O45 - LFCP:[MD5.C804D86764AF3A52AFE7A74FF7622F5E] - 23/11/2013 - 09:19:26 ---A- - C:\Windows\Prefetch\SYSTPLSERVICE.EXE-1B10FCEE.pf

O45 - LFCP:[MD5.FC83C9037B1FC44FBA214ED41C1743D4] - 23/11/2013 - 09:19:44 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-92038889.pf

O45 - LFCP:[MD5.13FA819222A07632A57A002BAF42788D] - 23/11/2013 - 09:19:45 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-16B8AFA3.pf

O45 - LFCP:[MD5.7AC537AF642E627AEAF5B96E3092BB5F] - 23/11/2013 - 09:19:52 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-BB49B536.pf

O45 - LFCP:[MD5.F743B376991D27032A1B706377C0BF3A] - 23/11/2013 - 09:19:53 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B865F023.pf

O45 - LFCP:[MD5.304082E7945E9E54BAAE3CD2AD8E818F] - 23/11/2013 - 09:20:06 ---A- - C:\Windows\Prefetch\MCAGENT.EXE-5C1A32B3.pf

O45 - LFCP:[MD5.CEB3A4FF98D3ABDAB48F2FD6F22287E0] - 23/11/2013 - 09:20:06 ---A- - C:\Windows\Prefetch\NOBUCLIENT.EXE-74C4A059.pf

O45 - LFCP:[MD5.E4FF23128E0DEC9E1AACAE609EB92ABC] - 23/11/2013 - 09:20:07 ---A- - C:\Windows\Prefetch\MCUICNT.EXE-D0E68351.pf

O45 - LFCP:[MD5.41F37F516F27C5083529341BB271F028] - 23/11/2013 - 09:20:07 ---A- - C:\Windows\Prefetch\QUICKSTART.EXE-98196C21.pf

O45 - LFCP:[MD5.5C537E94ABFC0CEB57EF80C87E9C3F6B] - 23/11/2013 - 09:20:09 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-E874B0D0.pf

O45 - LFCP:[MD5.167EDA14014261DC1ECCF83C51F7DAF6] - 23/11/2013 - 09:20:13 ---A- - C:\Windows\Prefetch\RAVCPL64.EXE-C0BB540D.pf

O45 - LFCP:[MD5.7247B954DEEB76AB6FED236292039DC2] - 23/11/2013 - 09:20:13 ---A- - C:\Windows\Prefetch\RUNTIMEBROKER.EXE-17E2786F.pf

O45 - LFCP:[MD5.A088DC0AF7A365CA74AEF41D97F490FE] - 23/11/2013 - 09:20:14 ---A- - C:\Windows\Prefetch\GOOGLETOOLBARNOTIFIER.EXE-B25C45A8.pf =>Toolbar.Google

O45 - LFCP:[MD5.F5F8ECE0FC4D353CAE5701A98A8E8D7E] - 23/11/2013 - 09:20:15 ---A- - C:\Windows\Prefetch\E_IATIIKE.EXE-B5F51193.pf

O45 - LFCP:[MD5.7ABF45CAFB0CE55E93E32B6F43EA0220] - 23/11/2013 - 09:20:16 ---A- - C:\Windows\Prefetch\ARCSERVER.EXE-E9376B07.pf

O45 - LFCP:[MD5.72DA2EA8ADC2E98083856ED9D51C1A2B] - 23/11/2013 - 09:20:17 ---A- - C:\Windows\Prefetch\SYSTPL.EXE-DEAA3B41.pf

O45 - LFCP:[MD5.8D063A336FCFDA84BBF3F428E152569B] - 23/11/2013 - 09:20:19 ---A- - C:\Windows\Prefetch\SOFFICE.BIN-72E915F8.pf

O45 - LFCP:[MD5.FBC2250CA22662911D64D7E60865DFE8] - 23/11/2013 - 09:20:28 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6AA5D6C5.pf

O45 - LFCP:[MD5.1395CB714AF28218B1EBB501DDBB3A74] - 23/11/2013 - 09:20:46 ---A- - C:\Windows\Prefetch\CSC.EXE-4D47A477.pf

O45 - LFCP:[MD5.B0FDB0DB6699823CE7C464D372F02D46] - 23/11/2013 - 09:20:46 ---A- - C:\Windows\Prefetch\CVTRES.EXE-9077A165.pf

O45 - LFCP:[MD5.1B47C6EC1BA5A37B3E165B4208BF14D7] - 23/11/2013 - 09:20:50 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-8329E055.pf

O45 - LFCP:[MD5.F7CB6BC1FF12E8689BDA2361496AF1BD] - 23/11/2013 - 09:20:58 ---A- - C:\Windows\Prefetch\AgCx_SC5.db

O45 - LFCP:[MD5.96373FB44A7C176DBEE8670C5B3B79B0] - 23/11/2013 - 09:21:49 ---A- - C:\Windows\Prefetch\MCHOST.EXE-428069A1.pf

O45 - LFCP:[MD5.76A3BC8F1DDA8FC0A25E87A3CAAB8D36] - 23/11/2013 - 09:22:58 ---A- - C:\Windows\Prefetch\UPFST_FR_17.EXE-02F7C8D6.pf =>PUA.FSTfr9

O45 - LFCP:[MD5.14AB4B76861D13C2ED82BB34854ABE59] - 23/11/2013 - 09:23:01 ---A- - C:\Windows\Prefetch\MAJFSTFR.EXE-93B18083.pf

O45 - LFCP:[MD5.542D920CC16BEB7ECEB42CB2C6F872AB] - 23/11/2013 - 09:23:01 ---A- - C:\Windows\Prefetch\MAJFSTFR.TMP-BB03496E.pf

O45 - LFCP:[MD5.A4956EF93DB9C5460A3497CB25660BD9] - 23/11/2013 - 09:24:21 ---A- - C:\Windows\Prefetch\MCINSTRU.EXE-F710CFF1.pf

O45 - LFCP:[MD5.951FDDA4F7DB3B5BB9ABA2A000A86625] - 23/11/2013 - 09:24:22 ---A- - C:\Windows\Prefetch\MCSMTFWK.EXE-C4692801.pf

O45 - LFCP:[MD5.48967669B91921F617D6E47775F566ED] - 23/11/2013 - 09:24:22 ---A- - C:\Windows\Prefetch\MCUICNT.EXE-050F1A86.pf

O45 - LFCP:[MD5.331F10876462685D29FA078B425E7663] - 23/11/2013 - 09:24:24 ---A- - C:\Windows\Prefetch\MCOCROLLBACK.EXE-48449529.pf

O45 - LFCP:[MD5.39D8497E6912F7A5CE20916C385BBD05] - 23/11/2013 - 09:29:55 ---A- - C:\Windows\Prefetch\NOTIFICATION.EXE-DF0C3CF0.pf

O45 - LFCP:[MD5.BD60138906545FF097825EE809EE80E5] - 23/11/2013 - 09:31:40 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-6132DF3D.pf

O45 - LFCP:[MD5.7491939046BB62BB30CAA8C43D7E98E6] - 23/11/2013 - 09:33:27 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-7761B151.pf

O45 - LFCP:[MD5.F3F1968894FE119F25D706B3C3C4E7AB] - 23/11/2013 - 09:33:33 ---A- - C:\Windows\Prefetch\BACKGROUNDTRANSFERHOST.EXE-7DDF8CD2.pf

O45 - LFCP:[MD5.C4661894FFE7057E2E7A4D7BB5C6414B] - 23/11/2013 - 09:36:34 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-5FE780D4.pf

O45 - LFCP:[MD5.F44AE2E3386DF1339DC472EED3807F1F] - 23/11/2013 - 09:36:35 ---A- - C:\Windows\Prefetch\WERMGR.EXE-6E6280E6.pf

O45 - LFCP:[MD5.FC2F1AD539ECC7A19F9C04F9B1EEEF7A] - 23/11/2013 - 09:39:56 ---A- - C:\Windows\Prefetch\TIWORKER.EXE-375F3D59.pf

O45 - LFCP:[MD5.DBA87BEEDC5E9707F17B8C12431ED224] - 23/11/2013 - 09:39:56 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-B018CCBF.pf

O45 - LFCP:[MD5.DDD180065DF209B8CA0A34A71A2D9962] - 23/11/2013 - 09:41:29 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EA0A52C8.pf

O45 - LFCP:[MD5.5AD280E3BA7716E2CF3C5E318B42FA26] - 23/11/2013 - 09:41:38 ---A- - C:\Windows\Prefetch\SETTINGSYNCHOST.EXE-DD400067.pf

O45 - LFCP:[MD5.E16D8CABCEE9DA23FF30D4578349EA9C] - 23/11/2013 - 09:41:38 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-3C5D03F7.pf

O45 - LFCP:[MD5.68311D80BECBE626518E265D01695524] - 23/11/2013 - 09:41:38 ---A- - C:\Windows\Prefetch\TASKHOSTEX.EXE-7356AAC0.pf

O45 - LFCP:[MD5.DF39563E4542FA7BBBCBC74D1A6FAADC] - 23/11/2013 - 09:41:39 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-7D20CFB0.pf

