Rapport de ZHPDiag v1.3.6.15 par Nicolas Coolman, Update du 04/03/2013
Run by delphine at 06/03/2013 19:48:06
State : Version � jour.
High Elevated Privileges : OK
UAC : Activate by user
---\\ Web Browser
MSIE: Internet Explorer v9.10.9200.16484
MFIE: Mozilla Firefox 19.0.1 v19.0.1 (Defaut)
---\\ Windows Product Information
~ Langage: Fran�ais
Windows 8 Home Premium Edition, 64-bit (Build 9200)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : KBQHT
Windows License : OK
~ Windows Remaining Initializations Number : 998
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Information
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3988 MB (49% free)
System Restore: Activ� (Enable)
System drive C: has 532 GB (92%) free of 575 GB
---\\ Logged in mode
~ Computer Name: PORTABLE
~ User Name: delphine
~ All Users Names: HomeGroupUser$, delphine, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\delphine\AppData\Roaming\
~ %Desktop% : C:\Users\delphine\Desktop\
~ %Favorites% : C:\Users\delphine\Favorites\
~ %LocalAppData% : C:\Users\delphine\AppData\Local\
~ %StartMenu% : C:\Users\delphine\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 532 Go of 575 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 20 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.E13A31D5254C25406A7946BDD9B06364] - (.Microsoft Corporation - Explorateur Windows.) (.11/10/2012 - 08:35:16.) -- C:\Windows\Explorer.exe [2380944]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.BDE820861D8107C67E182DF66A27074F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.20/12/2012 - 01:29:16.) -- C:\Windows\System32\wininet.dll [2246656]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioth�que de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.36D6A3201721558A8AFBCC09C2DA4C2C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.06/11/2012 - 04:53:44.) -- C:\Windows\system32\Drivers\AFD.sys [560640]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.877D60D6E4156EC4A2E0B6871D41BED9] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.06/11/2012 - 04:52:49.) -- C:\Windows\system32\Drivers\MRxSmb.sys [366080]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.11D7A4A4A1DA60F394F53B413DCDF0DE] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.10/01/2013 - 02:29:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1934056]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parall�le.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de p�riph�rique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.26/07/2012 - 05:57:09.) -- C:\Windows\system32\Drivers\volsnap.sys [332016]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/37
~ Mes Favoris (My Favorites) : 1/7
~ Mes Documents (My Documents) : 1/2184
~ Mon Bureau (My Desktop) : 1/9
~ Menu demarrer (Programs) : 1/23
~ Scan Hidden Files in 00mn 00s
---\\ Processus lanc�s
[MD5.7853D2AB445C10F97610B2B05FA4CF0A] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [512360] [PID.5116]
[MD5.241BD3019FB31E812A51B31B06906335] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe [144520] [PID.4624]
[MD5.643B3D0A252394C1110C6C67BE30B9D2] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [917400] [PID.5732]
[MD5.B7995C675014EEBE77A0BEB7AFCCFC08] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432] [PID.5464]
[MD5.F0EFE6B69853652A220A5A2D1DD97F62] - (.cyberlink - brs.) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe [78352] [PID.3600]
[MD5.EBAE9EE13F51F38B57D616CF4A420682] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512] [PID.6128]
[MD5.9F3655267BA37004F519ABDDB3AEE244] - (.Hewlett-Packard Development Company, L.P. - HP CoolSense.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008] [PID.2220]
[MD5.DAE282BA9BFD5283A21761F1EE73F6A3] - (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files (x86)\OLYMPUS\ib\olycamdetect.exe [96128] [PID.936]
[MD5.724CB7A116F7E1A67009D751BCF86586] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120] [PID.5772]
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.5764]
[MD5.3F2C1A23CBE7948A066AA1B820B57BFE] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [17304] [PID.3940]
[MD5.4774541ACC36665A80F7E8BC432AFE86] - (.Adobe Systems, Inc. - Adobe Flash Player 11.6 r602.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe [1820016] [PID.3528]
[MD5.61E22A327D20737529E5DDAD904BDD7B] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe [8704] [PID.3684]
[MD5.E8411E6CE8D4BD050311644262C217E3] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [5721088] [PID.4596]
~ Scan Processes Running in 00mn 00s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\delphine\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default] tore_on_startup": ["http://securesearch.lavasoft.com
G0 - GCSP: Preference [User Data\Default] ore_on_startup": ["http://securesearch.lavasoft.com
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\delphine\AppData\Roaming\Mozilla\Firefox\Profiles\k4g8kcwl.default\prefs.js
M3 - MFPP: Plugins - [delphine] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [delphine] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [delphine] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [delphine] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [delphine] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [delphine] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [delphine] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [delphine - k4g8kcwl.default] about:home
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=3684DE038A26E71FB793D3512A8D6F62
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT13/3
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT13/3
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/hpnot13/3
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Norton Identity Protection [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection [64Bits] - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\IPS\IPSBHO.dll
O2 - BHO: HP Network Check Helper [64Bits] - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} . (.Hewlett-Packard - HP Network Check IE Plug-in.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
~ Scan BHO in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [CLVirtualDrive] . (.CyberLink Corp. - CyberLink Virtual Drive.) -- C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [BDRegion] . (.cyberlink - brs.) -- C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Wow6432Node\Run: [HP CoolSense] . (.Hewlett-Packard Development Company, L.P. - HP CoolSense.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
O4 - HKLM\..\Wow6432Node\Run: [Olympus ib] . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files (x86)\Olympus\ib\olycamdetect.exe
O4 - HKLM\..\Wow6432Node\Run: [MDS_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop: ib.lnk . (.OLYMPUS IMAGING CORP..) -- C:\Program Files (x86)\OLYMPUS\ib\ib.exe
O4 - GS\Desktop: OLYMPUS Digital Camera Updater.lnk . (.OLYMPUS IMAGING CORP..) -- C:\Program Files (x86)\OLYMPUS\CameraUpdateTool\CameraUpdate.exe
O4 - GS\Desktop: OLYMPUS Viewer 2.lnk . (.OLYMPUS IMAGING CORP..) -- C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 2\OLYMPUS Viewer 2.exe
O4 - GS\Desktop: SZ-14,SZ-12 Manuel d�instructions.lnk . (...) -- C:\Users\Public\Documents\OLYMPUS\Camera Manual\SZ-14,SZ-12\FRA.pdf
~ Scan Global Startup in 00mn 00s
---\\ Invisibilit� de l'ic�ne d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d�affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{59BEB8F8-16B0-49B9-91D2-6B8F33732235}: DhcpNameServer = 40.21.1.201 40.21.1.202
O17 - HKLM\System\CCS\Services\Tcpip\..\{CE67B91D-4F12-475C-9ED8-3DE123FCE7FE}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{59BEB8F8-16B0-49B9-91D2-6B8F33732235}: DhcpDomain = B1-LINE.COM
O17 - HKLM\System\CS1\Services\Tcpip\..\{59BEB8F8-16B0-49B9-91D2-6B8F33732235}: DhcpNameServer = 40.21.1.201 40.21.1.202
O17 - HKLM\System\CS1\Services\Tcpip\..\{CE67B91D-4F12-475C-9ED8-3DE123FCE7FE}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{59BEB8F8-16B0-49B9-91D2-6B8F33732235}: DhcpDomain = B1-LINE.COM
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Scan Winlogon in 00mn 00s
---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Product - 2012/12/11 20:47:29 (CLKMSVC10_38F51D56) . (.CyberLink - CyberLink KM Service.) - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: oem17.inf (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\System32\Hpservice.exe
O23 - Service: HPWMISVC (HPWMISVC) . (.Hewlett-Packard Development Company, L.P. - HP Quick Launch WMI Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Patch Tool..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service In (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Norton Internet Security (NIS) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe
O23 - Service: C:\Windows\System32\stlang64.dll (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
~ Scan Services in 00mn 05s
---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleFordelphine.job
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Antivirus Scheduled Scan] (...) -- C:\Program Files (x86)\AD-AWA~1\AdAwareLauncher.exe (.not file.)
[MD5.9942DC4CC265CDA00486504444EF521D] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.724CB7A116F7E1A67009D751BCF86586] [APT] [CLMLSvc_P2G8] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
[MD5.AF51D4FE088A3EFA5303B36FFFD0581B] [APT] [HPCeeScheduleFordelphine] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] [APT] [MirageAgent] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
[MD5.1A8FAA5D7FBEB599FCC8C1021FA72987] [APT] [Norton WSC Integration] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\WSCStub.exe
[MD5.829AD42B9B9E3F589DAA30ACCAB76214] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.829AD42B9B9E3F589DAA30ACCAB76214] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.829AD42B9B9E3F589DAA30ACCAB76214] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.70240BB9753DC1C9A66D6F37344B3957] [APT] [Update Check] (.Hewlett-Packard Company.) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
[MD5.3832D44C0811EED1338B34328EB493EB] [APT] [Norton Error Analyzer] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\SymErr.exe
[MD5.3832D44C0811EED1338B34328EB493EB] [APT] [Norton Error Processor] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\SymErr.exe
~ Scan Scheduled Task in 00mn 01s
---\\ Composants install�s (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Scan Active Setup in 00mn 00s
---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: (CLVirtualDrive) . (.CyberLink - It is a virtual device driver which could c.) - C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-syst�me de mise en m�moire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels install�s (O42)
O42 - Logiciel: 7 Wonders II - (.WildTangent.) [HKLM][64Bits] -- WTA-0e88a5cf-56db-40f9-b6a1-db8d1a21c56d
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Aloha TriPeaks - (.WildTangent.) [HKLM][64Bits] -- WTA-ab62d97f-0cd8-4418-b725-5cc41602c1a5
O42 - Logiciel: Bejeweled 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-3f24f65f-a088-4e55-91d5-288fd7ad38eb
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Build-a-lot 4 - Power Source - (.WildTangent.) [HKLM][64Bits] -- WTA-2eb9e434-33c4-4c0d-9795-bcebcaa6b04f
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-1e38c2c8-1f49-449f-b9ad-b80bc6374d04
O42 - Logiciel: Connected Music powered by Universal Music Group version 1.0 - (.Snowite.) [HKLM][64Bits] -- {46037DC7-F927-46DF-935F-D6F122BDD34B}_is1