O45 - LFCP:[MD5.091E06EAA98DDFCA1BF055808AA62C3A] - 23/11/2013 - 09:41:39 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-CD4E002C.pf

O45 - LFCP:[MD5.3383025427D9A0A8E754A390EC52D9D1] - 23/11/2013 - 09:41:40 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-4DB88ADA.pf

O45 - LFCP:[MD5.A1CB9029E3CDED0FC63734CD0413977B] - 23/11/2013 - 09:41:42 ---A- - C:\Windows\Prefetch\Layout.ini

O45 - LFCP:[MD5.83490695676E4A0D60D14E3EC122E31C] - 23/11/2013 - 09:41:50 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-55FE3087.pf

O45 - LFCP:[MD5.5294A35E42EEA5DAAEB735990321C81C] - 23/11/2013 - 09:41:50 ---A- - C:\Windows\Prefetch\NGEN.EXE-A8DBB043.pf

O45 - LFCP:[MD5.7FBC2BDAC46B105CCE782A928084E2D1] - 23/11/2013 - 09:41:53 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-D593A5D9.pf

O45 - LFCP:[MD5.3BCEE8C23AEECB170FB04B5D5044A5DA] - 23/11/2013 - 09:41:53 ---A- - C:\Windows\Prefetch\NGEN.EXE-383F81D5.pf

O45 - LFCP:[MD5.0DA7B920D02A7D7AAE72B7AFDC9521EE] - 23/11/2013 - 09:51:33 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-29D61DAB.pf

O45 - LFCP:[MD5.5ED42909BF23386A5824B4B8694ECCE2] - 23/11/2013 - 09:51:39 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-D687BE54.pf

O45 - LFCP:[MD5.BFF102B5130CF19F9FC703CF9FDEEBF1] - 23/11/2013 - 09:52:47 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-985C34E6.pf

O45 - LFCP:[MD5.092864623FAA77A83FE2D4461FF45CA0] - 23/11/2013 - 10:05:36 ---A- - C:\Windows\Prefetch\MCSVRCNT.EXE-3C30113B.pf

O45 - LFCP:[MD5.5FEDDDA0AD8CE72608B20F95DC5EB509] - 23/11/2013 - 10:05:36 ---A- - C:\Windows\Prefetch\MCVSMAP.EXE-64B21786.pf

O45 - LFCP:[MD5.065B869F244B8E57E44C25F8D5027496] - 23/11/2013 - 10:05:37 ---A- - C:\Windows\Prefetch\MCUPDATE.EXE-C6EAC66C.pf

O45 - LFCP:[MD5.2D9520102B706D513D02B493C1715072] - 23/11/2013 - 10:05:38 ---A- - C:\Windows\Prefetch\HWUPDCHK.EXE-9AC16830.pf

O45 - LFCP:[MD5.D93A4A45F4AF615AA5E97C3A5CDA2CD4] - 23/11/2013 - 10:05:42 ---A- - C:\Windows\Prefetch\MCUPDMGR.EXE-73F1857E.pf

O45 - LFCP:[MD5.7CF350ED98374BE45E887BD9154D03B2] - 23/11/2013 - 10:05:42 ---A- - C:\Windows\Prefetch\SAUPD.EXE-C3B1E227.pf

O45 - LFCP:[MD5.7C587D6518BCD37006D707A996ABA754] - 23/11/2013 - 10:05:44 ---A- - C:\Windows\Prefetch\QCSHM.EXE-706708ED.pf

O45 - LFCP:[MD5.BBA059731F9CDAAA99C271DCE4D69CB6] - 23/11/2013 - 10:09:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-23205583.pf

O45 - LFCP:[MD5.B9CA32E325EF6C1E937992D04E83C450] - 23/11/2013 - 10:10:34 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db

O45 - LFCP:[MD5.1C74EF44B4F711B9B96B356723CA33E2] - 23/11/2013 - 10:10:34 ---A- - C:\Windows\Prefetch\AgRobust.db

O45 - LFCP:[MD5.443CD90DEB3F0CFF0D6817D747F8A144] - 23/11/2013 - 10:10:35 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db

O45 - LFCP:[MD5.2A01615F7F6480E0D6FE2BE190B080DF] - 23/11/2013 - 10:10:35 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db

O45 - LFCP:[MD5.69E6004AE252D9FEE158141E6DD52661] - 23/11/2013 - 10:10:55 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-62E5E10F.pf

O45 - LFCP:[MD5.A361E2DBC924EE0AAD83FA029FD5FEAE] - 23/11/2013 - 10:11:14 ---A- - C:\Windows\Prefetch\CHROME.EXE-9812FE60.pf

O45 - LFCP:[MD5.A915D8498271E58E65C743E1933B1EDC] - 23/11/2013 - 10:13:06 ---A- - C:\Windows\Prefetch\DELEGATE_EXECUTE.EXE-8869DDC1.pf

O45 - LFCP:[MD5.80827C6800074C5C75FCD34D72B5F1B0] - 23/11/2013 - 10:13:54 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-C6CFE2A8.pf

O45 - LFCP:[MD5.20B7A383E63A561988D8DBCE154D5CCB] - 23/11/2013 - 10:13:58 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-9848A323.pf

O45 - LFCP:[MD5.8B67C57F773580FA17F034D720CD2E37] - 23/11/2013 - 10:15:07 ---A- - C:\Windows\Prefetch\CONSENT.EXE-2D674CE4.pf

O45 - LFCP:[MD5.8D468EF2A8B429B876836E6D4570623F] - 23/11/2013 - 10:15:08 ---A- - C:\Windows\Prefetch\NVTRAY.EXE-981FA625.pf

O45 - LFCP:[MD5.5E79D93523B30A49B10422F5FDE0B3BE] - 23/11/2013 - 10:15:15 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-2D77A9D8.pf

O45 - LFCP:[MD5.4863280CED399A5A779D4A13CF76C2AC] - 23/11/2013 - 10:15:17 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-4525BB3D.pf

O45 - LFCP:[MD5.CFF0BCA48D9C72C009DDE797DC30280C] - 23/11/2013 - 10:15:18 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-B8313A2A.pf

O45 - LFCP:[MD5.D5A2093386A14E1D1ABCC12949A95B6E] - 23/11/2013 - 10:16:00 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-38926D07.pf

O45 - LFCP:[MD5.6A0651E208186D0EC34BEEC9621A9FCD] - 23/11/2013 - 10:16:05 ---A- - C:\Windows\Prefetch\THUMBNAILEXTRACTIONHOST.EXE-C3FB8861.pf

O45 - LFCP:[MD5.221BD641B40DF1EDEA4D8EEBF77BC931] - 23/11/2013 - 10:16:07 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-10E4267C.pf

O45 - LFCP:[MD5.88BAC570BBFC73BC323AD7CDB9CED9D1] - 23/11/2013 - 10:16:10 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-210D3DBE.pf

O45 - LFCP:[MD5.E7784487459E16E19DB99A6BDEB64087] - 23/11/2013 - 10:16:30 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-5F2753B1.pf

O45 - LFCP:[MD5.8674375393B1C2B7985D5C6BEA7C4757] - 23/11/2013 - 10:16:35 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50AF0BCC.pf

O45 - LFCP:[MD5.A574261267D46BB5D171C7DFE5EB3CD9] - 23/11/2013 - 10:16:40 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-C7289479.pf

O45 - LFCP:[MD5.F7B9D2F580EBDEB8717B9B8397A798AA] - 23/11/2013 - 10:17:31 ---A- - C:\Windows\Prefetch\CMD.EXE-2EB3E6E2.pf

O45 - LFCP:[MD5.284CD0E6B96C79C0D17A6A42EFFEA80B] - 23/11/2013 - 10:17:31 ---A- - C:\Windows\Prefetch\CONHOST.EXE-F98A1078.pf

O45 - LFCP:[MD5.4CB8EFCD20FD01894AB2996FF681B0A2] - 23/11/2013 - 10:17:31 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-E9FF6526.pf

O45 - LFCP:[MD5.5D98D19F209E7B648DF42375277F1AFF] - 23/11/2013 - 10:17:32 ---A- - C:\Windows\Prefetch\PV.EXE-D9D90B9C.pf

O45 - LFCP:[MD5.F3AAF222990C8D24C162BD43CF076C71] - 23/11/2013 - 10:17:36 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-D08B2113.pf

O45 - LFCP:[MD5.9485BD2B3C958AED88AE8E8553F01577] - 23/11/2013 - 10:17:39 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-0C8A533A.pf

O45 - LFCP:[MD5.FF0DB7F03AC7D084FDC9EE2A832F153D] - 23/11/2013 - 10:17:40 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-7B160CA5.pf

O45 - LFCP:[MD5.5D148FB7C1145DB1A95E9EF8C52A3BA8] - 23/11/2013 - 10:17:42 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-0AD36442.pf

O45 - LFCP:[MD5.ADFE65BF375DFE81540AEE8D7AC1E448] - 23/11/2013 - 10:17:57 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5B401A7E.pf

O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 23/11/2149 - 17:02:12 ----D - C:\Windows\Prefetch\ReadyBoot

O45 - LFCP:[MD5.5A9D723A399F9C0E4165727BC0109432] - 26/10/2013 - 09:22:49 ---A- - C:\Windows\Prefetch\DISPLAYSWITCH.EXE-4D432882.pf

O45 - LFCP:[MD5.5B33FF2764D26CE8E997A9A50B6DB684] - 28/10/2013 - 20:27:51 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-94CE7668.pf

O45 - LFCP:[MD5.6DA2B8D087E299DCFB2B10491187D064] - 30/10/2013 - 20:58:20 ---A- - C:\Windows\Prefetch\LCTAROT.EXE-9F391393.pf

~ Prefetcher: 187 Scanned in 00mn 00s

---\\ Déni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll

~ LSA: 9 Scanned in 00mn 00s

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfefirek.sys . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\Windows\System32\Drivers\mfefirek.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfehidk.sys . (.McAfee, Inc. - McAfee Link Driver.) -- C:\Windows\System32\Drivers\mfehidk.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

~ CSB: 19 Scanned in 00mn 00s

---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)

O51 - MPSK:{d76a96c1-3c02-11e3-be78-7427ea4db901}\AutoRun\command. (...) -- F:\Startme.exe (.not file.)