O42 - Logiciel: Cradle of Rome 2 - (.WildTangent.) [HKLM][64Bits] -- WTA-75c9cefb-eabf-4b26-abbc-e1d707079233
O42 - Logiciel: Crazy Chicken Soccer - (.WildTangent.) [HKLM][64Bits] -- WTA-a170daec-11c1-452e-a600-415f00a267a2
O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink PhotoDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}
O42 - Logiciel: CyberLink PhotoDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {4862344A-A39C-4897-ACD4-A1BED5163C5A}
O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- {2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
O42 - Logiciel: CyberLink PowerDVD - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: CyberLink PowerDVD - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Energy Star - (.Hewlett-Packard.) [HKLM][64Bits] -- {0FA995CC-C849-4755-B14B-5404CC75DC24}
O42 - Logiciel: Farm Frenzy - (.WildTangent.) [HKLM][64Bits] -- WTA-d68205d9-ec80-400c-ba63-1488975a6b7c
O42 - Logiciel: Final Drive Fury - (.WildTangent.) [HKLM][64Bits] -- WTA-93653345-e086-4e89-a39b-b9d40bdd0a34
O42 - Logiciel: Governor of Poker 2 Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-a5690c2d-152c-4063-bfcb-e16d2dc0a619
O42 - Logiciel: HP 3D DriveGuard - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {D878BE22-3270-4909-B1E1-91C8EF8D3234}
O42 - Logiciel: HP Connected Music (Meridian - installer) - (.Meridian Audio Ltd.) [HKLM][64Bits] -- StartHPConnectedMusic
O42 - Logiciel: HP CoolSense - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {16B7BDA1-B967-4D2D-8B27-E12727C28350}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: HP Documentation - (.Hewlett-Packard.) [HKLM][64Bits] -- {1AC082E0-049D-4C5C-9ECF-9473AD5A949D}
O42 - Logiciel: HP Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent hp Master Uninstall
O42 - Logiciel: HP Postscript Converter - (.Hewlett-Packard.) [HKLM][64Bits] -- {6E14E6D6-3175-4E1A-B934-CAB5A86367CD}
O42 - Logiciel: HP Quick Launch - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {4ED7050C-9332-4FB2-AB07-E94F25A53D39}
O42 - Logiciel: HP Recovery Manager - (.Hewlett-Packard.) [HKLM][64Bits] -- {528AB81B-D65A-4AB0-A2B6-82B51A087D01}
O42 - Logiciel: HP Registration Service - (.Hewlett-Packard.) [HKLM][64Bits] -- {E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}
O42 - Logiciel: HP Software Framework - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {98D5A5FA-1AA3-4CBE-B26C-A737E20F8A6D}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {B8019B54-F9BE-490A-9619-6D06F18F129F}
O42 - Logiciel: HP Utility Center - (.Hewlett-Packard.) [HKLM][64Bits] -- {0C57987A-A03A-4B95-A309-D23F78F406CA}
O42 - Logiciel: HP Wireless Button Driver - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {941DE69D-6CEE-4171-8F1F-3D7E352AA498}
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.2.0.0 - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM][64Bits] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel� Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
O42 - Logiciel: Jeux WildTangent - (.WildTangent.) [HKLM][64Bits] -- WildTangent wildgames Master Uninstall
O42 - Logiciel: Jewel Match 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-9bdb6881-8f3f-456d-94fd-13fe9fff60d0
O42 - Logiciel: Jewel Quest II - (.WildTangent.) [HKLM][64Bits] -- WTA-5b9778aa-f5af-442f-8c2f-9840bc4114a1
O42 - Logiciel: Jewel Quest Solitaire 2 - (.WildTangent.) [HKLM][64Bits] -- WTA-267f6629-0fd8-4b1a-82fe-7ac3057b4199
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 Parser and SDK - (.Microsoft Corporation.) [HKLM][64Bits] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC}
O42 - Logiciel: Mahjongg Artifacts - (.WildTangent.) [HKLM][64Bits] -- WTA-b6722e44-8c60-4c08-b4e2-ba23031f594e
O42 - Logiciel: Malwarebytes Anti-Malware version 1.70.0.1100 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Mozilla Firefox 19.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 19.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Mystery of Mortlake Mansion - (.WildTangent.) [HKLM][64Bits] -- WTA-9e4b0894-773e-4a6d-8332-94b7698fbdcb
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM][64Bits] -- NIS
O42 - Logiciel: OLYMPUS Digital Camera Updater - (.OLYMPUS IMAGING CORP..) [HKLM][64Bits] -- {2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}
O42 - Logiciel: OLYMPUS Viewer 2 - (.OLYMPUS IMAGING CORP..) [HKLM][64Bits] -- {AEE39224-92BE-4389-9493-E57FF73BB96A}
O42 - Logiciel: Olympus ib - (.OLYMPUS IMAGING CORP..) [HKLM][64Bits] -- InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}
O42 - Logiciel: Olympus ib - (.OLYMPUS IMAGING CORP..) [HKLM][64Bits] -- {89A43E80-AC6C-4DA8-9800-F4B30ED577C0}
O42 - Logiciel: Package de pilotes Windows - OLYMPUS IMAGING CORP. Camera Communication Dri - (.OLYMPUS IMAGING CORP..) [HKLM][64Bits] -- 2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WTA-19c05930-3edf-433a-a2fb-abfd72c91259
O42 - Logiciel: Ralink RT5390R 802.11bgn Wi-Fi Adapter - (.Ralink.) [HKLM][64Bits] -- {8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}
O42 - Logiciel: Ranch Rush 2 - Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-69698f37-6cbc-4e12-89e7-4aa19ae22a54
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek PCIE Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {C1594429-8296-4652-BF54-9DBE4932A44C}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: Trinklit Supreme - (.WildTangent.) [HKLM][64Bits] -- WTA-e9d03400-a63b-4d51-9cdd-2fc9a23d7821
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
O42 - Logiciel: Veetle TV - (.Veetle, Inc.) [HKLM][64Bits] -- Veetle TV
O42 - Logiciel: Virtual Families - (.WildTangent.) [HKLM][64Bits] -- WTA-a95f67f3-1aa7-4ba4-a060-b10c4946332b
O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM][64Bits] -- WTA-3c7381f5-e5ac-47ef-8a01-f9179bc75fcd
O42 - Logiciel: WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp
O42 - Logiciel: Zuma's Revenge - (.WildTangent.) [HKLM][64Bits] -- WTA-46ce0cd7-dbf4-4791-b740-6beedcf896b2
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ad-Aware Search Protection]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\adawarebp]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Avast Software]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Crystal Office]
[HKCU\Software\CyberLink]
[HKCU\Software\FileScout]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\Intel]
[HKCU\Software\Licenses]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mine]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Norton]
[HKCU\Software\OLYMPUS]
[HKCU\Software\PerformerSoft LLC]
[HKCU\Software\Policies]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Symantec]
[HKCU\Software\Synaptics]
[HKCU\Software\Veetle]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Dolby]
[HKLM\Software\HPQ]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IDT]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\Advernet]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Caphyon]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\IDT]
[HKLM\Software\Wow6432Node\Insyde]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Norton]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OLYMPUS]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Ralink]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Safer Networking Limited]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Veetle]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 01/03/2013 - 17:05:50 - [165,404] ----D C:\Program Files (x86)\Ad-Aware Antivirus
O43 - CFD: 11/12/2012 - 20:28:55 - [0,602] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 02/02/2013 - 21:20:12 - [56,981] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 01/09/2012 - 21:29:02 - [2,557] ----D C:\Program Files (x86)\Connected Music powered by Universal Music Group
O43 - CFD: 11/12/2012 - 20:49:01 - [-1318,187] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 10/02/2013 - 17:33:29 - [0] ----D C:\Program Files (x86)\Google
O43 - CFD: 03/02/2013 - 18:00:18 - [376,742] ----D C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 01/09/2012 - 21:39:12 - [794,864] ----D C:\Program Files (x86)\HP Games
O43 - CFD: 01/09/2012 - 21:28:55 - [0,671] ----D C:\Program Files (x86)\HPConnectedMusic
O43 - CFD: 10/02/2013 - 16:38:57 - [191,371] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 11/12/2012 - 20:25:44 - [136,797] ----D C:\Program Files (x86)\Intel
O43 - CFD: 13/02/2013 - 12:42:46 - [4,622] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 28/02/2013 - 17:34:48 - [12,242] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 01/09/2012 - 21:19:24 - [6,085] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 01/09/2012 - 21:24:17 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 26/07/2012 - 09:12:59 - [0,023] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 05/03/2013 - 23:01:26 - [45,059] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 05/03/2013 - 23:47:20 - [0,212] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 03/08/2012 - 23:37:58 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 10/02/2013 - 16:19:59 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 11/12/2012 - 20:54:10 - [295,658] ----D C:\Program Files (x86)\Norton Internet Security
O43 - CFD: 11/12/2012 - 20:53:17 - [24,880] ----D C:\Program Files (x86)\NortonInstaller
O43 - CFD: 05/03/2013 - 23:47:20 - [0,474] ----D C:\Program Files (x86)\Notation
O43 - CFD: 10/02/2013 - 16:41:10 - [380,058] ----D C:\Program Files (x86)\OLYMPUS
O43 - CFD: 02/02/2013 - 20:38:47 - [1,567] R---D C:\Program Files (x86)\Online Services
O43 - CFD: 11/12/2012 - 20:27:52 - [30,560] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 03/08/2012 - 23:37:58 - [36,536] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 02/02/2013 - 21:34:35 - [3,221] ----D C:\Program Files (x86)\Software Installer
O43 - CFD: 05/03/2013 - 23:47:19 - [1,294] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2
O43 - CFD: 11/12/2012 - 20:55:17 - [2,444] ----D C:\Program Files (x86)\SymSilent
O43 - CFD: 03/02/2013 - 21:05:47 - [9,935] ----D C:\Program Files (x86)\Veetle
O43 - CFD: 02/03/2013 - 00:00:20 - [0] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 03/02/2013 - 21:10:47 - [12,479] ----D C:\Program Files (x86)\VideoPerformer
O43 - CFD: 01/09/2012 - 21:39:01 - [0,441] ----D C:\Program Files (x86)\WildGames
O43 - CFD: 06/02/2013 - 19:59:40 - [16,267] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 03/02/2013 - 18:04:28 - [0,870] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 01/09/2012 - 21:24:43 - [98,217] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 03/02/2013 - 18:04:29 - [5,466] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 07/02/2013 - 13:14:40 - [3,494] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 26/07/2012 - 09:12:59 - [7,243] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 03/02/2013 - 18:04:29 - [5,226] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/07/2012 - 09:12:59 - [0] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 06/03/2013 - 19:48:08 - [20,338] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 11/12/2012 - 20:43:26 - [0,091] ----D C:\Program Files (x86)\Common Files\CyberLink
O43 - CFD: 11/12/2012 - 20:23:17 - [13,438] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 24/02/2013 - 23:00:03 - [31,848] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 01/09/2012 - 21:16:41 - [1,416] ----D C:\Program Files (x86)\Common Files\Nikon
O43 - CFD: 11/12/2012 - 20:24:22 - [0,185] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 26/07/2012 - 09:13:01 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 02/02/2013 - 21:20:12 - [0,595] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 03/02/2013 - 18:04:28 - [9,406] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 01/09/2012 - 21:23:00 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 24/02/2013 - 23:16:10 - [0,043] ----D C:\ProgramData\Ad-Aware Antivirus
O43 - CFD: 24/02/2013 - 23:00:23 - [1,231] ----D C:\ProgramData\Ad-Aware Browsing Protection
O43 - CFD: 11/12/2012 - 20:28:53 - [2,558] ----D C:\ProgramData\Apple
O43 - CFD: 26/07/2012 - 08:22:08 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 01/03/2013 - 22:08:02 - [0] ----D C:\ProgramData\AVAST Software
O43 - CFD: 02/02/2013 - 19:20:03 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 03/02/2013 - 00:16:04 - [0,147] ----D C:\ProgramData\CyberLink
O43 - CFD: 26/07/2012 - 08:22:08 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 26/07/2012 - 08:22:08 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 24/02/2013 - 22:59:53 - [19,099] ----D C:\ProgramData\Downloaded Installations
O43 - CFD: 11/12/2012 - 20:56:32 - [124,220] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 11/12/2012 - 20:41:57 - [0,100] ----D C:\ProgramData\install_clap
O43 - CFD: 11/12/2012 - 20:25:51 - [0,021] ----D C:\ProgramData\Intel
O43 - CFD: 24/02/2013 - 23:00:03 - [5,304] ----D C:\ProgramData\Lavasoft
O43 - CFD: 28/02/2013 - 17:34:46 - [5,754] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 02/02/2013 - 19:20:03 - [0] --H-D C:\ProgramData\Menu D�marrer
O43 - CFD: 10/02/2013 - 16:59:23 - [1873,847] -S--D C:\ProgramData\Microsoft
O43 - CFD: 02/02/2013 - 19:20:03 - [0] --H-D C:\ProgramData\Mod�les
O43 - CFD: 02/02/2013 - 21:37:33 - [0,000] ----D C:\ProgramData\Mozilla
O43 - CFD: 02/02/2013 - 20:58:41 - [289,651] ----D C:\ProgramData\Norton
O43 - CFD: 11/12/2012 - 20:53:17 - [36,566] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 05/02/2013 - 16:27:18 - [0,039] ----D C:\ProgramData\PRICache
O43 - CFD: 11/12/2012 - 20:29:07 - [6,985] ----D C:\ProgramData\Ralink Driver
O43 - CFD: 12/12/2012 - 06:17:22 - [0,001] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 05/03/2013 - 20:10:02 - [0,665] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 26/07/2012 - 08:22:08 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 11/12/2012 - 21:03:42 - [0,002] ----D C:\ProgramData\Synaptics
O43 - CFD: 10/02/2013 - 16:38:59 - [2,467] ----D C:\ProgramData\Temp
O43 - CFD: 26/07/2012 - 08:22:08 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 03/02/2013 - 00:14:10 - [-827,579] ----D C:\ProgramData\WildTangent
O43 - CFD: 01/09/2012 - 21:30:09 - [43,928] ----D C:\ProgramData\{BE4DD016-EE56-4AC8-9832-69281423A3D4}
O43 - CFD: 25/02/2013 - 20:24:35 - [0,026] ----D C:\Users\delphine\AppData\Roaming\Ad-Aware Antivirus
O43 - CFD: 02/02/2013 - 20:38:49 - [0,913] ----D C:\Users\delphine\AppData\Roaming\Adobe
O43 - CFD: 17/02/2013 - 11:44:35 - [0] ----D C:\Users\delphine\AppData\Roaming\Advernet
O43 - CFD: 03/02/2013 - 18:01:09 - [0,004] ----D C:\Users\delphine\AppData\Roaming\Hewlett-Packard
O43 - CFD: 02/02/2013 - 22:56:52 - [0,208] ----D C:\Users\delphine\AppData\Roaming\hpqlog
O43 - CFD: 04/02/2013 - 19:19:03 - [0] ----D C:\Users\delphine\AppData\Roaming\Identities
O43 - CFD: 24/02/2013 - 22:58:17 - [0,001] ----D C:\Users\delphine\AppData\Roaming\LavasoftStatistics
O43 - CFD: 02/02/2013 - 21:32:40 - [0,010] ----D C:\Users\delphine\AppData\Roaming\Macromedia
O43 - CFD: 28/02/2013 - 17:34:55 - [0,009] ----D C:\Users\delphine\AppData\Roaming\Malwarebytes
O43 - CFD: 10/02/2013 - 16:59:23 - [0,877] -S--D C:\Users\delphine\AppData\Roaming\Microsoft
O43 - CFD: 02/02/2013 - 21:37:56 - [89,337] ----D C:\Users\delphine\AppData\Roaming\Mozilla
O43 - CFD: 02/02/2013 - 20:39:18 - [0] ----D C:\Users\delphine\AppData\Roaming\Synaptics
O43 - CFD: 03/02/2013 - 00:08:58 - [3,642] ----D C:\Users\delphine\AppData\Roaming\WildTangent
O43 - CFD: 24/02/2013 - 23:02:31 - [2,801] ----D C:\Users\delphine\AppData\Local\adawarebp
O43 - CFD: 02/02/2013 - 20:36:02 - [0] ----D C:\Users\delphine\AppData\Local\Application Data
O43 - CFD: 21/02/2013 - 18:50:37 - [0,064] ----D C:\Users\delphine\AppData\Local\Diagnostics
O43 - CFD: 03/02/2013 - 22:08:27 - [13,132] ----D C:\Users\delphine\AppData\Local\Google
O43 - CFD: 12/02/2013 - 08:01:24 - [0,010] ----D C:\Users\delphine\AppData\Local\Hewlett-Packard
O43 - CFD: 02/02/2013 - 20:36:02 - [0] ----D C:\Users\delphine\AppData\Local\Historique
O43 - CFD: 02/02/2013 - 22:37:39 - [0] ----D C:\Users\delphine\AppData\Local\Macromedia
O43 - CFD: 19/02/2013 - 18:28:23 - [136,058] ----D C:\Users\delphine\AppData\Local\Microsoft
O43 - CFD: 02/02/2013 - 21:37:41 - [158,626] ----D C:\Users\delphine\AppData\Local\Mozilla
O43 - CFD: 02/02/2013 - 21:34:10 - [0,190] ----D C:\Users\delphine\AppData\Local\Notation
O43 - CFD: 10/02/2013 - 16:43:57 - [40,327] ----D C:\Users\delphine\AppData\Local\OLYMPUS
O43 - CFD: 22/02/2013 - 08:32:19 - [130,599] ----D C:\Users\delphine\AppData\Local\Packages
O43 - CFD: 02/02/2013 - 20:37:08 - [0,039] ----D C:\Users\delphine\AppData\Local\Power2Go8
O43 - CFD: 06/02/2013 - 20:09:06 - [0] ----D C:\Users\delphine\AppData\Local\Programs
O43 - CFD: 06/03/2013 - 19:45:22 - [5,556] ----D C:\Users\delphine\AppData\Local\Temp
O43 - CFD: 02/02/2013 - 20:36:03 - [0] ----D C:\Users\delphine\AppData\Local\Temporary Internet Files
O43 - CFD: 02/02/2013 - 20:36:37 - [0] ----D C:\Users\delphine\AppData\Local\VirtualStore
O43 - CFD: 26/07/2012 - 09:13:00 - [0,004] R---D C:\Users\delphine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/07/2012 - 09:13:00 - [0,001] R---D C:\Users\delphine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 27/02/2013 - 08:24:01 - [0,000] R---D C:\Users\delphine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 26/07/2012 - 09:13:00 - [0,000] ----D C:\Users\delphine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 10/02/2013 - 16:43:27 - [0,005] ----D C:\Users\delphine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OLYMPUS ib
O43 - CFD: 27/02/2013 - 08:24:01 - [0,000] R---D C:\Users\delphine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/07/2012 - 09:13:00 - [0,005] R---D C:\Users\delphine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
~ Scan Program Folder in 00mn 01s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.8BBA6B3F7E0278CDBBFF100244B14276] - 06/03/2013 - 19:30:39 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.EDCDAE4F98377E31403C7786F207BC8B] - 06/03/2013 - 12:26:37 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1678485]
O44 - LFC:[MD5.EEBE51A654DEC13FD40401344034B4B4] - 05/03/2013 - 23:54:50 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1994362]
O44 - LFC:[MD5.39D945D76A1EEB23F1D86E5DB2349EF7] - 05/03/2013 - 23:54:50 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [158234]
O44 - LFC:[MD5.75E08AD02A7F6A8FAB82B7FBF86F8E61] - 05/03/2013 - 23:54:50 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [188148]
O44 - LFC:[MD5.5833AB229C304074E7A6B55089346797] - 05/03/2013 - 23:54:50 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [774720]
O44 - LFC:[MD5.D376A3DA5CA6A999D87A629F5AFE2BFE] - 05/03/2013 - 23:54:50 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [874848]
O44 - LFC:[MD5.EEBE51A654DEC13FD40401344034B4B4] - 05/03/2013 - 23:54:50 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1994362]
O44 - LFC:[MD5.D85F9ABD6C9EC37B4A32CB34EF662F2D] - 05/03/2013 - 23:47:20 ---A- . (...) -- C:\Windows\PFRO.log [14702]
O44 - LFC:[MD5.D91B8E8C48E605755ECD8614B80156C1] - 05/03/2013 - 23:45:15 ---A- . (...) -- C:\AdwCleaner[S3].txt [1825]
O44 - LFC:[MD5.471F389495388E1F64211079DE5EACC2] - 05/03/2013 - 23:44:43 ---A- . (...) -- C:\AdwCleaner[R6].txt [1760]
O44 - LFC:[MD5.FFBB3A488B02468ADB9A6C7B6117AD10] - 05/03/2013 - 18:39:45 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/03/2013 - 16:04:18 ---A- . (...) -- C:\Windows\SysNative\HP_ActiveX_Patch_NOT_DETECTED.txt [0]
O44 - LFC:[MD5.BAC8590222D66B791D29926CECEEC823] - 01/03/2013 - 23:25:28 ---A- . (...) -- C:\AdwCleaner[S2].txt [2008]
O44 - LFC:[MD5.44134C854DC8A18464313F1F44AD939E] - 01/03/2013 - 23:25:13 ---A- . (...) -- C:\AdwCleaner[R5].txt [1937]
O44 - LFC:[MD5.8ECBC87FEB9C3B2D3E27D48CC84A7370] - 01/03/2013 - 23:14:47 ---A- . (...) -- C:\AdwCleaner[R4].txt [1877]
O44 - LFC:[MD5.711BA921F844256CB703807105BB6225] - 01/03/2013 - 22:13:55 ---A- . (...) -- C:\AdwCleaner[S1].txt [10078]
O44 - LFC:[MD5.DAF8D6BED7AD025FF2428BBA0F11D7B8] - 01/03/2013 - 22:13:40 ---A- . (...) -- C:\AdwCleaner[R3].txt [10274]
O44 - LFC:[MD5.63D58B07654C52FFC4E9F6DBD3FEB35E] - 01/03/2013 - 22:02:40 ---A- . (...) -- C:\AdwCleaner[R2].txt [10213]
O44 - LFC:[MD5.2B7BA5561E0B11726D1C533EB051C734] - 01/03/2013 - 22:00:56 ---A- . (...) -- C:\AdwCleaner[R1].txt [10152]
O44 - LFC:[MD5.9E990EA9C021A9D482614E2B9E83995D] - 28/02/2013 - 09:35:43 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\SysNative\aswBoot.exe [287840]
O44 - LFC:[MD5.9B12D2AEC4E774D96578E7ECBE4459C5] - 17/02/2013 - 13:45:27 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [295848]
O44 - LFC:[MD5.C1BF55AD208A7950FA85B311D689E12F] - 10/02/2013 - 16:22:17 ---A- . (...) -- C:\Windows\DPINST.LOG [11832]
O44 - LFC:[MD5.A57BA284F5996FFD32DCDBC41A4657DB] - 10/01/2013 - 00:22:35 . (...) -- C:\Windows\System32\lsm.dll [478424]
O44 - LFC:[MD5.4CA4361F9C6FA21B65821AD74D0CD081] - 05/01/2013 - 01:08:04 ---A- . (...) -- C:\Windows\SysNative\ApnDatabase.xml [386577]
O44 - LFC:[MD5.7F38EFD2A0A2C393E8348A73073D6F8E] - 06/11/2012 - 05:18:37 . (...) -- C:\Windows\System32\localspl.dll [478424]
O44 - LFC:[MD5.D293F2E8CEE73B87B04790D5169C0F25] - 11/10/2012 - 06:44:22 . (...) -- C:\Windows\System32\lsasrv.dll [478424]
O44 - LFC:[MD5.73FF017788E8494524F7348BE197E75A] - 11/10/2012 - 01:44:27 ---A- . (...) -- C:\Windows\SysNative\locale.nls [478424]
O44 - LFC:[MD5.73FF017788E8494524F7348BE197E75A] - 11/10/2012 - 01:44:27 ---A- . (...) -- C:\Windows\System32\locale.nls [478424]
O44 - LFC:[MD5.75B2D5E65DE399AD3B0E03FE5C426F5E] - 20/09/2012 - 07:33:39 . (...) -- C:\Windows\System32\lpksetup.exe [478424]
O44 - LFC:[MD5.3494C5395B3DE612EE833A99C54958F3] - 20/09/2012 - 07:33:39 . (...) -- C:\Windows\System32\lpremove.exe [478424]
O44 - LFC:[MD5.F702AB6181513303AB0FC8D59E52708B] - 20/09/2012 - 07:33:39 . (...) -- C:\Windows\System32\lsass.exe [478424]
O44 - LFC:[MD5.E72DE55561A739D3EF5C2BA1464F1298] - 20/09/2012 - 07:33:19 ---A- . (...) -- C:\Windows\SysNative\OEMLicense.dll [110592]
O44 - LFC:[MD5.E72DE55561A739D3EF5C2BA1464F1298] - 20/09/2012 - 07:33:19 ---A- . (...) -- C:\Windows\System32\OEMLicense.dll [110592]
O44 - LFC:[MD5.789422243073568AE49BC1FC3A3D964C] - 20/09/2012 - 07:31:49 . (...) -- C:\Windows\System32\lpksetupproxyserv.dll [478424]
~ Scan Files in 00mn 02s
---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.12A9368C2BC9FCD56BDCD3136E512F1C] - 01/03/2013 - 12:53:08 ---A- - C:\Windows\Prefetch\ADAWARE.EXE-EC222E9B.pf
O45 - LFCP:[MD5.7CFC155E6598961C07B12E5BD17EE5A9] - 01/03/2013 - 16:57:57 ---A- - C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_5_502_14-95226A97.pf
O45 - LFCP:[MD5.64A21631BBB70042EBB4B2D3DC173788] - 01/03/2013 - 18:24:25 ---A- - C:\Windows\Prefetch\MALWAREBYTES-ANTI-MALWARE_MAL-40547773.pf
O45 - LFCP:[MD5.87F28C7B9AD026B0D4BFB44CF3AF6451] - 01/03/2013 - 18:24:25 ---A- - C:\Windows\Prefetch\MALWAREBYTES-ANTI-MALWARE_MAL-8062B210.pf