~ Keys: Scanned in 00mn 00s

---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.i420"="lvcod64.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcod64.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

~ TDSD: 3 Scanned in 00mn 00s

---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll

~ MSCP: 2 Scanned in 00mn 00s

---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1

O55 - MWPS:[HKLM\...\Policies\System] - "DisableTaskMgr"=0

O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0

~ MWPS: 20 Scanned in 00mn 00s

---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRun"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoControlPanel"=0

~ MWPE Keys: 5 Scanned in 00mn 00s

---\\ Liste des pilotes du système (SDL) (O58)

O58 - SDL:[MD5.4F18D4C7EA14F11A7211F60D553C03DB] - 26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [106736]

~ Drivers: 20 Scanned in 00mn 00s

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)

O61 - LFC: 20/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001420_341369d2936823.eml [20108] =>.Microsoft Corporation

O61 - LFC: 20/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001421_13b559cd3d94e3.eml [21031] =>.Microsoft Corporation

O61 - LFC: 20/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001422_53365499af462a.eml [81297] =>.Microsoft Corporation

O61 - LFC: 20/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001423_a46bcbfc92973.eml [109611] =>.Microsoft Corporation

O61 - LFC: 20/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001424_3b228e41b1e44c.eml [40832] =>.Microsoft Corporation

O61 - LFC: 20/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001436_8d31d05b984b8.eml [127799] =>.Microsoft Corporation

O61 - LFC: 20/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001442_c8e2178d78021a.eml [22299] =>.Microsoft Corporation

O61 - LFC: 20/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001448_441de1e745f16.eml [10194] =>.Microsoft Corporation

O61 - LFC: 20/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\2000144c_6d2428cd376a5.eml [90636] =>.Microsoft Corporation

O61 - LFC: 20/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\2000142b_a951b5d4b5ee20.eml [20108] =>.Microsoft Corporation

O61 - LFC: 20/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\2000142c_af10912ca64470.eml [21031] =>.Microsoft Corporation

O61 - LFC: 20/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\2000142f_5d0faecf60684e.eml [81297] =>.Microsoft Corporation

O61 - LFC: 20/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001430_b3543a50efa994.eml [109611] =>.Microsoft Corporation

O61 - LFC: 20/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001432_988813ce81d387.eml [40832] =>.Microsoft Corporation

O61 - LFC: 20/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001437_6a053603fce9ba.eml [127799] =>.Microsoft Corporation

O61 - LFC: 20/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001446_4239bc1aed41ba.eml [22299] =>.Microsoft Corporation

O61 - LFC: 20/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\2000144a_d6597520fdb7b7.eml [10194] =>.Microsoft Corporation

O61 - LFC: 20/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\2000144d_b1895e181771e0.eml [90636] =>.Microsoft Corporation

O61 - LFC: 20/11/2013 - 10:19:23 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\0A909B921390EB7C9AC029CAE42A4A01.psi [4369]

O61 - LFC: 20/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\4A43750AEF491D6948FF17CC33B1AF30.psi [5087]

O61 - LFC: 20/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\5C221A2BDEEFB41D7256379C02D0557E.psi [3312]

O61 - LFC: 20/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\7B64D8D77476B34C219A82D1FDDF92F4.psi [16359]

O61 - LFC: 20/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\ABABDC1B0FE273C61AE9D663EE5BDEC6.psi [3237]

O61 - LFC: 20/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\AE196692F3A1E3C89AB8B66DB6871722.psi [6557]

O61 - LFC: 20/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\E9E10612593EFEECBBD043F280E1B464.psi [5285]

O61 - LFC: 21/11/2013 - 10:19:07 ---A- . (...) -- C:\Users\martial\AppData\Local\clear.fi\MediaSharingSetting.xml [99]

O61 - LFC: 21/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies [6144]

O61 - LFC: 21/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000988.ldb [320]

O61 - LFC: 21/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\fst_fr_17\user_profil.cyp [1676] =>PUA.FSTfr9

O61 - LFC: 21/11/2013 - 10:19:11 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel\1.135_1\b.html [91]

O61 - LFC: 21/11/2013 - 10:19:11 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel\1.135_1\b.js [1081]

O61 - LFC: 21/11/2013 - 10:19:11 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel\1.135_1\c.js [3261]

O61 - LFC: 21/11/2013 - 10:19:11 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel\1.135_1\icon128.png [2873]

O61 - LFC: 21/11/2013 - 10:19:11 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel\1.135_1\icon16.png [739]

O61 - LFC: 21/11/2013 - 10:19:11 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel\1.135_1\icon48.png [2462]

O61 - LFC: 21/11/2013 - 10:19:11 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel\1.135_1\manifest.json [800]

O61 - LFC: 21/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fnopmpmeehlabkfhidnechiihgpfoaif_0.localstorage [3072]

O61 - LFC: 21/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dcpfhaghaadpjpgocojgnlhjcieeooel\000005.ldb [132]

O61 - LFC: 21/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dcpfhaghaadpjpgocojgnlhjcieeooel\CURRENT [16]

O61 - LFC: 21/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dcpfhaghaadpjpgocojgnlhjcieeooel\LOCK [0]

O61 - LFC: 21/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dcpfhaghaadpjpgocojgnlhjcieeooel\LOG [145]

O61 - LFC: 21/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dcpfhaghaadpjpgocojgnlhjcieeooel\LOG.old [145]

O61 - LFC: 21/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dcpfhaghaadpjpgocojgnlhjcieeooel\MANIFEST-000050 [77]

O61 - LFC: 21/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\data_0 [8192]

O61 - LFC: 21/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\data_1 [270336]

O61 - LFC: 21/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\data_2 [8192]

O61 - LFC: 21/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\data_3 [8192]

O61 - LFC: 21/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\index [524656]

O61 - LFC: 21/11/2013 - 10:19:17 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\BrowserChoice_cw5n1h2txyewy\Settings\settings.dat [8192] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:17 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\E97CB0A1.LogitechCameraController_wd885nsp30hay\Settings\settings.dat [8192]

O61 - LFC: 21/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\INetCookies\R2S4SPHS.txt [193] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001485_58b1ba105dd2e8.eml [108480] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001486_84c4f0d8cdf093.eml [105557] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\2000148b_4a7802fc71e63.eml [9810] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\2000148c_b785256dfaf0b7.eml [21514] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\2000148d_86f674b07e837d.eml [1387] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\944E5B697BC46FE14AB888AE8A1EBB99_2269679B991E7B74D029ADC1DCE94782 [1480] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\AFA2A5744430E65F42D3175FABFBE3E8 [31710] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\944E5B697BC46FE14AB888AE8A1EBB99_2269679B991E7B74D029ADC1DCE94782 [482] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\AC9005F5466BD463DF06D711B370595F [316] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\AFA2A5744430E65F42D3175FABFBE3E8 [222] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001488_8bdc6b994fdf54.eml [108480] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001489_69d6fd88df87a8.eml [105557] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001491_87c40349e5ff19.eml [9810] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001493_7cc21749afbef.eml [21514] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001494_95558eff5bba43.eml [1387] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001496_93a63a632c619.eml [136899] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001499_e4cbe60d22e2d.eml [52572] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\2000149a_6d5332a590ae9f.eml [51251] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\2000149c_92179ea98e1b8c.eml [124506] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014a0_ee43aa951ab9b2.eml [52691] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014a1_613437ffdd8f6c.eml [9819] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014a2_6fa0b8a59cea2c.eml [11930] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014a4_20e2920d5d4ce.eml [85560] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\20001495_8fefd45fea4a90.eml [136899] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\20001497_9a49a47efe72f7.eml [52572] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\20001498_4ad93e0326118.eml [51251] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\2000149b_e7858104de685.eml [124506] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\2000149d_697170f2718c5.eml [52691] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\2000149e_c9eb89cbc0bf3b.eml [9819] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\2000149f_a1f36e1d36cbb8.eml [11930] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200014a3_89466cdc423021.eml [85560] =>.Microsoft Corporation

O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\BackgroundTransferApi\1976fdf4-56ba-4ba5-81f5-9389a98bf689.down_data [0]

O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\BackgroundTransferApi\1976fdf4-56ba-4ba5-81f5-9389a98bf689.up_meta [89]