O45 - LFCP:[MD5.31C87E32FD3E9CF6AB95A3332AD4DA93] - 01/03/2013 - 18:31:28 ---A- - C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP.EX-9C394DEF.pf
O45 - LFCP:[MD5.F108FE770AC57AF1C7A9A1D2D0EEE53A] - 01/03/2013 - 18:31:40 ---A- - C:\Windows\Prefetch\AVAST.SETUP-01A4C819.pf
O45 - LFCP:[MD5.8A5DEC3C74AA71116339AC82EBC4B908] - 01/03/2013 - 18:33:14 ---A- - C:\Windows\Prefetch\VCREDIST_X86_SP1.EXE-9A7CACCD.pf
O45 - LFCP:[MD5.55EF6E96B7186E9BC5DF8ED635819F98] - 01/03/2013 - 18:54:19 ---A- - C:\Windows\Prefetch\GLCND.EXE-DD45F588.pf
O45 - LFCP:[MD5.7FD097111D302FBFC9CA10E5402DB0F9] - 01/03/2013 - 18:54:20 ---A- - C:\Windows\Prefetch\RUNTIMEBROKER.EXE-AE08465F.pf
O45 - LFCP:[MD5.2DE4BFDCE2CF78B34A3CB4457D5F90E9] - 01/03/2013 - 22:03:29 ---A- - C:\Windows\Prefetch\AVAST.SETUP-50B30900.pf
O45 - LFCP:[MD5.D935538036D79919DB3BBD7C2036B0E2] - 01/03/2013 - 22:39:18 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-94CE7668.pf
O45 - LFCP:[MD5.D75DF4F0FE394D13D55C859FAC3E7046] - 01/03/2013 - 23:48:45 ---A- - C:\Windows\Prefetch\FIREFOX SETUP 18.0.2.EXE-C0CF3FF2.pf
O45 - LFCP:[MD5.2AEA75C393D9738A76993FDF49B8A46C] - 01/03/2013 - 23:48:58 ---A- - C:\Windows\Prefetch\SETUP.EXE-8C44ED32.pf
O45 - LFCP:[MD5.99D7FB54BAD87E7D9C0644A802D9269E] - 01/03/2013 - 23:49:37 ---A- - C:\Windows\Prefetch\ROGUEKILLER.EXE-1162F6FC.pf
O45 - LFCP:[MD5.627826945FAA7AE4ABC0B40EDEBD2A1F] - 01/03/2013 - 23:52:10 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-F0516D55.pf
O45 - LFCP:[MD5.4220CFDC4C9033A0D2AA3F9830FE5A66] - 01/03/2013 - 23:59:36 ---A- - C:\Windows\Prefetch\UNINS000.EXE-2A802653.pf
O45 - LFCP:[MD5.6B34B87E4B2918716A576DAB902CE130] - 02/03/2013 - 00:01:20 ---A- - C:\Windows\Prefetch\AU_.EXE-CB1D0634.pf
O45 - LFCP:[MD5.CE28A683F9933DC31713C93756A7263B] - 03/03/2013 - 08:07:39 ---A- - C:\Windows\Prefetch\AgCx_SC4.db
O45 - LFCP:[MD5.A7FCF57DC75233E0A0706893AEC2AB6E] - 03/03/2013 - 22:09:11 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-917C29EF.pf
O45 - LFCP:[MD5.50B9F0FD7F9923C8BB37524376827D9F] - 03/03/2013 - 22:09:58 ---A- - C:\Windows\Prefetch\PICKERHOST.EXE-03F09186.pf
O45 - LFCP:[MD5.7A00B70DA93532066F34D9AA7A5B80C9] - 03/03/2013 - 22:10:12 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf
O45 - LFCP:[MD5.551D17D3EB8BB15256C42C57D77C0334] - 03/03/2013 - 22:10:13 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf
O45 - LFCP:[MD5.BD4218EF340661A3C2E4AE033AEC4786] - 03/03/2013 - 22:26:49 ---A- - C:\Windows\Prefetch\SETUP.EXE-3875491A.pf
O45 - LFCP:[MD5.DE2FE462F5A3A817B3FC17D4BB9FACF5] - 03/03/2013 - 22:28:18 ---A- - C:\Windows\Prefetch\OPENWITH.EXE-BA0DC300.pf
O45 - LFCP:[MD5.798F48830FFDCE7666C70E4FA496D641] - 04/03/2013 - 18:43:47 ---A- - C:\Windows\Prefetch\dynreservedpri.db
O45 - LFCP:[MD5.938F78DA067B0D46D4F7DCA634C6645E] - 05/02/2013 - 16:28:13 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-B4587EAF.pf
O45 - LFCP:[MD5.133B15ECA8F0256EAB99BBA3293EF8DE] - 05/02/2013 - 17:06:44 ---A- - C:\Windows\Prefetch\UNINS000.EXE-1DB00DCD.pf
O45 - LFCP:[MD5.CABD9B433B0B7C43E35982E7F2408EB5] - 05/03/2013 - 18:39:39 ---A- - C:\Windows\Prefetch\NSLOOKUP.EXE-EB35EDAD.pf
O45 - LFCP:[MD5.E6F5BFEF07D953A16E2E698C9B2243CE] - 05/03/2013 - 18:39:45 ---A- - C:\Windows\Prefetch\MBRCHECK.EXE-52282269.pf
O45 - LFCP:[MD5.8E2EF7198D526E9E598B1A7A16218441] - 05/03/2013 - 19:20:31 ---A- - C:\Windows\Prefetch\SDWELCOME.EXE-FA3DE6B8.pf
O45 - LFCP:[MD5.B4121B42FACCA8C152D9E50E788FCD86] - 05/03/2013 - 19:23:52 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-05B3EDF6.pf
O45 - LFCP:[MD5.B1DA238876F428C7F2B60063A6D135AB] - 05/03/2013 - 19:33:20 ---A- - C:\Windows\Prefetch\SDSYSREPAIR.EXE-ED81A5EE.pf
O45 - LFCP:[MD5.F4E0B9B7975115A55ED100B49239F016] - 05/03/2013 - 19:36:34 ---A- - C:\Windows\Prefetch\SDSCAN.EXE-0F32CACD.pf
O45 - LFCP:[MD5.6137E35F5D2022235614395350AAA386] - 05/03/2013 - 20:10:03 ---A- - C:\Windows\Prefetch\SDTOOLS.EXE-8EFF0F51.pf
O45 - LFCP:[MD5.50E99027C4E9BF4C3C6A1AC0998A309F] - 05/03/2013 - 21:58:30 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-276AC160.pf
O45 - LFCP:[MD5.F026DC54CDE99684346B3936147186A4] - 05/03/2013 - 22:39:42 ---A- - C:\Windows\Prefetch\CONTROL.EXE-5BCB0217.pf
O45 - LFCP:[MD5.09E2CC2EB9A6B56C1603F6F559BCA03B] - 05/03/2013 - 22:39:43 ---A- - C:\Windows\Prefetch\Op-EXPLORER.EXE-03C49D11-000000F5.pf
O45 - LFCP:[MD5.8ED9F4057276A777288834F33B08E92B] - 05/03/2013 - 22:40:27 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-7242160E.pf
O45 - LFCP:[MD5.600828A9C5BBE553593FEEB10C0F5C8A] - 05/03/2013 - 22:40:27 ---A- - C:\Windows\Prefetch\UNINS000.EXE-7905E4F2.pf
O45 - LFCP:[MD5.CDCF9FE0400E6A0EEC4E657ECBFBED99] - 05/03/2013 - 22:40:28 ---A- - C:\Windows\Prefetch\_IU14D2N.TMP-7AFA8F79.pf
O45 - LFCP:[MD5.8B86B81131122CBDB75676BBEFCD9053] - 05/03/2013 - 22:43:11 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-8162C2FA.pf
O45 - LFCP:[MD5.0C9DB852B12FD939510A50BD1580F710] - 05/03/2013 - 22:43:23 ---A- - C:\Windows\Prefetch\ZHPFIX.EXE-AFDB3DAC.pf
O45 - LFCP:[MD5.5006BBEA12F58DD488D491BB07E1CD2A] - 05/03/2013 - 22:44:47 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-BAE57A74.pf
O45 - LFCP:[MD5.50A52B351A096D0F1AC67B44566E98D8] - 05/03/2013 - 22:44:50 ---A- - C:\Windows\Prefetch\REG.EXE-CC1AF0A4.pf
O45 - LFCP:[MD5.1D7CF96E56E762989EFFEC2E02666295] - 05/03/2013 - 22:44:50 ---A- - C:\Windows\Prefetch\REGEDIT.EXE-FA6F6DA2.pf
O45 - LFCP:[MD5.1CE376724E33C21F3D02196208D5FBA7] - 05/03/2013 - 22:45:00 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-8D368B00.pf
O45 - LFCP:[MD5.FA15F2CCE0CABCD91CC58CC5F85D7D15] - 05/03/2013 - 22:45:01 ---A- - C:\Windows\Prefetch\VSSVC.EXE-206E55B3.pf
O45 - LFCP:[MD5.BAFD23A6B430E6A6A86305DEDDD72D5C] - 05/03/2013 - 22:45:02 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-574A519D.pf
O45 - LFCP:[MD5.B954A7B9768F6CC82A7FCCB50846A2D4] - 05/03/2013 - 22:45:27 ---A- - C:\Windows\Prefetch\SRTASKS.EXE-29C2E869.pf
O45 - LFCP:[MD5.805C5CABA30942EC6DA7A7E5C8E57446] - 05/03/2013 - 22:48:30 ---A- - C:\Windows\Prefetch\HPASSET.EXE-01C82747.pf
O45 - LFCP:[MD5.77B0BC16E842005C07F37445DCCD3558] - 05/03/2013 - 22:48:34 ---A- - C:\Windows\Prefetch\HPSF.EXE-FF58409B.pf
O45 - LFCP:[MD5.2D29F5369E7FA0DA549FC1318E66D97B] - 05/03/2013 - 22:49:23 ---A- - C:\Windows\Prefetch\HPNETWORKCHECK.EXE-1B1BFCC5.pf
O45 - LFCP:[MD5.3186A38909EF46933E5137A0017D8B40] - 05/03/2013 - 22:49:54 ---A- - C:\Windows\Prefetch\HPSFREPORT.EXE-F05D66CA.pf
O45 - LFCP:[MD5.39331D5230D6F63F7DA78BAF7113CF73] - 05/03/2013 - 22:49:56 ---A- - C:\Windows\Prefetch\CSC.EXE-4D47A477.pf
O45 - LFCP:[MD5.E5310400EEE5108CAD5B6B316EC7E5FB] - 05/03/2013 - 22:49:56 ---A- - C:\Windows\Prefetch\CVTRES.EXE-9077A165.pf
O45 - LFCP:[MD5.087B9CD91B17816B68856F9CE6174E27] - 05/03/2013 - 22:49:59 ---A- - C:\Windows\Prefetch\HPCEE.EXE-5D942735.pf
O45 - LFCP:[MD5.FDCF65D6C7F9098F0DED64D9BC8E48F1] - 05/03/2013 - 23:00:46 ---A- - C:\Windows\Prefetch\FIREFOX SETUP 19.0.1.EXE-84E2CE52.pf
O45 - LFCP:[MD5.AD6DC0FBD5786E6A33DA330EE259D1F9] - 05/03/2013 - 23:00:53 ---A- - C:\Windows\Prefetch\SETUP.EXE-CE576293.pf
O45 - LFCP:[MD5.C4ACA0ACAB8328904DB491598BFDDB95] - 05/03/2013 - 23:01:26 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-E1DBB6D8.pf
O45 - LFCP:[MD5.69DCC0C071CDBD1AAB8758AC602D5CD6] - 05/03/2013 - 23:01:27 ---A- - C:\Windows\Prefetch\MAINTENANCESERVICE_INSTALLER.-A809585F.pf
O45 - LFCP:[MD5.85C4328FC4E4A44848EFD5F66CE73717] - 05/03/2013 - 23:01:27 ---A- - C:\Windows\Prefetch\MAINTENANCESERVICE_TMP.EXE-863239D3.pf
O45 - LFCP:[MD5.9EFCB2FEE73D680E9FC46E20C6760D66] - 05/03/2013 - 23:04:03 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-92A1BF97.pf
O45 - LFCP:[MD5.E36EE9ADDB9E1E046C1248FA9AEF597C] - 05/03/2013 - 23:04:50 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C7028A70.pf
O45 - LFCP:[MD5.8071CECE80EDF646996597B979DEAF78] - 05/03/2013 - 23:16:23 ---A- - C:\Windows\Prefetch\SYMERR.EXE-85F7934F.pf
O45 - LFCP:[MD5.A6AE10C69E907C1747BE55859FB82941] - 05/03/2013 - 23:28:06 ---A- - C:\Windows\Prefetch\PING.EXE-CF0A440C.pf
O45 - LFCP:[MD5.57E17E560849C1B66E01938A42386E6F] - 05/03/2013 - 23:44:44 ---A- - C:\Windows\Prefetch\ADWCLEANER.EXE-FF168C49.pf
O45 - LFCP:[MD5.9C5C7EF6D211E4E47C564469D35C6B17] - 05/03/2013 - 23:46:27 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.2C5A5E26CE151AEE97C154FF7B79B5C3] - 05/03/2013 - 23:48:17 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-EF8503D3.pf
O45 - LFCP:[MD5.FEA7BD512034755BBECF2909433C6DC7] - 05/03/2013 - 23:49:47 ---A- - C:\Windows\Prefetch\HPSA_SERVICE.EXE-1776F51A.pf
O45 - LFCP:[MD5.4A041547B414A133436A6E1B8D5E84BE] - 05/03/2013 - 23:49:50 ---A- - C:\Windows\Prefetch\INTELMEFWSERVICE.EXE-265333D9.pf
O45 - LFCP:[MD5.D16A5113EECF11679785112D9C7D1922] - 05/03/2013 - 23:49:50 ---A- - C:\Windows\Prefetch\LMS.EXE-409EDB07.pf
O45 - LFCP:[MD5.79A13BC7B0CE9425C9FC18AA04CFF225] - 05/03/2013 - 23:49:50 ---A- - C:\Windows\Prefetch\RICONMAN.EXE-D63AD6B8.pf
O45 - LFCP:[MD5.D664F095015DFB33557F0B6696B4781C] - 05/03/2013 - 23:49:56 ---A- - C:\Windows\Prefetch\INSTCA.EXE-9EE660C0.pf
O45 - LFCP:[MD5.CF3A41B4178932D73C4C1613FE4027F0] - 05/03/2013 - 23:49:57 ---A- - C:\Windows\Prefetch\ELAMINST.EXE-B6F2D6BF.pf
O45 - LFCP:[MD5.6EF5394DAE556A6EF010C80AAB49726A] - 05/03/2013 - 23:49:57 ---A- - C:\Windows\Prefetch\SYMIMI64.EXE-30270202.pf
O45 - LFCP:[MD5.4B24AEF4EA462B76863058BE06EE8A05] - 05/03/2013 - 23:49:59 ---A- - C:\Windows\Prefetch\UNS.EXE-9B1279FB.pf
O45 - LFCP:[MD5.ADC7C8D3F84124C475763BF435CCF23C] - 05/03/2013 - 23:50:06 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-6520183E.pf
O45 - LFCP:[MD5.49F56F64A8DFEC5A5BA1DD8D9919FC3F] - 05/03/2013 - 23:50:15 ---A- - C:\Windows\Prefetch\CCSVCHST.EXE-5B613C34.pf
O45 - LFCP:[MD5.E00EF9DA073C571EB2B72661DF01C4C8] - 05/03/2013 - 23:50:22 ---A- - C:\Windows\Prefetch\WSCSTUB.EXE-587ACC4D.pf
O45 - LFCP:[MD5.4F5960B041319AF75F074A1621B4B2C8] - 05/03/2013 - 23:51:45 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-7D63BB4C.pf
O45 - LFCP:[MD5.3F293BE2BD97310E71700BDD90DDEF9A] - 05/03/2013 - 23:52:14 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-3290E8FC.pf
O45 - LFCP:[MD5.4B776730EF21C2B15574650C4ACE540E] - 05/03/2013 - 23:52:23 ---A- - C:\Windows\Prefetch\MBAM.EXE-125A28F9.pf
O45 - LFCP:[MD5.73353381AC05AEC289C30D1CA259B961] - 06/02/2013 - 20:09:09 ---A- - C:\Windows\Prefetch\SPYBOTSD2.TMP-29E62DD8.pf
O45 - LFCP:[MD5.8F12485183397A5DFAD7F62199F43EB1] - 06/02/2013 - 22:38:02 ---A- - C:\Windows\Prefetch\MSDT.EXE-A16F1692.pf
O45 - LFCP:[MD5.3E4BA0AE3D2D6A4F8EBE03146F53ABDE] - 06/02/2013 - 22:40:10 ---A- - C:\Windows\Prefetch\DISPLAYSWITCH.EXE-4D432882.pf
O45 - LFCP:[MD5.63242EAD414BE1DEADDFFC2EA9B24D32] - 06/03/2013 - 00:36:47 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5B401A7E.pf
O45 - LFCP:[MD5.7D66655E2825926C75699FFEF794BC27] - 06/03/2013 - 00:49:31 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-E876EF7E.pf
O45 - LFCP:[MD5.B3849BAA8BFDF6C8E3E5B50C514B5CC8] - 06/03/2013 - 08:11:37 ---A- - C:\Windows\Prefetch\SYNTPHELPER.EXE-878378AE.pf
O45 - LFCP:[MD5.38746D15627265C1BEF866B8D2A8B3C5] - 06/03/2013 - 08:11:40 ---A- - C:\Windows\Prefetch\PDVD10SERV.EXE-99C8A7B5.pf
O45 - LFCP:[MD5.785C9A96AC048B8EF7805B5F53596149] - 06/03/2013 - 08:21:29 ---A- - C:\Windows\Prefetch\CLTLMH.EXE-9063CA12.pf
O45 - LFCP:[MD5.ABD08F62C1F0F7AE72510E372BD1E8A9] - 06/03/2013 - 08:26:15 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C1C2EFBE.pf
O45 - LFCP:[MD5.4844FD8F6A5BDF2A5AB96E83234B8D30] - 06/03/2013 - 08:27:18 ---A- - C:\Windows\Prefetch\SETTINGSYNCHOST.EXE-DD400067.pf
O45 - LFCP:[MD5.571173AEBE8C1A7F8183B898920F7935] - 06/03/2013 - 08:27:18 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-3C5D03F7.pf
O45 - LFCP:[MD5.B0DEB7B713341CD2CE59AFA1139BD7A2] - 06/03/2013 - 08:27:20 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-CD4E002C.pf
O45 - LFCP:[MD5.39B17403E160AAB50CA80F8832728ED7] - 06/03/2013 - 08:27:21 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-4DB88ADA.pf
O45 - LFCP:[MD5.961D2B2AE604AB5D321EFBAB7537EB1B] - 06/03/2013 - 08:27:45 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-55FE3087.pf
O45 - LFCP:[MD5.A403D05F073F76FFE397C2E41E8035EB] - 06/03/2013 - 08:27:45 ---A- - C:\Windows\Prefetch\NGEN.EXE-A8DBB043.pf
O45 - LFCP:[MD5.C81B54669C1864DCAA03A6D453059CE8] - 06/03/2013 - 08:27:50 ---A- - C:\Windows\Prefetch\NGEN.EXE-383F81D5.pf
O45 - LFCP:[MD5.451543AE61DD5E445D4D3CCC87B3DCEC] - 06/03/2013 - 08:27:52 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-D593A5D9.pf
O45 - LFCP:[MD5.0E3088032C18CB1F3FF57650D3B529BD] - 06/03/2013 - 09:05:01 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-D687BE54.pf
O45 - LFCP:[MD5.31104060A4291B6DD30C02E108EC03D2] - 06/03/2013 - 09:05:17 ---A- - C:\Windows\Prefetch\IGFXSRVC.EXE-F41E6E8E.pf
O45 - LFCP:[MD5.1A49E15C0B528A9CE92EBBFBD038D861] - 06/03/2013 - 12:06:09 ---A- - C:\Windows\Prefetch\TIWORKER.EXE-D3BFD41F.pf
O45 - LFCP:[MD5.5A5030B38559D3E35F5E81747E10DAB6] - 06/03/2013 - 12:06:09 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-B018CCBF.pf
O45 - LFCP:[MD5.8499D8ECAA259686557E837F5F315847] - 06/03/2013 - 12:06:19 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-65421336.pf
O45 - LFCP:[MD5.1B8A93DF16F7C102F69C5ACFC2FEE2A4] - 06/03/2013 - 13:00:51 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-985C34E6.pf
O45 - LFCP:[MD5.B6021FE4AB0C897E656439DF0DDC6E3A] - 06/03/2013 - 13:52:58 ---A- - C:\Windows\Prefetch\SMSS.EXE-81AD91F0.pf
O45 - LFCP:[MD5.9F0B49D87B87CD0B0C0670EBC0876C91] - 06/03/2013 - 13:53:08 ---A- - C:\Windows\Prefetch\CSRSS.EXE-A7A2B218.pf
O45 - LFCP:[MD5.69E63A9A8548C47301AA80A0E0E5492A] - 06/03/2013 - 17:03:42 ---A- - C:\Windows\Prefetch\DWM.EXE-F29FE9E2.pf
O45 - LFCP:[MD5.FB8EE04EF1034C3E89A64C78ACD08CBB] - 06/03/2013 - 17:03:42 ---A- - C:\Windows\Prefetch\WINLOGON.EXE-0D9AB72B.pf
O45 - LFCP:[MD5.0FF58E36A15B3CF64B869097A3804002] - 06/03/2013 - 17:03:45 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-F2C7AEBC.pf
O45 - LFCP:[MD5.05E9987794D8E0C31C295D09CA93BBA9] - 06/03/2013 - 17:06:38 ---A- - C:\Windows\Prefetch\MBAMGUI.EXE-9FF23AE2.pf
O45 - LFCP:[MD5.50A69FF0382728B8D34E8843681E9651] - 06/03/2013 - 17:06:38 ---A- - C:\Windows\Prefetch\TASKHOSTEX.EXE-7356AAC0.pf
O45 - LFCP:[MD5.E67985EDF6A3C3D366483227A32DB532] - 06/03/2013 - 17:06:38 ---A- - C:\Windows\Prefetch\USERINIT.EXE-7FD17ED1.pf
O45 - LFCP:[MD5.8A210DE70CFF205455B7D094E01612CB] - 06/03/2013 - 17:06:40 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf
O45 - LFCP:[MD5.9EADBEE97D3E950E61A083EA881D7D5A] - 06/03/2013 - 17:06:44 ---A- - C:\Windows\Prefetch\IGFXTRAY.EXE-21BDFE68.pf
O45 - LFCP:[MD5.D0EFDCECC0EF40DF83761ACBD136ED46] - 06/03/2013 - 17:06:44 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-C6CFE2A8.pf
O45 - LFCP:[MD5.B62AC1059CDEA1B009397BC896499B61] - 06/03/2013 - 17:06:47 ---A- - C:\Windows\Prefetch\CCSVCHST.EXE-5B613C33.pf
O45 - LFCP:[MD5.BBA335F001FC7F1760048A2CDDBC4DFC] - 06/03/2013 - 17:06:50 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-528BC649.pf
O45 - LFCP:[MD5.E70D62138CA88537DE7B09AB4836F564] - 06/03/2013 - 17:06:52 ---A- - C:\Windows\Prefetch\VIRTUALDRIVE.EXE-018D4C1C.pf
O45 - LFCP:[MD5.4C8C4583521491506103641E2BE5DAF5] - 06/03/2013 - 17:06:54 ---A- - C:\Windows\Prefetch\HKCMD.EXE-15DC91D5.pf
O45 - LFCP:[MD5.9BF63BC668B90B2A0F2A61906FD27A4B] - 06/03/2013 - 17:06:55 ---A- - C:\Windows\Prefetch\IGFXPERS.EXE-82C794F2.pf
O45 - LFCP:[MD5.E2777295D5C843C4B82BA2186F22FD39] - 06/03/2013 - 17:06:55 ---A- - C:\Windows\Prefetch\MUISTARTMENU.EXE-B646921D.pf
O45 - LFCP:[MD5.871B8FDFD1C3ED48E88CB792E2350F19] - 06/03/2013 - 17:06:55 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-E874B0D0.pf
O45 - LFCP:[MD5.BF8E3C608A81C39031B046673782D2C4] - 06/03/2013 - 17:06:56 ---A- - C:\Windows\Prefetch\STTRAY64.EXE-D84D4C46.pf
O45 - LFCP:[MD5.F6078A65D2BE16705C1003E836171C49] - 06/03/2013 - 17:06:57 ---A- - C:\Windows\Prefetch\SYNTPENH.EXE-2DD080ED.pf
O45 - LFCP:[MD5.BF74F63BAC1AAF70D1E6BC7F191B67C6] - 06/03/2013 - 17:07:01 ---A- - C:\Windows\Prefetch\BRS.EXE-CF01349B.pf
O45 - LFCP:[MD5.44B480BC8DBF16596F17F190D4A050D2] - 06/03/2013 - 17:07:02 ---A- - C:\Windows\Prefetch\COOLSENSE.EXE-73AEAC0D.pf
O45 - LFCP:[MD5.0CD4FE0609FBB985FF4BE48974426AA7] - 06/03/2013 - 17:07:02 ---A- - C:\Windows\Prefetch\HPMSGSVC.EXE-D38F7EA6.pf
O45 - LFCP:[MD5.C5381F75ECA8F33E90FE3E406DB5B227] - 06/03/2013 - 17:07:20 ---A- - C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-E510713D.pf
O45 - LFCP:[MD5.50F106805E3B1906A47A677D92AC9BCE] - 06/03/2013 - 17:07:21 ---A- - C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_6_602_17-027ADC8F.pf
O45 - LFCP:[MD5.F816B6B208F0E1B6EABB2D492E50F964] - 06/03/2013 - 17:07:41 ---A- - C:\Windows\Prefetch\AgCx_SC5.db
O45 - LFCP:[MD5.DDCF8E419B0E9B6339598F6C954CCC6A] - 06/03/2013 - 17:08:48 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-BB49B536.pf
O45 - LFCP:[MD5.FF8C89A61CB7BBEB16083F3F13D3CEA5] - 06/03/2013 - 17:15:52 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-9848A323.pf
O45 - LFCP:[MD5.1E2E366B959DFACABC421DBD90A33468] - 06/03/2013 - 17:20:01 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-E0E5E52F.pf
O45 - LFCP:[MD5.E68F985CD0E98EB3F1E0FD26AE406E9B] - 06/03/2013 - 17:20:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-23205583.pf
O45 - LFCP:[MD5.C7F5C6A3EB9B75F18A967AD62C6E08DF] - 06/03/2013 - 18:35:33 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-E35F76FB.pf
O45 - LFCP:[MD5.72336E324829C7C3B32D57411DDA26E0] - 06/03/2013 - 18:35:37 ---A- - C:\Windows\Prefetch\THUMBNAILEXTRACTIONHOST.EXE-C3FB8861.pf
O45 - LFCP:[MD5.2D08B8A45BEB9C1DECC3A3EFDD2EC6BF] - 06/03/2013 - 18:35:40 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-10E4267C.pf
O45 - LFCP:[MD5.24437F028EFE97708C1908B36B4B018F] - 06/03/2013 - 18:45:44 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-29D61DAB.pf
O45 - LFCP:[MD5.80E5A44BF3178AA3A8FA40A3A599C222] - 06/03/2013 - 18:45:51 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.07C3FC235B0F7A31CA983BCBF1F479FC] - 06/03/2013 - 18:48:08 ---A- - C:\Windows\Prefetch\CLTRT.EXE-944D9C4B.pf
O45 - LFCP:[MD5.100E266C6C0DB52F76933C212760FCE4] - 06/03/2013 - 19:30:46 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.3A69ECD8C02E478C422DF276FA3612A8] - 06/03/2013 - 19:31:11 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6AA5D6C5.pf
O45 - LFCP:[MD5.0A2BA22D7229239B31FCF28665FE5C24] - 06/03/2013 - 19:31:46 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.785BDF5C8677FC19FBCB738FE72064F4] - 06/03/2013 - 19:34:50 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2032756789-3265916964-3165078470-1001.db
O45 - LFCP:[MD5.BF52A8C98F87A8CBF6017D0DD13A902A] - 06/03/2013 - 19:34:50 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2032756789-3265916964-3165078470-1001.db
O45 - LFCP:[MD5.8B0B963EEDEDABE0812D4FAF247CEFF7] - 06/03/2013 - 19:40:31 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B865F023.pf
O45 - LFCP:[MD5.2C82D23FED9F5D915ACA8FDE1614787E] - 06/03/2013 - 19:40:41 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50DEE1CF.pf
O45 - LFCP:[MD5.4FA3C6694AFF9AE28BA87055B48BD649] - 06/03/2013 - 19:40:41 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-98677702.pf
O45 - LFCP:[MD5.67E93948D97DA656A57DB218F5FBC937] - 06/03/2013 - 19:40:41 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-F5927AE0.pf
O45 - LFCP:[MD5.1962638E0AB118EFF159829AFE447BF1] - 06/03/2013 - 19:40:47 ---A- - C:\Windows\Prefetch\RUNTIMEBROKER.EXE-17E2786F.pf
O45 - LFCP:[MD5.EDD3B9AB4680E3FCEA7531C435FED6E3] - 06/03/2013 - 19:41:16 ---A- - C:\Windows\Prefetch\SYMERR.EXE-F8405B78.pf
O45 - LFCP:[MD5.63FCD5C185B291BA75C7F748A6A9790F] - 06/03/2013 - 19:43:43 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-B28CC291.pf
O45 - LFCP:[MD5.BC5C4C688DE12BC8B7BFA64B3A87123D] - 06/03/2013 - 19:44:13 ---A- - C:\Windows\Prefetch\CONSENT.EXE-2D674CE4.pf
O45 - LFCP:[MD5.1FABC44517DEA8E088614076714452AA] - 06/03/2013 - 19:44:18 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50AF0BCC.pf
O45 - LFCP:[MD5.DED8B52C98C6CEBE1BF662752030E76D] - 06/03/2013 - 19:45:14 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-A81D648B.pf
O45 - LFCP:[MD5.5B5EC0D9357381FBF7EEC9725C9913A9] - 06/03/2013 - 19:45:14 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-C8276D0E.pf
O45 - LFCP:[MD5.6C478296BEF7F19673399520A2001D74] - 06/03/2013 - 19:45:28 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.A228F1575BA4C4181E228085A5DFB950] - 06/03/2013 - 19:45:28 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.090EF0DDACE80048F31E10775264D223] - 06/03/2013 - 19:45:32 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.8B00A3673BFE579888076C0566AE3646] - 06/03/2013 - 19:45:33 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.0B6FF814D5226AFB6FD0E195B62EE8E1] - 06/03/2013 - 19:45:43 ---A- - C:\Windows\Prefetch\CMD.EXE-2EB3E6E2.pf
O45 - LFCP:[MD5.63B5CDD3BE7990487AC3B63E3B8BC889] - 06/03/2013 - 19:45:43 ---A- - C:\Windows\Prefetch\CONHOST.EXE-F98A1078.pf
O45 - LFCP:[MD5.7F2B8F2784A5E922CF67727DBD5D2466] - 06/03/2013 - 19:45:53 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-D08B2113.pf
O45 - LFCP:[MD5.D31E268612D70E9AD7B1D94A9F01323F] - 06/03/2013 - 19:45:59 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-210D3DBE.pf
O45 - LFCP:[MD5.9EAA8E273D56952026C87B85CE1FFA4F] - 06/03/2013 - 19:46:04 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-0AD36442.pf
O45 - LFCP:[MD5.602A4F5BCBC06D3F6ED2C3D2891E74DD] - 06/03/2013 - 19:47:24 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-38926D07.pf
O45 - LFCP:[MD5.F2D411302528AA417B0A5531951358D1] - 06/03/2013 - 19:47:28 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-5F2753B1.pf
O45 - LFCP:[MD5.DD2FDFA2CAF9A96764B8F4B053171521] - 06/03/2013 - 19:47:38 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-C7289479.pf
O45 - LFCP:[MD5.3A5D2F69B8791B91545B30929D014EAA] - 06/03/2013 - 19:48:07 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-E9FF6526.pf
O45 - LFCP:[MD5.C23EDEFF0FA88AAF83EB488DD36C0FC6] - 06/03/2013 - 19:48:08 ---A- - C:\Windows\Prefetch\PV.EXE-D9D90B9C.pf
O45 - LFCP:[MD5.69B8DBF733AF5D5C6BB5D400DB6D67C1] - 06/03/2013 - 19:48:15 ---A- - C:\Windows\Prefetch\CMD.EXE-CD245F9E.pf
O45 - LFCP:[MD5.D1B5A0D95DF4B008D69C8E38A42AC21F] - 06/03/2013 - 19:48:15 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-BA1E321E.pf
O45 - LFCP:[MD5.FD30F72CCE78C6B4BED383AB049D4E02] - 06/03/2013 - 19:48:16 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-7B160CA5.pf
O45 - LFCP:[MD5.77CFC3601C7F657F30E4C8AE3796C68A] - 06/03/2013 - 19:48:16 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-0C8A533A.pf
O45 - LFCP:[MD5.48CD6237876FB9B60E0042868526A195] - 08/02/2013 - 18:27:53 ---A- - C:\Windows\Prefetch\UPDATER.EXE-6E272550.pf
O45 - LFCP:[MD5.EBC11B594AA075817D5922DC76FE97F8] - 08/02/2013 - 18:27:58 ---A- - C:\Windows\Prefetch\GAMECONSOLE-WT.EXE-955CC1AB.pf
O45 - LFCP:[MD5.78FA0C415E9D279AA7158C1138A93ADC] - 08/02/2013 - 18:28:42 ---A- - C:\Windows\Prefetch\PS.EXE-1EE522C7.pf
O45 - LFCP:[MD5.B1C5498BF21ADE7CE96F619ED26BC633] - 10/02/2013 - 15:22:52 ---A- - C:\Windows\Prefetch\FLASHUTIL32_11_5_502_146_PLUG-A822E030.pf
O45 - LFCP:[MD5.6033E3E099CC55B8FBA264068E74AEF7] - 10/02/2013 - 15:32:34 ---A- - C:\Windows\Prefetch\LAUNCHER.EXE-85C9A436.pf