O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\BackgroundTransferApi\79514b7c-1d1e-46c8-9ee5-0e8c15ab9ae8.down_data [0]

O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\BackgroundTransferApi\79514b7c-1d1e-46c8-9ee5-0e8c15ab9ae8.up_meta [89]

O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\BackgroundTransferApi\865bf016-9f06-4047-a9c4-c24f028ad074.down_data [0]

O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\BackgroundTransferApi\865bf016-9f06-4047-a9c4-c24f028ad074.up_meta [348]

O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\AppState.xml [0]

O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\Database\EntClientDb.edb [3686400]

O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\Database\edb.chk [8192]

O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\Settings\settings.dat [8192]

O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\LiveComm.etl [131072]

O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\LiveComm\913fdca7ce516122\120712-0049\DBStore\edb.chk [8192]

O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\LiveComm\913fdca7ce516122\120712-0049\DBStore\livecomm.edb [6307840]

O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\Microsoft.WindowsLive.ModernPhotos.etl [917504]

O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\ModernPhoto.edb [4227072]

O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\bici\bi000006.sqm [1540]

O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\bici\bi001000.sqm [1364]

O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\edb.chk [8192]

O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\Settings\settings.dat [262144]

O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\TempState\config\config.xml [0]

O61 - LFC: 21/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\400340A4467CE2119AC6B298F15E3FFC.psi [4587]

O61 - LFC: 21/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\4DB4043BFBEBAB51AE27866009BCFB06.psi [6287]

O61 - LFC: 21/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\7815E34C52353598FADA658008AD5DFA.psi [5078]

O61 - LFC: 21/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\C2A901395CCCAC0E6FAEF7411E955C4B.psi [4728]

O61 - LFC: 21/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\FEA27CE387E040743919AAD4D7C03E98.psi [6195]

O61 - LFC: 21/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\PokerStars.log.1 [264622]

O61 - LFC: 21/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\PokerStarsUpdate.log.1 [2507]

O61 - LFC: 21/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\3788_2262\crl-set [1071]

O61 - LFC: 21/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\3788_2262\manifest.fingerprint [12]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\3788_2262\manifest.json [34]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\bin.dmc [8128]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\bin\Aartemis\info.html [5460] =>PUP.AArtemis

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\bin\Qone8\info.html [5432] =>Hijacker.Qone8

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\bin\Re-Markit\info.html [15556] =>PUP.ReMarkIt

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\bin\css\base.css [370]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\config.dmc [1048]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\input.txt [246800]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\parent.txt [460776]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\setup.exe [8192]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\setup.exe.config [767]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\software\Re-markit_2040-2081.exe [969702] =>PUP.ReMarkIt

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\temp\Aartemisinfo.dfe [979] =>PUP.AArtemis

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\temp\Dockings.dfe [4374]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\temp\Qone8info.dfe [961] =>Hijacker.Qone8

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\temp\Re-Markitinfo.dfe [737] =>PUP.ReMarkIt

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\temp\SpeedUpMyPcinfo.dfe [45456] =>Rogue.SpeedUpMyPC

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\temp\templateDisplays.dfe [7389]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\temp\templateStyle.dfe [218388]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\atcMRUList.idx [0]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\atc_DownloadsBackupMain.lst [6]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\atc_DownloadsBackupVST.lst [6]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\comtypes_cache\sump-27\Accessibility.py [181]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\comtypes_cache\sump-27\Accessibility.pyo [367]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\comtypes_cache\sump-27\_00020430_0000_0000_C000_000000000046_0_2_0.py [14153]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\comtypes_cache\sump-27\_00020430_0000_0000_C000_000000000046_0_2_0.pyo [8898]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\comtypes_cache\sump-27\_1EA4DBF0_3C3B_11CF_810C_00AA00389B71_0_1_1.py [18791]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\comtypes_cache\sump-27\_1EA4DBF0_3C3B_11CF_810C_00AA00389B71_0_1_1.pyo [9832]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\comtypes_cache\sump-27\stdole.py [174]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\comtypes_cache\sump-27\stdole.pyo [353]

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (.Skytech Co., Ltd..) -- C:\Users\martial\AppData\Local\Temp\DM\software\tugs_do-search_new.exe [564376] =>PUP.DoSearches

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (.Uniblue Systems Ltd.) -- C:\Users\martial\AppData\Local\Temp\DM\software\speedupmypc.exe [1336912] =>Rogue.SpeedUpMyPC

O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (.VS Revo Group Ltd..) -- C:\Users\martial\AppData\Local\Temp\DM\software\revo-uninstaller.exe [2623656]

O61 - LFC: 21/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\MSI367c4.LOG [394]

O61 - LFC: 21/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\Setup Log 2013-11-21 #001.txt [1366]

O61 - LFC: 21/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\Setup Log 2013-11-21 #002.txt [24826]

O61 - LFC: 21/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\tmp97578.WMC\eula.txt [12402]

O61 - LFC: 21/11/2013 - 10:19:30 ---A- . (...) -- C:\Users\martial\Downloads\revo-uninstaller.exe [460776]

O61 - LFC: 21/11/2013 - 10:19:30 ---A- . (.F¡rser¡a sl.) -- C:\Users\martial\Downloads\aTube Catcher.exe [180024]

O61 - LFC: 22/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Archived History [57344]

O61 - LFC: 22/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Archived History-journal [512]

O61 - LFC: 22/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Bookmarks [5462]

O61 - LFC: 22/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak [5462]

O61 - LFC: 22/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000995.ldb [194]

O61 - LFC: 22/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db [7168]

O61 - LFC: 22/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db-journal [5672]

O61 - LFC: 22/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\databases\http_fr.aion.gameforge.com_0\4 [5120]

O61 - LFC: 22/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\databases\http_www.cougars-avenue.com_0\5 [4096]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000054.ldb [142]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT [16]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG [145]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG.old [145]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000058 [195]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage [74752]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal [3608]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fr.aion.gameforge.com_0.localstorage [3072]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fr.aion.gameforge.com_0.localstorage-journal [3608]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.commentcamarche.net_0.localstorage [3072]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.commentcamarche.net_0.localstorage-journal [3608]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.meetic.fr_0.localstorage [3072]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.meetic.fr_0.localstorage-journal [3608]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.royalgames.com_0.localstorage [50176]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.royalgames.com_0.localstorage-journal [16384]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.twoo.com_0.localstorage [3072]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.twoo.com_0.localstorage-journal [3608]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage [19456]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal [16384]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.betclic.fr_0.localstorage [489472]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.betclic.fr_0.localstorage-journal [3608]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage [4096]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage-journal [4640]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Login Data [12288]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Login Data-journal [4624]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_3 [4202496]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000001 [40094]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000002 [76925]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000003 [235227]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Media Cache\index [524656]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor [51200]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal [16384]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs [26624]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs-journal [4640]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\adventori.com\cookie.sol [94]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\macromedia.com\support\flashplayer\sys\#adventori.com\settings.sol [83]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\macromedia.com\support\flashplayer\sys\#mpsnare.iesnare.com\settings.sol [89]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\macromedia.com\support\flashplayer\sys\#player.onescreen.net\settings.sol [90]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\macromedia.com\support\flashplayer\sys\#s.ytimg.com\settings.sol [81]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\macromedia.com\support\flashplayer\sys\#static.audienceinsights.net\settings.sol [97]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\macromedia.com\support\flashplayer\sys\#static.greentube.com\settings.sol [90]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\macromedia.com\support\flashplayer\sys\settings.sol [527]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\mpsnare.iesnare.com\stm.sol [79]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\player.onescreen.net\1.9\s\MediaPlayer.swf\OsMediaPlayerId.sol [66]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\static.audienceinsights.net\pus.sol [68]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\static.greentube.com\js\Manager.swf\storage.sol [69]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\QuotaManager [13312]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal [6704]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Shortcuts [12288]

O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal [12824]

O61 - LFC: 22/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Toolbar Cache\7.5.4601.54\fr\translate_languages.json.content [1861]

O61 - LFC: 22/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Toolbar\broker_metrics.xml [6685]

O61 - LFC: 22/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Ludi\LCDecks\english_1.dat [187528]

O61 - LFC: 22/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Ludi\LCDecks\large_1.dat [211504]

O61 - LFC: 22/11/2013 - 10:19:13 --HA- . (...) -- C:\Users\martial\AppData\Local\IconCache.db [253388]

O61 - LFC: 22/11/2013 - 10:19:17 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\AcerIncorporated.AcerExplorer_48frkmn4z8aw4\Settings\settings.dat [8192] =>.Acer Inc

O61 - LFC: 22/11/2013 - 10:19:17 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\LocalState\MRU\{9DF99F24-AD1B-4A40-8304-F998ABDFAD17}\Thumbnail [14768]

O61 - LFC: 22/11/2013 - 10:19:17 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\LocalState\MRU\{A0A84B14-F3EB-4B25-AADD-E4CD43824019}\Thumbnail [14768]

O61 - LFC: 22/11/2013 - 10:19:17 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\Settings\settings.dat [262144]

O61 - LFC: 22/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\7D1F03728133589A90656A87E482B21F [49691] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 [340] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\7D1F03728133589A90656A87E482B21F [256] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\200014ea_6ab0813c6eb7a.eml [61649] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\200014eb_c8388927a63597.eml [36513] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\200014ec_1c117a9f200bdd.eml [19544] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\200014f4_3a40df5bcc0010.eml [80804] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\200014f5_208784c893bf3a.eml [112606] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\200014f6_e7b64b8dd76eda.eml [41814] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\200014fe_668a83d2684d98.eml [26660] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001502_2188e4a5a16228.eml [103784] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014ef_7af8ad2cfa777f.eml [61649] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014f0_610511d12e23e.eml [36513] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014f1_e61301ba23656b.eml [47353] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014f2_403eb72440e21b.eml [97382] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014f3_895df8ccb92b9d.eml [19544] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014f9_714973484592cd.eml [93886] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014fa_d2ea9c7dc2cd9e.eml [80804] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014fb_22e2b42023d415.eml [112606] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014fc_3f86b6418f0c76.eml [41814] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014fd_9439d4b9e063a3.eml [54648] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014ff_b2587aae724d68.eml [26660] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001501_1ccde0c431c916.eml [51454] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001503_a5c2cd88288416.eml [103784] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001507_55c67915819d1.eml [136957] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001508_cc6af6d3931cc7.eml [51555] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001509_5ee00790882453.eml [52163] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\2000150b_d3f7f8ca643221.eml [40045] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001550_648c265f6a666a.eml [11933] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200014ed_80a1679a800e89.eml [47353] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200014ee_c328131d119f4a.eml [97382] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200014f7_d5b93623c477cd.eml [93886] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200014f8_4ea05aef6a5564.eml [54648] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\20001500_89adba7179e518.eml [51454] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\20001504_8e305e1f0c5d8.eml [136957] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\20001505_6886e59ca4eecd.eml [51555] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\20001506_534ffc7dbaa8dd.eml [52163] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\2000150a_2e6c6a0ee391b1.eml [40045] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\2000154f_55a7c8aa45cdc9.eml [11933] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveCommLast.etl [1835008] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:23 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\AntiPhishing\7A7E08C8-3FF5-45F2-873D-A84D669DC82F.dat [151000] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:23 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\AntiPhishing\D7DB4501-61B9-4432-99BB-1413522F74DC.dat [151000] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:23 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\MSIMGSIZ.DAT [49120] =>.Microsoft Corporation

O61 - LFC: 22/11/2013 - 10:19:23 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\0A9722AB4C534A7FDFDB4286816F3F26.psi [3725]

O61 - LFC: 22/11/2013 - 10:19:23 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\2952CBD784390203DF357601DCF607CF.psi [44809]

O61 - LFC: 22/11/2013 - 10:19:23 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\38FEE2EC0973FB9E3A3F79A2F65AFD02.psi [5852]

O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\3F6150F3B9B0071D38922C422181064E.psi [5931]

O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\4EF2C05747F8B25308BBF64B901E375E.psi [14758]

O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\51624ADFCDA5B1550A978F07F8C349E9.psi [11977]

O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\800A4C32BDADF5EDF78D95512D41BCF5.psi [29758]

O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\8E2E54EAFD0A1001445006E23E34459E.psi [3806]

O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\94EE73E941A1E1BD4543E53134541E3B.psi [4574]

O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\A4546C4FC2593250C5F80783DC8F91FB.psi [5385]

O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\B4261EF72275E9B57A6E091114640FC5.psi [5316]

O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\B65191DEADA3701B11F4A972D6ACF671.psi [4350]

O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\BD374F395D59A072EFA181851A936A18.psi [47056]

O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\C36BDEB2FAE347F5D7C6660F429BF0DD.psi [5734]

O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\C5DD0BCB7EDB7FBB5F0F917C1D460F10.psi [4349]

O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\E1B9DA1F4133B860026A16EB21839CF7.psi [2875]

O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\image.store [158]

O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\img.idx [2484]

O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\PokerStars.log.0 [1094174]

O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\PokerStarsUpdate.log.0 [5014]

O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\_update2.dat [4630]

O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\_updcache.dat [209600]

O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\notes.plebania.xml [652]

O61 - LFC: 22/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\7524_22630\crl-set [1774]

O61 - LFC: 22/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\7524_22630\manifest.fingerprint [12]

O61 - LFC: 22/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\7524_22630\manifest.json [34]

O61 - LFC: 22/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\FXSAPIDebugLogFile.txt [0]

O61 - LFC: 22/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\FXSTIFFDebugLogFile.txt [0]

O61 - LFC: 22/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\INMEM000.REM [0]

O61 - LFC: 22/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\JRT.txt [2154]

O61 - LFC: 22/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\gentee01\gentee.dll [98304]

O61 - LFC: 22/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\gentee01\guig.dll [20480]

O61 - LFC: 22/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\jrt\temp\null.txt [0]

O61 - LFC: 22/11/2013 - 10:19:26 ---A- . (.Microsoft Corporation.) -- C:\Users\martial\AppData\Local\Temp\is-GD3V0.tmp\_isetup\_shfoldr.dll [23312]

O61 - LFC: 22/11/2013 - 10:19:26 -SHA- . (...) -- C:\Users\martial\AppData\Roaming\Microsoft\Protect\S-1-5-21-3778166341-1465188008-936229986-1001\bebfe852-9b40-431a-b4e8-d49813d25e9b [468]

O61 - LFC: 22/11/2013 - 10:19:29 ---A- . (...) -- C:\Users\martial\Documents\AdwCleaner[R0].txt [4747]

O61 - LFC: 22/11/2013 - 10:19:30 ---A- . (...) -- C:\Users\martial\Documents\virus.oxps [897612]

O61 - LFC: 22/11/2013 - 10:19:30 ---A- . (...) -- C:\Users\martial\Downloads\adwcleaner.exe [1085542]

O61 - LFC: 22/11/2013 - 10:19:30 ---A- . (...) -- C:\Users\martial\Downloads\lcplugin27 (1).exe [1381456]

O61 - LFC: 22/11/2013 - 10:19:30 ---A- . (...) -- C:\Users\martial\Downloads\lcplugin27 (2).exe [1381456]

O61 - LFC: 22/11/2013 - 10:19:30 ---A- . (...) -- C:\Users\martial\Downloads\lcplugin27.exe [1381456]

O61 - LFC: 22/11/2013 - 10:19:30 ---A- . (.Nicolas Coolman.) -- C:\Users\martial\Downloads\ZHP 2013.exe [16636048] =>.Nicolas Coolman

O61 - LFC: 22/11/2013 - 10:19:30 ---A- . (.Nicolas Coolman.) -- C:\Users\martial\Downloads\ZHPDiag2.exe [6855328] =>.Nicolas Coolman

O61 - LFC: 22/11/2013 - 10:19:30 ---A- . (.Thisisu.) -- C:\Users\martial\Downloads\JRT.exe [1034531]

O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [266212]

O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Cookies [253952]

O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal [16384]

O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT [16]

O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG [0]

O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old [151]

O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-001147 [899]

O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension State\CURRENT [16]

O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG [0]

O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old [142]

O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000006 [50]

O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\fst_fr_17\fst_fr_17\1.10\cnf.cyl [131] =>PUA.FSTfr9

O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\fst_fr_17\fst_fr_17\1.10\eorezo.cyl [69] =>PUA.FSTfr9

O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\fst_fr_17\upfst_fr_17.cyp [768] =>PUA.FSTfr9

O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (.FreeSoftToday.) -- C:\Users\martial\AppData\Local\fst_fr_17\Download\majfstfr.exe [4509472] =>Adware.FreeSoftToday

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Favicons [1673216]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal [16384]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\History [2002944]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache [204916]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\History-journal [16384]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Last Session [13419]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Last Tabs [12487]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_googleads.g.doubleclick.net_0.localstorage [3072]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_googleads.g.doubleclick.net_0.localstorage-journal [512]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage [3072]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage-journal [3608]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage [3072]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage-journal [3608]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_0 [45056]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_1 [270336]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_2 [1056768]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Preferences [64230]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Session Storage\001842.ldb [5668]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Session Storage\001844.ldb [5767]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Session Storage\001847.ldb [11497]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Session Storage\001850.ldb [11306]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT [16]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG [176]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old [271]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-001849 [252]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Top Sites [163840]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal [16384]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity [960]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Visited Links [131072]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Web Data [81920]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal [12848]

O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Local State [46649]

O61 - LFC: 23/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom [7797744]

O61 - LFC: 23/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [1367344]

O61 - LFC: 23/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies [6144]

O61 - LFC: 23/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal [2576]

O61 - LFC: 23/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist [135388]

O61 - LFC: 23/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Safe Browsing Download [1490980]

O61 - LFC: 23/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist [19548]

O61 - LFC: 23/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist [6828]

O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DbTemp\temp-AuPq4Prmb3avq3GnuPSSJ0tW [512]

O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DbTemp\temp-cfx0g7MkofDgXlI9pU1Xcf9z [20480]

O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\_sessionState.json [43]

O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\imcache [58]

O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\martial.besuchet\bistats.db [61440]

O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\martial.besuchet\bistats.db-journal [33344]