O45 - LFCP:[MD5.36BCF822915366ABCEA6C109EEA3676B] - 10/02/2013 - 16:02:31 ---A- - C:\Windows\Prefetch\PASSWORDDETECTION.EXE-F556DA0F.pf
O45 - LFCP:[MD5.5E313C05C61D75DF0E7DAB8245F87604] - 10/02/2013 - 16:38:39 ---A- - C:\Windows\Prefetch\IBSETUP.EXE-751D22CE.pf
O45 - LFCP:[MD5.A422FDB686A2B40903EFDF7EB8BE7363] - 10/02/2013 - 16:38:53 ---A- - C:\Windows\Prefetch\SETUP.EXE-6DF7236F.pf
O45 - LFCP:[MD5.ED80C489DB1D6F1A2AAFB7A3E8956C10] - 10/02/2013 - 16:43:58 ---A- - C:\Windows\Prefetch\OLYMPUS VIEWER 2.EXE-26097426.pf
O45 - LFCP:[MD5.D39FB5C9C5D2DA4E13466DD6EC0AF970] - 10/02/2013 - 17:16:31 ---A- - C:\Windows\Prefetch\CAMERAUPDATE.EXE-CC1A52C2.pf
O45 - LFCP:[MD5.58A6F5041526B320E86CA72AE32B92C9] - 10/02/2013 - 17:32:59 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3F4.pf
O45 - LFCP:[MD5.C44231B5CC28D4017AF4AC6909FD69B7] - 11/02/2013 - 17:17:00 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-F7FB8768.pf
O45 - LFCP:[MD5.599F7F323802981E32107FB12AEA3585] - 12/02/2013 - 07:41:09 ---A- - C:\Windows\Prefetch\XMLVIEWERHPSF.EXE-103D9A1D.pf
O45 - LFCP:[MD5.B7DABBCA743FDE866B6996C810B2F615] - 12/02/2013 - 07:46:07 ---A- - C:\Windows\Prefetch\MOUNTVOL.EXE-84487FEE.pf
O45 - LFCP:[MD5.627342FF58F1EF4D52EDFE033862B634] - 12/02/2013 - 08:11:24 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-C8891C4B.pf
O45 - LFCP:[MD5.1A8048A1CD6A09AD4C4E02D1FAD47899] - 12/02/2013 - 09:12:32 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-E6CE32EB.pf
O45 - LFCP:[MD5.82C0D5CF8ACBF24B470A0049083D6330] - 12/02/2013 - 20:33:56 ---A- - C:\Windows\Prefetch\TETRIS.TMP-8F0B41A2.pf
O45 - LFCP:[MD5.A38BFC10A88D85EA2BB3ED7074B8EB71] - 12/02/2013 - 20:34:01 ---A- - C:\Windows\Prefetch\TETRIS.TMP-1FFC5C73.pf
O45 - LFCP:[MD5.28B979F478DD3B39C1F8C18CAC4A6B87] - 12/02/2013 - 20:35:28 ---A- - C:\Windows\Prefetch\TETRIS.EXE-37AFF8C9.pf
O45 - LFCP:[MD5.464C056585E8ED6E5830D6F4605549F3] - 13/02/2013 - 08:19:40 ---A- - C:\Windows\Prefetch\MMAMAIN.EXE-02A9BA80.pf
O45 - LFCP:[MD5.72141F2D47F4C2AD771FE2C34F2FEE28] - 13/02/2013 - 08:22:27 ---A- - C:\Windows\Prefetch\SDIMMUNIZE.EXE-1AE7723A.pf
O45 - LFCP:[MD5.E34CE7DE2C57BDAB0BF3286F1FE8882A] - 13/02/2013 - 08:22:57 ---A- - C:\Windows\Prefetch\SDFILES.EXE-76405DF3.pf
O45 - LFCP:[MD5.FE6D4E114F334BF9864AF847F68CF5A0] - 14/02/2013 - 20:32:18 ---A- - C:\Windows\Prefetch\EASEOFACCESSDIALOG.EXE-E54B6BCB.pf
O45 - LFCP:[MD5.441B7A123F01541FB69EBF08C12CF981] - 17/02/2013 - 09:12:42 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-28A962DF.pf
O45 - LFCP:[MD5.C7442FA4753E58EAE1E3670458FB4071] - 17/02/2013 - 11:44:05 ---A- - C:\Windows\Prefetch\SETUP-FIREFOX.EXE-E2A50758.pf
O45 - LFCP:[MD5.A276F68FA164DF662A6F406C923CF57D] - 17/02/2013 - 13:53:13 ---A- - C:\Windows\Prefetch\IB.EXE-71A4B4F2.pf
O45 - LFCP:[MD5.62A57B86FB57612EFAABD1DDC3ED83C8] - 19/02/2013 - 18:14:58 ---A- - C:\Windows\Prefetch\SETUP.EXE-5DA64B9D.pf
O45 - LFCP:[MD5.38CED0E107BFD7C45CFE76FE39BD29DD] - 19/02/2013 - 18:22:53 ---A- - C:\Windows\Prefetch\WORDPAD.EXE-505FE0CE.pf
O45 - LFCP:[MD5.79C4C044FB4F3C81830E609C8690FCB2] - 19/02/2013 - 18:27:23 ---A- - C:\Windows\Prefetch\DSMUSERTASK.EXE-D4A83970.pf
O45 - LFCP:[MD5.1484DC9A4688EC7E025EAD1A7B6B8F49] - 19/02/2013 - 18:27:45 ---A- - C:\Windows\Prefetch\SETUP_WM.EXE-5D2609E7.pf
O45 - LFCP:[MD5.BFC3D9ABF2F7F4A7401F9F363880FC3E] - 19/02/2013 - 18:28:16 ---A- - C:\Windows\Prefetch\WMPLAYER.EXE-B0AD61F0.pf
O45 - LFCP:[MD5.1F4C24FB32F1974BFCD7B348B85AD5F4] - 22/02/2013 - 19:41:00 ---A- - C:\Windows\Prefetch\RSTRUI.EXE-F76EBF17.pf
O45 - LFCP:[MD5.122BAAF8387496FD7B77AB84E98AB80C] - 22/02/2013 - 19:41:07 ---A- - C:\Windows\Prefetch\RELPOST.EXE-AC41CDAF.pf
O45 - LFCP:[MD5.2B7FDCF5B9A9BC76216CD81D433C2C73] - 22/02/2013 - 19:49:32 ---A- - C:\Windows\Prefetch\VLC-1.1.11-WIN32-SFR12(3).EXE-E1A2C470.pf
O45 - LFCP:[MD5.80344D523F7A347DA018DEE63F5AE45A] - 22/02/2013 - 19:49:50 ---A- - C:\Windows\Prefetch\VLC-CACHE-GEN.EXE-B13F780B.pf
O45 - LFCP:[MD5.290601A924F4CB1127928A500B5B39D8] - 22/02/2013 - 19:50:03 ---A- - C:\Windows\Prefetch\VLC.EXE-F1ED81B3.pf
O45 - LFCP:[MD5.D026853E469E711BAA45B8DD3998897A] - 24/02/2013 - 22:29:12 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-39AABA37.pf
O45 - LFCP:[MD5.7A58351610B48CE869BD6FAA538F603D] - 24/02/2013 - 22:31:06 ---A- - C:\Windows\Prefetch\HPPU.EXE-52E9C521.pf
O45 - LFCP:[MD5.BC94127E9DC3C353F8BC82A4F2CD8882] - 24/02/2013 - 22:53:55 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-B4940439.pf
O45 - LFCP:[MD5.EE90200E75ED9C511916DC5750A73CFA] - 24/02/2013 - 22:54:32 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-9178D9A9.pf
O45 - LFCP:[MD5.021C95FDB3401628FA340F8784B91EC1] - 24/02/2013 - 22:58:02 ---A- - C:\Windows\Prefetch\ADAWARE_INSTALLER.EXE-B8A28875.pf
O45 - LFCP:[MD5.6D2E806CA618AE4B59F0EC2296EB0954] - 24/02/2013 - 22:58:25 ---A- - C:\Windows\Prefetch\F1590CC6-776A-4463-9291-7D67D-C1A8D23D.pf
O45 - LFCP:[MD5.907C7F5B8DD09BC88C2340FD5D4FE584] - 24/02/2013 - 23:00:18 ---A- - C:\Windows\Prefetch\TOOLBARCLEANERSETUP.EXE-8527EDA4.pf
O45 - LFCP:[MD5.B97915DFFDDAE31E8F5497E0F3CE8E44] - 24/02/2013 - 23:00:21 ---A- - C:\Windows\Prefetch\2F6FF1CF-DD0B-4C52-8EEA-7A200-ED3A1042.pf
O45 - LFCP:[MD5.7018D1407C747C80C8A0648697F99E86] - 24/02/2013 - 23:00:23 ---A- - C:\Windows\Prefetch\ADAWAREBROWSINGPROTECTION_SET-BD8CF4D9.pf
O45 - LFCP:[MD5.C1278DAF33B59A346CA47E74C0ACFB09] - 24/02/2013 - 23:02:31 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-08E78623.pf
O45 - LFCP:[MD5.39C15B505E8C8D390047602AE0131FAC] - 24/02/2013 - 23:03:10 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-4C1933AC.pf
O45 - LFCP:[MD5.0C39F1281761EECD9A155AECACC558C5] - 24/02/2013 - 23:03:11 ---A- - C:\Windows\Prefetch\CREDENTIALUIBROKER.EXE-E9F92FD0.pf
O45 - LFCP:[MD5.411270D1980FB1E110AB98EE9831E18E] - 24/02/2013 - 23:04:30 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-5ECC1B9F.pf
O45 - LFCP:[MD5.EBA56AB2152F7BE280293E6426D49039] - 27/02/2013 - 16:49:36 ---A- - C:\Windows\Prefetch\AD-AWARE SECURITY ADD-ON UNIN-0FC457B2.pf
O45 - LFCP:[MD5.1BF97CFD67150A668EA0960F1DB38E13] - 27/02/2013 - 16:49:43 ---A- - C:\Windows\Prefetch\TOOLBAR CLEANER UNINSTALL.EXE-3F790444.pf
O45 - LFCP:[MD5.FF27AE468288EADD1817EDEA997B38B9] - 27/02/2013 - 17:02:05 ---A- - C:\Windows\Prefetch\AD-AWARE BROWSING PROTECTION -1799ADF9.pf
O45 - LFCP:[MD5.CA5272A214E5EABA1777CD4370F08926] - 27/02/2013 - 17:10:57 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-66DF21D5.pf
O45 - LFCP:[MD5.0BEEAAF6655676136BCEF0E712FAA498] - 27/02/2013 - 17:10:59 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-0697D2E0.pf
O45 - LFCP:[MD5.77C9EA30385A29EE3738995FEAC199DA] - 28/02/2013 - 07:50:58 ---A- - C:\Windows\Prefetch\SDUPDATE.EXE-2C43824B.pf
O45 - LFCP:[MD5.EEF9DE7FB72261E8CAF1947E434731E8] - 28/02/2013 - 08:57:44 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-44194444.pf
O45 - LFCP:[MD5.EB1582ED103CE71E77ED933CB5D2DE22] - 28/02/2013 - 16:59:57 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-C894EFDF.pf
O45 - LFCP:[MD5.1AB0FEC11870DBBC2D5319CC15BB9109] - 28/02/2013 - 17:34:35 ---A- - C:\Windows\Prefetch\MALWAREBYTES-ANTI-MALWARE_MAL-2C024401.pf
O45 - LFCP:[MD5.93E978CE29AAF5FE9DE5A479E40D8B6A] - 28/02/2013 - 17:34:38 ---A- - C:\Windows\Prefetch\MALWAREBYTES-ANTI-MALWARE_MAL-3A0CE590.pf
O45 - LFCP:[MD5.214FB224D98B696621E26AA0BE524A75] - 28/02/2013 - 18:41:03 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-1A4CC1C3.pf
O45 - LFCP:[MD5.D75B40188815895F131DC2E9A8A5FF8E] - 28/02/2013 - 19:04:50 ---A- - C:\Windows\Prefetch\MSOO.EXE-C716B01E.pf
O45 - LFCP:[MD5.A047B44F768A04A48DBA1D358460BF28] - 28/02/2013 - 23:39:10 ---A- - C:\Windows\Prefetch\MAP.EXE-64827744.pf
O45 - LFCP:[MD5.438C57701481871F12C30856A6752296] - 28/02/2013 - 23:39:48 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-2D7D5944.pf
~ Scan Prefetcher in 00mn 03s
---\\ D�ni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l��diteur de configuration de s�curit� Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de s�curit� Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de s�curit� TLS/SSL.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll
~ Scan Keys in 00mn 00s
---\\ Contr�le du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d�extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d�extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s
---\\ MountPoints2 Shell Key (O51) (None)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53) (None)
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ Scan Keys in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.4F18D4C7EA14F11A7211F60D553C03DB] - 26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [106736]
~ Scan Drivers in 00mn 00s
---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 03/03/2013 - 22:09:12 -S-A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\FB788E090BC1F3AA2FBC9E8FB2859601 [909]
O61 - LFC: 03/03/2013 - 22:09:13 -S-A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 [0]
O61 - LFC: 03/03/2013 - 22:09:13 -S-A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506 [0]
O61 - LFC: 03/03/2013 - 22:09:13 -S-A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\D725F3459E2275E9EA5871B92AD896D0 [23602]
O61 - LFC: 03/03/2013 - 22:09:13 -S-A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 [290]
O61 - LFC: 03/03/2013 - 22:09:13 -S-A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\D725F3459E2275E9EA5871B92AD896D0 [244]
O61 - LFC: 03/03/2013 - 22:09:15 -SHA- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\PlayReady\Cache\indiv01.bla [4140]
O61 - LFC: 03/03/2013 - 22:09:15 -SHA- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\PlayReady\Cache\indiv01_64.key [3164480]
O61 - LFC: 03/03/2013 - 22:09:16 -S-A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\E2EF7F0FB7284B9ACFD4F65D02218479 [772]
O61 - LFC: 03/03/2013 - 22:09:16 -S-A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\F063BF7EF604434CBE00FF198F0D9B10 [4405]