O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\martial.besuchet\chatsync\58\58dbbbeeb9e3ea71.dat [1939]

O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\martial.besuchet\config.xml [5463]

O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\martial.besuchet\eas.db [61440]

O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\martial.besuchet\eas.db-journal [45656]

O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\martial.besuchet\main.db [643072]

O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\martial.besuchet\main.db-journal [242648]

O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\shared.xml [81739]

O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\stats.json [2]

O61 - LFC: 23/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\bici\bi000000.sqm [4752] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\bici\bi001000.sqm [838] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\8A574ED5927B3CEC9626151D220C7448 [748] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\4309200C3DBAD0F6F0DFACE9165FD092 [262] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 [290] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\8A574ED5927B3CEC9626151D220C7448 [180] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\200015b4_1d586665dd786a.eml [118227] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\200015b5_76da45b8b5cc29.eml [103654] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\200015b6_db8dbb32283126.eml [83458] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ----- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm.etl [0] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ----- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Microsoft.WindowsLive.Chat.etl [0] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015bf_90541154ecb853.eml [97574] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015c0_9ed2cad4bc1b32.eml [39570] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015c1_53039567ce1577.eml [17129] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015c2_929d677a324f8f.eml [37467] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015c3_f406507be065f5.eml [118227] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015c4_99618cb5d07f7b.eml [65760] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015c5_2b6e86c9436071.eml [103654] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015c6_9f5a7d9d19ffdf.eml [83458] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015c7_43626144a23ae7.eml [81722] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015c8_78df61ecf88bf2.eml [15345] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015c9_c83d5ed644edea.eml [50845] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200015b7_a1d1ca831296fc.eml [50845] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200015b8_82a5a6e1866270.eml [97574] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200015b9_7f5ae5a9ae2d31.eml [39570] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200015ba_86ec6ef6a10577.eml [17129] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200015bb_3e80c35e92445d.eml [37467] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200015bc_acd53f1cc64037.eml [65760] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200015bd_a0a83a841272be.eml [81722] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200015be_1d93604338b2fb.eml [15345] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\913fdca7ce516122\120712-0049\DBStore\edb.chk [8192] =>.Microsoft Corporation

O61 - LFC: 23/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\5456_31192\crl-set [610]

O61 - LFC: 23/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\5456_31192\manifest.fingerprint [12]

O61 - LFC: 23/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\5456_31192\manifest.json [34]

O61 - LFC: 23/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Roaming\OpenOffice.org\3\.lock [139]

O61 - LFC: 23/11/2013 - 10:19:26 ---A- . (.Microsoft Corporation.) -- C:\Users\martial\AppData\Local\Temp\is-NO28L.tmp\_isetup\_shfoldr.dll [23312]

O61 - LFC: 23/11/2013 - 10:19:29 ---A- . (...) -- C:\Users\martial\AppData\Roaming\OpenOffice.org\3\user\registrymodifications.xcu [48021]

O61 - LFC: 23/11/2013 - 10:19:29 ---A- . (...) -- C:\Users\martial\AppData\Roaming\ZHP\Log.txt [16997] =>.Nicolas Coolman

O61 - LFC: 23/11/2013 - 10:19:29 ---A- . (...) -- C:\Users\martial\AppData\Roaming\ZHP\TestsZHPDiag.txt [2899] =>.Nicolas Coolman

~ 54 Fichiers temporaires (Temporary files)

~ Files: 413 Scanned in 00mn 23s

---\\ Liste des outils de désinfection (LATC) (O63)

O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman

~ ADS: Scanned in 00mn 00s

---\\ Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)

~ FASS Keys: 11 Scanned in 00mn 00s

---\\ Menu de démarrage Internet (SMI) (O68)

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://do-search.com =>PUP.DoSearches

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://do-search.com =>PUP.DoSearches

~ Keys: Scanned in 00mn 00s

---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com

~ Keys: Scanned in 00mn 00s

---\\ Enumère les fichiers Crack & Keygen (CKF) (O82)

C:\Microgaming\Casino\casinoclassic\local\fr\clariondescriptions\txt_desc_crackerjack1.dat

C:\Microgaming\Casino\casinoclassic\local\fr\clariondescriptions\txt_desc_crackerjack1.dat

~ Files: Scanned in 00mn 30s

---\\ Enumère les service demarrés par Svchost (SSS) (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [190976]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [309248]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1366016]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1160192]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99840]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll [358400]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [107520]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [62976]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [438784]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [305664]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [3279360]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [826368]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [565760]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [894464]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [151552]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [105472]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1285632]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [219648]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [80896]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [134144]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [291328]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84992]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [97792]

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [190976]

O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1964544]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [47104]

O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [207872]

O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll [161792]

O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [180224]

~ Services: 34 Scanned in 00mn 00s

---\\ Recherche particulière à la racine du système (SPRF) (O84)

[MD5.32DCED18FFFEA0035E4FA975CA0AE8BE] [sPRF][22/04/2013] (.The Software Group - Software Update Setup.) -- C:\Users\martial\AppData\Local\Temp\BoxoreInstaller.exe [620656] =>Adware.Boxore

[MD5.378189889438568FEF3D98588283B3A5] [sPRF][11/11/2013] (...) -- C:\Users\martial\AppData\Local\Temp\Quarantine.exe [350377]

~ Files: 2 Scanned in 00mn 00s

---\\ Liste des exceptions du parefeu (FirewallRules) (O87)

O87 - FAEL: "vm-monitoring-rpc" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "vm-monitoring-dcom" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation

O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation

O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation

O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe

O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe

O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe

O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe

O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "Netlogon-TCP-RPC-In" | In - None - P6 - FALSE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe

O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe

O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe

O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "ProximityUxHost-Sharing-In-TCP-NoScope" | In - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe

O87 - FAEL: "ProximityUxHost-Sharing-Out-TCP-NoScope" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe

O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe

O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe

O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-DAS-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe

O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-UPnPHost-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-DAS-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe

O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe

O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe

O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe

O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe

O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe

O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe

O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe

O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe

O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe

O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe

O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation

O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation

O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation

O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation

O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation

O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation

O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation

O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation

O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation

O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation

O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation

O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation

O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation

O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation

O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "PlayTo-In-UDP-NoScope" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe

O87 - FAEL: "PlayTo-In-UDP-LocalSubnetScope" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe

O87 - FAEL: "PlayTo-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe

O87 - FAEL: "PlayTo-Out-UDP-NoScope" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe

O87 - FAEL: "PlayTo-Out-UDP-LocalSubnetScope" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe

O87 - FAEL: "PlayTo-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe

O87 - FAEL: "PlayTo-In-RTSP-NoScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe

O87 - FAEL: "PlayTo-In-RTSP-LocalSubnetScope" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe

O87 - FAEL: "PlayTo-In-RTSP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe

O87 - FAEL: "PlayTo-SSDP-Discovery-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "PlayTo-QWave-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "PlayTo-QWave-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "PlayTo-QWave-In-TCP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "PlayTo-QWave-Out-TCP-PlayToScope" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "TPMVSCMGR-Server-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe

O87 - FAEL: "TPMVSCMGR-Server-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe

O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "TPMVSCMGR-Server-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe

O87 - FAEL: "TPMVSCMGR-Server-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe

O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe

O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe

O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe

O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe

O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe

O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe

O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe

O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe

O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe

O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "MCX-TERMSRV-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe

O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe

O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "{00DF69F0-4CC7-4091-892A-6A9F77BB8439}" | In - Public - P6 - TRUE | .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe

O87 - FAEL: "{D5348174-7650-43ED-9C84-D035021B6A55}" | In - Public - P17 - TRUE | .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe

O87 - FAEL: "{D788FE3B-1CFC-4C1C-B95C-7F502AA5C218}" | In - Public - P6 - TRUE | .(.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe

O87 - FAEL: "{A04D9678-AA86-466B-9E6F-B969C467652A}" | In - Public - P17 - TRUE | .(.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe

O87 - FAEL: "{BD7B2D21-5BE0-4D19-978A-E9C46C104F0A}" | In - Public - P6 - TRUE | .(.Acer - ArcServer.) -- C:\Program Files (x86)\Acer Remote\ArcServer.exe

O87 - FAEL: "{598944B2-A2E9-4FEF-A58B-15FF587EB018}" | In - Public - P17 - TRUE | .(.Acer - ArcServer.) -- C:\Program Files (x86)\Acer Remote\ArcServer.exe

O87 - FAEL: "{01ADA90C-DF4F-48BA-9F11-4FA9D3003D6C}" | In - Public - P6 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\Program Files (x86)\Spotify\spotify.exe

O87 - FAEL: "{B9451D30-3353-4CBD-830A-44659119464E}" | In - Public - P17 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\Program Files (x86)\Spotify\spotify.exe

O87 - FAEL: "{B8896FB6-932C-4DA4-AEB8-BDDD54D1FDEB}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe

O87 - FAEL: "{3C4535F5-93DD-45A7-8941-37A8215FA670}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe

O87 - FAEL: "{E0AB66A5-51DE-4FCB-86A1-43EBB1300292}" | In - None - P6 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe

O87 - FAEL: "{A4F018DB-D33F-44CC-B9DE-7A08CF6CA865}" | In - None - P17 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe

O87 - FAEL: "{54E18379-3127-45F0-BDE4-A1176A3E951A}" | In - None - P6 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe

O87 - FAEL: "{CBA2B7F9-6447-4000-8293-97E540A7DE26}" | In - None - P17 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe

O87 - FAEL: "{364533BA-4AE8-49FA-91A4-C1402083B386}" | In - None - P6 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe

O87 - FAEL: "{7D15C35D-DB6A-43ED-97B8-D54DD487320B}" | In - None - P17 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe

O87 - FAEL: "{8BA69924-96AE-4E7F-BB48-F7C99B2B248C}" | In - None - P6 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe

O87 - FAEL: "{56A17E25-CBB0-4F44-94DC-55151721DC3A}" | In - None - P17 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe

O87 - FAEL: "{583D9084-F64A-4530-B602-37714C707DD3}" | In - None - P6 - TRUE | .(.Acer Cloud Technology - AcerCloud Client.) -- C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe

O87 - FAEL: "{70E76A58-FCC9-4986-B241-ED336C3DDF5B}" | In - None - P17 - TRUE | .(.Acer Cloud Technology - AcerCloud Client.) -- C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe

O87 - FAEL: "{E0BB916C-2396-4026-BE39-49304566BFB4}" | In - None - P6 - TRUE | .(.Acer Incorporated - SDD for AcerCloud.) -- C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe

O87 - FAEL: "{977B496F-1E05-4B94-A339-B7CFDC81B491}" | In - None - P17 - TRUE | .(.Acer Incorporated - SDD for AcerCloud.) -- C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe

O87 - FAEL: "{EBFDF356-C8B5-4854-B485-F4CC1FE3B01F}" | In - None - P6 - TRUE | .(.Acer Incorporated - Virtual Drive for Acer Orbe.) -- C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe

O87 - FAEL: "{3B899388-2F19-43E0-B182-C1DF02B9FD9E}" | In - None - P17 - TRUE | .(.Acer Incorporated - Virtual Drive for Acer Orbe.) -- C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe

O87 - FAEL: "{CCA7770B-2F12-4DFA-871C-12FA269091BF}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "{92B40F3E-2161-4BE9-AA1A-757F1EFEDAD7}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "{8FC2C1C6-386D-4ACD-8453-8FC16ADCD290}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe

O87 - FAEL: "{D1C88BBC-0A00-426A-8FD3-6A27EBBC6F77}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation

O87 - FAEL: "{E6880DB6-BB3A-4248-9740-2261850D7155}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation

O87 - FAEL: "{653CA8D5-57EF-44BF-A5F6-BD15D2E9C8AB}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation

O87 - FAEL: "{4004BB77-B506-4936-A362-3DA99EFF343A}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "{680EF6FC-C350-4E38-8159-2EE580AA0F6B}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation

O87 - FAEL: "{ADE99E9B-DE6B-4F1B-A2D4-61F508293CD6}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation

O87 - FAEL: "{C3859AB9-D5B1-4C98-A21D-69950357A6DC}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation

O87 - FAEL: "{A23C87FB-06E0-4F9C-978C-FAA3B0F14723}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation

O87 - FAEL: "{7B099CB7-DBAB-4FD9-BCD2-59E8BE471037}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation

O87 - FAEL: "{D421B80F-D877-4FC2-82FA-A0D5909B9241}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation

O87 - FAEL: "{373005E1-5293-4FC8-81FE-2BAD7236A5A9}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation

O87 - FAEL: "{C8C8433C-2DB7-4263-82D9-FF6C9AAFD9DA}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "{D85B4767-D395-4529-BA04-782F77A0809E}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "{3E6A8A38-8097-4A2E-824B-CFFC274F33B4}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "{0864CA6C-0D6B-45DF-8C20-72A0CDF18CA0}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "{36F92841-F181-4878-96B5-2E27B6DC2E69}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "{80BCBFA9-3658-4D4E-9136-CAE4D5E96B03}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O87 - FAEL: "{D2C065B2-B01A-40C5-B42E-9D158D56E110}" | In - Private - P6 - TRUE | .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe

O87 - FAEL: "{34BC40A0-C93F-406A-BAA2-CAAED0697D22}" | In - Private - P17 - TRUE | .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe

O87 - FAEL: "{5CE62C1C-C432-441C-82E5-8D0CC534CD35}" | In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe

~ Firewall: 235 Scanned in 00mn 01s

---\\ Enumère les codes produits des logiciels (PUC) (O90)

O90 - PUC: "00005109831090400000000000F01FEC" . (.Microsoft Office.) -- C:\Windows\Installer\{90150000-0138-0409-0000-0000000FF1CE}\firstrun.exe

O90 - PUC: "0B8EF4ACC892D5E44A683FB321D6A6A0" . (.Acer Docs.) -- C:\Windows\Installer\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}\icon.ico

O90 - PUC: "122113B05A506674D830A74664971465" . (.Nero RescueAgent Help (CHM).) -- c:\windows\Installer\{0B311221-05A5-4766-8D03-7A6446794156}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945

O90 - PUC: "13CB47B4353BF8B4C8EBAD4BFF23F61F" . (.sysTPL.) -- C:\Windows\Installer\{4B74BC31-B353-4B8F-8CBE-DAB4FF326FF1}\default_1.exe

O90 - PUC: "18034D2AB7FC73649A3F2E56A15A4C8A" . (.Nero RescueAgent.) -- c:\windows\Installer\{A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}\ARPPRODUCTICON.exe

O90 - PUC: "203E62EEA6789D84098513925E9B9999" . (.Live Updater.) -- C:\windows\Installer\{EE26E302-876A-48D9-9058-3129E5B99999}\icon.ico

O90 - PUC: "2921D0FE1CF8EB147904BD1C436F4651" . (.Nero BackItUp Help (CHM).) -- c:\windows\Installer\{EF0D1292-8FC1-41BE-9740-DBC134F66415}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945

O90 - PUC: "2F98DA5B3D306024487810288900D70D" . (.Acer Photo.) -- C:\Windows\Installer\{B5AD89F2-03D3-4206-8487-018298007DD0}\icon.ico

O90 - PUC: "31498519576672C4A8CFFE9B01B3095A" . (.eBay Worldwide.) -- c:\Windows\Installer\{91589413-6675-4C27-8AFC-EFB9103B90A5}\_853F67D554F05449430E7E.exe =>Toolbar.eBay

O90 - PUC: "33B1C8585D3C77347BB7E1F233C8F766" . (..) -- C:\Windows\Installer\{858C1B33-C3D5-4377-B77B-1E2F338C7F66}\ARPPRODUCTICON.exe

O90 - PUC: "35588CBA077879B44BE3A50946A7B536" . (.Nero ControlCenter.) -- c:\windows\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ARPPRODUCTICON.exe

O90 - PUC: "379F8AC47736FBA4E95DCC32323B0C00" . (.Nero BackItUp 12 Essentials OEM.a01.) -- c:\windows\Installer\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}\ARPPRODUCTICON.exe

O90 - PUC: "3A80BAA3921F5DB44B90EA76F43957D9" . (.Prerequisite installer.) -- c:\windows\Installer\{3AAB08A3-F129-4BD5-B409-AE674F93759D}\ARPPRODUCTICON.exe

O90 - PUC: "3C5CF1EF90A6F3D40B48A62588FA8E9F" . (.QuickEngine.) -- C:\Windows\Installer\{FE1FC5C3-6A09-4D3F-B084-6A5288AFE8F9}\softwareinstaller.exe

O90 - PUC: "456BC9D3DA991034986CD0217A0967C7" . (.Identity Card.) -- C:\windows\Installer\{3D9CB654-99AD-4301-89C6-0D12A790767C}\icon.ico

O90 - PUC: "647C499C0D6CABE40BE9FDB78183B196" . (.Nero ControlCenter Help (CHM).) -- c:\windows\Installer\{C994C746-C6D0-4EBA-B09E-DF7B18381B69}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D

O90 - PUC: "6FD66A043D225B447A3D381B812A0CCD" . (.Norton Online Backup.) -- C:\Windows\Installer\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}\MainIcon.ico

O90 - PUC: "7040BB568CC47CD459E2E3FEFD5006A2" . (.Nero Update.) -- c:\windows\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe

O90 - PUC: "7071FA9EA3F32E943854F4D226D98067" . (.Acer Media.) -- C:\Windows\Installer\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}\icon.ico

O90 - PUC: "71B0DA5AD43FEB941A758C3B5DA2DC31" . (.AcerCloud Portal.) -- C:\Windows\Installer\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}\icon.ico

O90 - PUC: "8489373E92353E84D882B5DBE6B83E48" . (.MediaEspresso.) -- C:\windows\Installer\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\ARPPRODUCTICON.exe

O90 - PUC: "8703D2ADC85A8E54E80E818BEBB6437F" . (.Nero BackItUp.) -- c:\windows\Installer\{DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}\ARPPRODUCTICON.exe

O90 - PUC: "8FC229B8C6A8EC148A851F57D5F7D592" . (.NVIDIA PhysX.) -- C:\Windows\Installer\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}\icon.ico