O61 - LFC: 03/03/2013 - 22:09:16 -S-A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\F063BF7EF604434CBE00FF198F0D9B10 [334]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\0BHZLXXT\a625c760-b3f6-4514-bff0-22f8fc1373eb[1].jpg [7674]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\0BHZLXXT\ad962773-a9a8-432b-a422-00523b0b89f7[1].jpg [13469]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\0BHZLXXT\befb0264-d1dd-4378-9a70-c7c0c1cde8d2[1].jpg [10276]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\0BHZLXXT\d483629b-826f-4931-9247-5bc8ed603023[1].jpg [8141]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\0BHZLXXT\e3b5ef18-09b4-4c61-a4a2-2f3057338545[1].jpg [11651]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\39D39XIT\9d736b6b-c73c-4799-91a0-2dfc4db3d9eb[1].jpg [12292]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\65Z3L2P0\0e46df3b-cb8e-4c64-a91e-9fb91ed5d619[1].jpg [11031]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\65Z3L2P0\1c717973-09d8-47ff-9bc9-5224d7b471e7[1].jpg [12311]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\65Z3L2P0\3b4e2967-b146-4687-b0b8-51dac750b60c[1].jpg [7808]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\65Z3L2P0\3f077b01-9c66-454c-a918-2de59a2ab9fc[1].jpg [8107]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\65Z3L2P0\6eccd8c5-4366-4a56-994c-c9440a0a35a3[1].jpg [10710]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\65Z3L2P0\96f4e18e-4308-4395-a53c-e760daf06848[1].jpg [9552]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\G9T68RMC\490b71cb-b4d1-4dba-943b-fdab92cf3979[1].jpg [9455]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\G9T68RMC\94b158a1-2c6d-460a-a7b1-61a92048765f[1].jpg [26510]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\G9T68RMC\e69dfd53-2392-407e-ab37-c66713e14a44[1].jpg [7825]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage0e46df3b-cb8e-4c64-a91e-9fb91ed5d619resize=truewidth=258height=194contenttype=imagejpeg [11031]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage1c717973-09d8-47ff-9bc9-5224d7b471e7resize=truewidth=420height=320contenttype=imagejpeg [12311]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage3b4e2967-b146-4687-b0b8-51dac750b60cresize=truewidth=258height=194contenttype=imagejpeg [7808]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage3f077b01-9c66-454c-a918-2de59a2ab9fcresize=truewidth=258height=194contenttype=imagejpeg [8107]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage490b71cb-b4d1-4dba-943b-fdab92cf3979resize=truewidth=258height=194contenttype=imagejpeg [9455]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage6eccd8c5-4366-4a56-994c-c9440a0a35a3resize=truewidth=258height=194contenttype=imagejpeg [10710]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage94b158a1-2c6d-460a-a7b1-61a92048765fresize=truewidth=420height=320contenttype=imagejpeg [26510]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage96f4e18e-4308-4395-a53c-e760daf06848resize=truewidth=258height=194contenttype=imagejpeg [9552]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage9d736b6b-c73c-4799-91a0-2dfc4db3d9ebresize=truewidth=258height=194contenttype=imagejpeg [12292]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimagea625c760-b3f6-4514-bff0-22f8fc1373ebresize=truewidth=258height=194contenttype=imagejpeg [7674]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimagead962773-a9a8-432b-a422-00523b0b89f7resize=truewidth=258height=194contenttype=imagejpeg [13469]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimagebefb0264-d1dd-4378-9a70-c7c0c1cde8d2resize=truewidth=258height=194contenttype=imagejpeg [10276]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimaged483629b-826f-4931-9247-5bc8ed603023resize=truewidth=258height=194contenttype=imagejpeg [8141]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimagee3b5ef18-09b4-4c61-a4a2-2f3057338545resize=truewidth=258height=194contenttype=imagejpeg [11651]
O61 - LFC: 03/03/2013 - 22:09:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimagee69dfd53-2392-407e-ab37-c66713e14a44resize=truewidth=258height=194contenttype=imagejpeg [7825]
O61 - LFC: 03/03/2013 - 22:09:39 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\0BHZLXXT\54d2745e-9d33-4911-9e9d-5da1d7b8781a[1].jpg [36344]
O61 - LFC: 03/03/2013 - 22:09:39 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage54d2745e-9d33-4911-9e9d-5da1d7b8781aresize=truewidth=420height=320contenttype=imagejpeg [36344]
O61 - LFC: 03/03/2013 - 22:09:40 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\adDevId.txt [36]
O61 - LFC: 03/03/2013 - 22:09:41 -S-A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406 [1393]
O61 - LFC: 03/03/2013 - 22:09:42 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCookies\K1DNCMZV.txt [107]
O61 - LFC: 03/03/2013 - 22:09:42 -S-A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\4309200C3DBAD0F6F0DFACE9165FD092 [727]
O61 - LFC: 03/03/2013 - 22:09:42 -S-A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\AC9005F5466BD463DF06D711B370595F [1117]
O61 - LFC: 03/03/2013 - 22:09:42 -S-A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\AC9005F5466BD463DF06D711B370595F [314]
O61 - LFC: 03/03/2013 - 22:09:43 -S-A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406 [268]
O61 - LFC: 03/03/2013 - 22:09:43 -S-A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\FB788E090BC1F3AA2FBC9E8FB2859601 [272]
O61 - LFC: 03/03/2013 - 22:09:44 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\39D39XIT\adsadclient31[1].htm [0]
O61 - LFC: 03/03/2013 - 22:09:44 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\39D39XIT\microsoft.advertising.renderers.html5.imageToFSVideo[1].js [112397]
O61 - LFC: 03/03/2013 - 22:09:44 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCookies\Z8R0W0BR.txt [303]
O61 - LFC: 03/03/2013 - 22:09:45 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\39D39XIT\252[1].jpg [38774]
O61 - LFC: 03/03/2013 - 22:23:56 ---A- C:\Users\delphine\Downloads\Firefox Setup 19.0.1.exe [20721648]
O61 - LFC: 04/03/2013 - 12:30:16 ---A- C:\Users\delphine\AppData\Local\Packages\AD2F1837.GettingStartedwithWindows8_v10z8vjag6ke6\Settings\settings.dat [262144]
O61 - LFC: 04/03/2013 - 16:34:10 ---A- C:\Users\delphine\AppData\Roaming\Adobe\Flash Player\AFCache\F3\D6\F3D62F98CB9DC94F68CBFAF7EA15C035FE222A76EC826752AB221F9D778A7B3F.dat [2738]
O61 - LFC: 05/03/2013 - 11:24:11 ---A- C:\Users\delphine\AppData\Local\Notation\config.dat [818]
O61 - LFC: 05/03/2013 - 18:40:02 ---A- C:\Users\delphine\Documents\ZHPDiag.Txt [144362]
O61 - LFC: 05/03/2013 - 19:42:45 ---A- C:\Users\delphine\AppData\Roaming\Microsoft\HTML Help\Spybot2.chw [15540]
O61 - LFC: 05/03/2013 - 19:45:46 ---A- C:\Users\delphine\AppData\Roaming\Microsoft\HTML Help\hh.dat [8634]
O61 - LFC: 05/03/2013 - 21:27:51 ---A- C:\Users\delphine\AppData\Local\Notation\domains.dat [197954]
O61 - LFC: 05/03/2013 - 22:49:58 ---A- C:\Users\delphine\AppData\Local\Hewlett-Packard\HPCEE.exe_Url_pzhsl5v0i1efivcm1patkorkz2ji0v0q\6.0.1.7\user.config [5749]
O61 - LFC: 05/03/2013 - 23:44:20 ---A- C:\Users\delphine\Downloads\adwcleaner.exe [597667]
O61 - LFC: 05/03/2013 - 23:45:15 ---A- C:\Users\delphine\AppData\Local\Google\Chrome\User Data\Default\Preferences [16991]
O61 - LFC: 06/03/2013 - 00:48:58 ---A- C:\Users\delphine\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2013-03-05 (23-52-29).txt [2172]
O61 - LFC: 06/03/2013 - 00:49:27 --HA- C:\Users\delphine\AppData\Local\IconCache.db [288833]
O61 - LFC: 06/03/2013 - 08:27:14 ---A- C:\Users\delphine\AppData\Local\Packages\AD2F1837.HPConnectedPhotopoweredbySnapfish_v10z8vjag6ke6\Settings\settings.dat [8192]
O61 - LFC: 06/03/2013 - 08:27:15 ---A- C:\Users\delphine\AppData\Local\Packages\AD2F1837.HPRegistration_v10z8vjag6ke6\Settings\settings.dat [8192]
O61 - LFC: 06/03/2013 - 08:27:15 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\Settings\settings.dat [8192]
O61 - LFC: 06/03/2013 - 08:27:16 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\Settings\settings.dat [8192]
O61 - LFC: 06/03/2013 - 08:27:16 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\Settings\settings.dat [8192]
O61 - LFC: 06/03/2013 - 08:27:17 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\Settings\settings.dat [8192]
O61 - LFC: 06/03/2013 - 08:27:17 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\Settings\settings.dat [8192]
O61 - LFC: 06/03/2013 - 08:27:17 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\Settings\settings.dat [8192]
O61 - LFC: 06/03/2013 - 08:27:18 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Camera_8wekyb3d8bbwe\Settings\settings.dat [262144]
O61 - LFC: 06/03/2013 - 08:27:18 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Media.PlayReadyClient_8wekyb3d8bbwe\Settings\settings.dat [8192]
O61 - LFC: 06/03/2013 - 08:27:19 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\Settings\settings.dat [262144]
O61 - LFC: 06/03/2013 - 08:27:19 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\Settings\settings.dat [8192]
O61 - LFC: 06/03/2013 - 08:27:19 ---A- C:\Users\delphine\AppData\Local\Packages\microsoft.microsoftskydrive_8wekyb3d8bbwe\Settings\settings.dat [8192]
O61 - LFC: 06/03/2013 - 08:27:20 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.VCLibs.110.00_8wekyb3d8bbwe\Settings\settings.dat [8192]
O61 - LFC: 06/03/2013 - 08:27:20 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.VCLibs.110_8wekyb3d8bbwe\Settings\settings.dat [8192]
O61 - LFC: 06/03/2013 - 08:27:20 ---A- C:\Users\delphine\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Settings\settings.dat [8192]
O61 - LFC: 06/03/2013 - 08:27:21 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.WinJS.1.0.RC_8wekyb3d8bbwe\Settings\settings.dat [8192]
O61 - LFC: 06/03/2013 - 08:27:21 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.WinJS.1.0_8wekyb3d8bbwe\Settings\settings.dat [8192]
O61 - LFC: 06/03/2013 - 08:27:21 ---A- C:\Users\delphine\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\Settings\settings.dat [262144]
O61 - LFC: 06/03/2013 - 08:27:24 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\Settings\settings.dat [262144]
O61 - LFC: 06/03/2013 - 08:27:24 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\Settings\settings.dat [262144]
O61 - LFC: 06/03/2013 - 08:27:25 ---A- C:\Users\delphine\AppData\Local\Packages\SymantecCorporation.NortonStudio_v68kp9n051hdp\Settings\settings.dat [8192]
O61 - LFC: 06/03/2013 - 08:27:25 ---A- C:\Users\delphine\AppData\Local\Packages\WinStore_cw5n1h2txyewy\Settings\settings.dat [8192]
O61 - LFC: 06/03/2013 - 08:27:25 ---A- C:\Users\delphine\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\Settings\settings.dat [8192]
O61 - LFC: 06/03/2013 - 19:40:31 R--A- C:\Users\delphine\AppData\Local\Temp\Sauna.wmv [5755959]
O61 - LFC: 06/03/2013 - 19:40:34 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\AppState.xml [0]
O61 - LFC: 06/03/2013 - 19:40:38 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\PlayReady\mspr.hds [528384]
O61 - LFC: 06/03/2013 - 19:40:44 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\39D39XIT\configuration[1].xml [7334]
O61 - LFC: 06/03/2013 - 19:40:44 -S-A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 [302]
O61 - LFC: 06/03/2013 - 19:40:45 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\Database\edb.chk [8192]
O61 - LFC: 06/03/2013 - 19:41:14 -S-A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\4309200C3DBAD0F6F0DFACE9165FD092 [264]
O61 - LFC: 06/03/2013 - 19:41:14 -S-A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\E2EF7F0FB7284B9ACFD4F65D02218479 [264]