O90 - PUC: "90B53772EFE9F9143A7701AA18113CA0" . (.VC90_CRT_x64.) -- C:\Windows\Installer\{27735B09-9EFE-419F-A377-10AA8111C30A}\ARPPRODUCTICON.exe

O90 - PUC: "A5002F70CAC8B4A4382AAD897A22AC16" . (.Recovery Management.) -- C:\Windows\Installer\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}\.\Bitmaps\eRecoveryicon.ico

O90 - PUC: "AEA2F1F9A27C6DD499E15C05A665524E" . (.OpenOffice.org 3.4.1.) -- C:\Windows\Installer\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}\soffice.ico

O90 - PUC: "D724AD5332BB8B94A9DFFCCFEFB307D8" . (.clear.fi SDK- Movie.) -- C:\Windows\Installer\{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}\ARPPRODUCTICON.exe

O90 - PUC: "DAC33ABE170E5d841A86BF4AEE4BE239" . (.clear.fi SDK - Video.) -- C:\Windows\Installer\{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}\ARPPRODUCTICON.exe

O90 - PUC: "FA0364E07BA0E0449A87A187CFF4349B" . (.Nero Launcher.) -- c:\windows\Installer\{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}\ARPPRODUCTICON.exe

~ Update Products: 47 Scanned in 00mn 00s

---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)

[MD5.E32A1A1B9CC600CF062E0E429925841A] [WIS][21/11/2013] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\1c1285af.msi [1974272] =>Adware.Boxore

[MD5.A7A4DB0BD34B5B482EF199F6E1A17A1A] [WIS][06/10/2013] (.Tlapia - sysTPL.) -- C:\Windows\Installer\34b733b.msi [1860608]

[MD5.016CC520157498D9E547A3331943CDE8] [WIS][30/09/2013] (.Tlapia - QuickEngine.) -- C:\Windows\Installer\34b733f.msi [962560]

[MD5.B30273F8BC9043B004778D133ADC7655] [WIS][06/10/2013] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\34b7352.msi [28672] =>Toolbar.Google

[MD5.8ABAB9BE3C2F306511BBAAFC7DF5C10C] [WIS][12/07/2012] (.Intel - Intel® Network Connections.) -- C:\Windows\Installer\5f38e.msi [13215232]

~ WIS: 49 Scanned in 00mn 04s

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 10/07/2013 2650696 | (CCDMonitorService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe

SR - | Demand 18/01/2013 660040 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe

SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

SS - | Auto 06/10/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 06/10/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 06/10/2013 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

SR - | Auto 30/07/2013 328928 | (HomeNetSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

SR - | Auto 13/07/2012 2451456 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe

SR - | Auto 20/04/2012 635104 | (Intel® Capability Licensing Service Interface) . (.Intel® Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe

SR - | Auto 05/06/2012 190824 | (Intel® PROSet Monitoring Service) . (.Intel Corporation.) - C:\Windows\system32\IProsetMonitor.exe

SR - | Auto 17/07/2012 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

SR - | Auto 17/07/2012 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

SR - | Auto 11/05/2012 200728 | (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

SR - | Auto 24/09/2013 178048 | (McAPExe) . (.McAfee, Inc..) - C:\Program Files\McAfee\MSC\McAPexe.exe

SS - | Demand 26/01/2012 332080 | (McAWFwk) . (.McAfee, Inc..) - C:\Program Files\mcafee\msc\McAWFwk.exe

SR - | Auto 30/07/2013 328928 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

SR - | Auto 30/07/2013 328928 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe

SS - | Demand 02/08/2013 602944 | (McODS) . (.McAfee, Inc..) - C:\Program Files\mcafee\VirusScan\mcods.exe

SS - | Disabled 11/05/2012 200728 | (McOobeSv) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

SR - | Auto 30/07/2013 328928 | (mcpltsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe

SR - | Auto 30/07/2013 328928 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe

SR - | Auto 06/10/2013 335216 | (MfeASUM) . (.McAfee, Inc..) - C:\Program Files\McAfee\AppStats\MfeASUM.exe

SR - | Auto 20/09/2013 1017016 | (mfecore) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

SR - | Auto 24/09/2013 219272 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

SR - | Auto 24/09/2013 182752 | (mfevtp) . (.McAfee, Inc..) - C:\windows\system32\mfevtps.exe

SR - | Auto 30/07/2013 328928 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

SR - | Auto 14/07/2012 769432 | (NAUpdate) . (.Nero AG.) - c:\Program Files (x86)\Nero\Update\NASvc.exe

SR - | Auto 15/08/2012 3943104 | (NOBU) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

SR - | Auto 30/01/2013 884512 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SR - | Auto 30/01/2013 383264 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

SR - | Auto 29/09/2013 399128 | (sysTPLMonitor.exe) . (.Tlapia.) - C:\Program Files (x86)\sysTPL\sysTPLMonitor.exe

SR - | Auto 29/09/2013 397080 | (sysTPLService.exe) . (.Tlapia.) - C:\Program Files (x86)\sysTPL\sysTPLService.exe

SR - | Auto 17/07/2012 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe

SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation

SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 06s

---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)

Run by martial at 23/11/2013 10:20:54

~ OS 64 not supported by MBR tool

~ MBR: 0 Scanned in 00mn 00s

---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by martial at 23/11/2013 10:20:56

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 02s

---\\ Scan Additionnel (O88)

Database Version : 12996 - (22/11/2013)

Clés trouvées (Keys found) : 18

Valeurs trouvées (Values found) : 4

Dossiers trouvés (Folders found) : 5

Fichiers trouvés (Files found) : 10

[HKLM\Software\Google\Chrome\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel] =>PUP.ReMarkIt^

[HKLM\Software\Google\Chrome\Extensions\pbpohikckhbcljgombipcdoinkaedlfa] =>Spyware.SmartDisplay^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4480AD00-E608-4D22-A592-751680DF3262}] =>PUP.ReMarkIt^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4D91-8333-CF10577473F7}] =>Toolbar.Google^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}] =>Toolbar.Google^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] =>Toolbar.Google^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{49b4f70f-f101-435c-ac77-0d6be35fbb33}] =>PUP.ReMarkIt^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{91589413-6675-4C27-8AFC-EFB9103B90A5}] =>Toolbar.eBay^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\fst_fr_17_is1] =>Adware.FreeSoftToday^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd

[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive

[HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C] =>Adware.Boxore^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^

[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:fst_fr_17 =>PUA.FSTfr9^

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]:upfst_fr_17.exe =>PUA.FSTfr9^

C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel =>PUP.ReMarkIt^

C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa =>Spyware.SmartDisplay^

C:\Program Files (x86)\fst_fr_17 =>PUA.FSTfr9^

C:\Program Files (x86)\Re-markit =>PUP.ReMarkIt^

C:\Users\martial\AppData\Local\fst_fr_17 =>PUA.FSTfr9^

C:\Users\martial\AppData\Local\fst_fr_17\upfst_fr_17.exe =>PUA.FSTfr9^

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google^

C:\Program Files (x86)\fst_fr_17\fst_fr_17.exe =>PUA.FSTfr9^

C:\Windows\Tasks\Re-markit Update.job =>PUP.ReMarkIt^

C:\Program Files (x86)\Re-markit\ReMarkit_up.exe =>PUP.ReMarkIt^

[HKCU\Software\AppDataLow\Software\Re_markit] =>PUP.ReMarkIt^

[HKLM\Software\Wow6432Node\do-searchSoftware] =>PUP.DoSearches^

C:\Users\martial\AppData\Local\Temp\BoxoreInstaller.exe =>Adware.Boxore^

C:\Windows\Installer\1c1285af.msi =>Adware.Boxore^

C:\Windows\Installer\34b7352.msi =>Toolbar.Google^

~ Additionnel Scan: 188458 Items scanned in 00mn 15s

---\\ Récapitulatif des détections trouvées sur votre station

~ http://nicolascoolman.webs.com/apps/blog/show/34014358-pua-fstfr9 =>PUA.FSTfr9

~ http://nicolascoolman.webs.com/apps/blog/show/36657231-pup-remarki =>PUP.ReMarkIt

~ http://nicolascoolman.webs.com/apps/blog/show/32662245-spyware-smartdisplay =>Spyware.SmartDisplay

~ http://nicolascoolman.webs.com/apps/blog/show/33477786-pup-dosearches =>PUP.DoSearches

~ http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy =>Hijacker.Proxy

~ http://nicolascoolman.webs.com/apps/blog/show/33340107-adware-freesofttoday =>Adware.FreeSoftToday

~ http://nicolascoolman.webs.com/apps/blog/show/26627641-spyware-agenceexclusive =>Spyware.AgenceExclusive

~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster

~ http://nicolascoolman.webs.com/apps/blog/show/33047509-rogue-speedupmypc =>Rogue.SpeedUpMyPC

~ http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop =>Adware.Lollipop

~ http://nicolascoolman.webs.com/apps/blog/show/35393224-pup-aartemis =>PUP.AArtemis

~ http://nicolascoolman.webs.com/apps/blog/show/33262880-hijacker-qone8 =>Hijacker.Qone8

~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore

~ http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd

~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma

~ MSI: 15 link(s) detected in 00mn 15s

End of the scan (2055 lines in 03mn 45s)(2)