O61 - LFC: 06/03/2013 - 19:41:36 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\G9T68RMC\movie[2] [45673]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\0BHZLXXT\521f893c-0c04-4c24-a1ff-fb1bf6afe715[1].jpg [16102]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\0BHZLXXT\7a4298cb-db9c-4de9-8dc8-8f1721dc578a[1].jpg [13469]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\0BHZLXXT\8d7b67e3-280b-4da8-810a-58b63e2e8e19[1].jpg [7808]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\0BHZLXXT\aa25d8d2-af47-4a71-9888-8bc8b577cfaf[1].jpg [17068]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\0BHZLXXT\e1be1823-a44a-45f7-9cdc-cee15cc81844[1].jpg [7674]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\39D39XIT\ae9a5c63-c2fd-4333-91c4-aa23576bcd24[1].jpg [12292]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\39D39XIT\b2f0601f-1780-4550-bef1-d0ace9222452[1].jpg [8141]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\39D39XIT\d0cae9d4-071c-43a2-be23-d4df0fc4cbbe[1].jpg [12551]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\65Z3L2P0\34460a90-2d1f-4c89-85b0-fff65a79bb6b[1].jpg [10276]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\65Z3L2P0\6f2520e8-9e17-4bba-ac31-5f7fcb19c865[1].jpg [21350]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\G9T68RMC\0a22352a-869d-4606-a8c3-6f816e3d7039[1].jpg [14229]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\G9T68RMC\2b77ada7-aeab-4fd4-88f9-c083e8468c69[1].jpg [6384]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\G9T68RMC\44220777-38db-4489-8d1d-b291336a1818[1].jpg [7825]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\G9T68RMC\6636057e-f811-4def-8e84-ac47cd9ff074[1].jpg [20282]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\G9T68RMC\a2e2f2d0-4204-434b-871c-0ac83f2c17f5[1].jpg [10710]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\G9T68RMC\a781c732-206e-470d-81c6-c10ccd047e9c[1].jpg [11031]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage0a22352a-869d-4606-a8c3-6f816e3d7039resize=truewidth=258height=194contenttype=imagejpeg [14229]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage2b77ada7-aeab-4fd4-88f9-c083e8468c69resize=truewidth=258height=194contenttype=imagejpeg [6384]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage34460a90-2d1f-4c89-85b0-fff65a79bb6bresize=truewidth=258height=194contenttype=imagejpeg [10276]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage44220777-38db-4489-8d1d-b291336a1818resize=truewidth=258height=194contenttype=imagejpeg [7825]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage521f893c-0c04-4c24-a1ff-fb1bf6afe715resize=truewidth=258height=194contenttype=imagejpeg [16102]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage6636057e-f811-4def-8e84-ac47cd9ff074resize=truewidth=420height=320contenttype=imagejpeg [20282]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage6f2520e8-9e17-4bba-ac31-5f7fcb19c865resize=truewidth=420height=320contenttype=imagejpeg [21350]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage7a4298cb-db9c-4de9-8dc8-8f1721dc578aresize=truewidth=258height=194contenttype=imagejpeg [13469]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage8d7b67e3-280b-4da8-810a-58b63e2e8e19resize=truewidth=258height=194contenttype=imagejpeg [7808]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimagea2e2f2d0-4204-434b-871c-0ac83f2c17f5resize=truewidth=258height=194contenttype=imagejpeg [10710]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimagea781c732-206e-470d-81c6-c10ccd047e9cresize=truewidth=258height=194contenttype=imagejpeg [11031]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimageaa25d8d2-af47-4a71-9888-8bc8b577cfafresize=truewidth=420height=320contenttype=imagejpeg [17068]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimageae9a5c63-c2fd-4333-91c4-aa23576bcd24resize=truewidth=258height=194contenttype=imagejpeg [12292]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimageb2f0601f-1780-4550-bef1-d0ace9222452resize=truewidth=258height=194contenttype=imagejpeg [8141]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimaged0cae9d4-071c-43a2-be23-d4df0fc4cbberesize=truewidth=258height=194contenttype=imagejpeg [12551]
O61 - LFC: 06/03/2013 - 19:41:37 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimagee1be1823-a44a-45f7-9cdc-cee15cc81844resize=truewidth=258height=194contenttype=imagejpeg [7674]
~ Scan Files in 00mn 04s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.3.6 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d��v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft � Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d��v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft � Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {03A490E3-13BC-4FAD-8CFD-56B606A1E09F} - (Propositions de recherche Amazon.fr) - http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
O69 - SBI: SearchScopes [HKCU] {b7fca997-d0fb-4fe0-8afd-255e89cf9671} - (Yahoo) - http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
O69 - SBI: SearchScopes [HKCU] {D944BB61-2E34-4DBF-A683-47E505C587DC} - (eBay) - http://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
~ Scan Keys in 00mn 00s
---\\ Recherche des services d�marr�s par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Exp�rience d�application.) -- C:\Windows\System32\aelupsvc.dll [190976]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [309248]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de strat�gie de groupe.) -- C:\Windows\System32\gpsvc.dll [1366016]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1071104]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de num�rotation automatique d�acc�s distant.) -- C:\Windows\System32\rasauto.dll [99840]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d�acc�s � distance.) -- C:\Windows\System32\rasmans.dll [358400]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d�interface dynamique.) -- C:\Windows\System32\mprdim.dll [107520]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d��v�nements syst�me (SENS).) -- C:\Windows\System32\sens.dll [62976]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l�application d�assistance � Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [438784]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de t�l�phonie Microsoft� Windows(TM).) -- C:\Windows\System32\tapisrv.dll [305664]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise � jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [3345920]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arri�re-plan.) -- C:\Windows\System32\qmgr.dll [826368]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [565760]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivit� IPv6 sur un r�seau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [894464]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d�ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d�application.) -- C:\Windows\System32\appinfo.dll [69632]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de d�couverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [151552]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [105472]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de t�ches.) -- C:\Windows\System32\schedsvc.dll [1282560]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [219648]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multim�dias.) -- C:\Windows\System32\mmcss.dll [80896]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d�ordinateurs.) -- C:\Windows\System32\browser.dll [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau � distance.) -- C:\Windows\System32\sessenv.dll [291328]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux probl�mes.) -- C:\Windows\System32\wercplsupport.dll [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des cl�s.) -- C:\Windows\System32\kmsvc.dll [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [190976]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft�.) -- C:\Windows\System32\wlidsvc.dll [1964544]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des th�mes Windows Shell.) -- C:\Windows\System32\themeservice.dll [47104]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d�installation de p�riph�rique.) -- C:\Windows\System32\DeviceSetupManager.dll [207872]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivit� r�seau Microsoft.) -- C:\Windows\System32\ncasvc.dll [161792]
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les �v�nements syst�me.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [178176]
~ Scan Services in 00mn 00s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-In-TCP" |In - None - P6 - TRUE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "MCX-In-TCP" |In - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Prov-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcx2prov.exe (.not file.)
O87 - FAEL: "MCX-McrMgr-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcrmgr.exe (.not file.)
O87 - FAEL: "{40ABA0F2-6715-4CFD-BF0B-FF2D6A9762C2}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{4B995F66-2ACC-4503-A6E3-C785A7A5251A}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{1A7E79E4-354D-42E5-A4D4-8EF6618D1395}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{397421A1-B096-412E-8A1E-05267BA712F0}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{B56F8BCC-99B5-471B-9BB8-E88C5D933FDB}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDVD 10.0.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.exe
O87 - FAEL: "{812A4A68-16C4-4005-8797-91309C9ED406}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDirector 10.) -- C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exe
O87 - FAEL: "{BE65717B-4E87-41FF-B83E-BB85B6194C30}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{6AC9A71E-5EEE-4E00-8376-18DBFA27804B}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{D2D73852-8B36-4EC9-8C70-CF4C9A7FFE24}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{F885AE39-6E7C-42A7-9DDE-F851709206EB}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{70A61780-2A5A-477C-BD29-D586A2835F2D}" | In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\Veetle\Player\VeetleNet.exe
~ Scan Firewall in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : v2.11036 - (04/03/2013)
Cl�s trouv�es (Keys found) : 3
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 0
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
~ Scan Additionnel in 00mn 07s
---\\ Recherche d�tournement de DNS routeur (O89) (None)
---\\ Product Upgrade Codes (O90)
O90 - PUC: "00004159070000000000000000F01FEC" . (.Microsoft Office.) -- C:\windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe
O90 - PUC: "0694AF70830BBE9498B1F95939A05A44" . (.HP Customer Experience Enhancements.) -- C:\windows\Installer\{07FA4960-B038-49EB-891B-9F95930AA544}\ARPPRODUCTICON.exe
O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico
O90 - PUC: "08E34A98C6CA8AD489004F3BE05D770C" . (.Olympus ib.) -- C:\Windows\Installer\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\ARPPRODUCTICON.exe
O90 - PUC: "0E280CA1D940C5C4E9FC4937DAA549D9" . (.HP Documentation.) -- C:\Windows\Installer\{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}\NotebookDocs.exe
O90 - PUC: "1ADB7B61769BD2D4B8721E72722C3805" . (.HP CoolSense.) -- C:\windows\Installer\{16B7BDA1-B967-4D2D-8B27-E12727C28350}\_853F67D554F05449430E7E.exe
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon
O90 - PUC: "22EB878D072390941B1E198CFED82343" . (.HP 3D DriveGuard.) -- C:\Windows\Installer\{D878BE22-3270-4909-B1E1-91C8EF8D3234}\controlPanelIcon.exe
O90 - PUC: "2B0163E6D0340BE4183EB2758E9BEDD8" . (.Bonjour.) -- C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\Bonjour.ico
O90 - PUC: "2D6F4B0BEA2FA1544969F6F2A698B723" . (.PowerDirector.) -- C:\Windows\Installer\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\ARPPRODUCTICON.exe
O90 - PUC: "2FCC6D4EFAA0C9B4D95E98E3CDB9B4AA" . (.HP Registration Service.) -- C:\Windows\Installer\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}\ARPPRODUCTICON.exe
O90 - PUC: "42C6FBF1Df1C10144AB2C065F4E9E897" . (.Media Suite.) -- C:\Windows\Installer\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\ARPPRODUCTICON.exe
O90 - PUC: "45B9108BEB9FA0946991D6601FF821F9" . (.HP Support Assistant.) -- C:\windows\Installer\{B8019B54-F9BE-490A-9619-6D06F18F129F}\ARPPRODUCTICON.exe
O90 - PUC: "701043F6AA9F6C745BC43C1AF91155F3" . (.Hewlett-Packard ACLM.NET v1.2.0.0.) -- C:\windows\Installer\{6F340107-F9AA-47C6-B54C-C3A19F11553F}\ARPPRODUCTICON.exe
O90 - PUC: "7C43C21609E58D74B9C5F017D78D7262" . (.swMSM.) -- C:\windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe
O90 - PUC: "8994BF104C33134458DE70E9E3FE7ED5" . (.YouCam.) -- C:\Windows\Installer\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\ARPPRODUCTICON.exe
O90 - PUC: "A4432684C93A7984CA4D1AEB5D61C3A5" . (.PhotoDirector.) -- C:\windows\Installer\{4862344A-A39C-4897-ACD4-A1BED5163C5A}\ARPPRODUCTICON.exe
O90 - PUC: "A78975C0A30A59B43A902DF3874F60AC" . (.HP Utility Center.) -- C:\Windows\Installer\{0C57987A-A03A-4B95-A309-D23F78F406CA}\ARPPRODUCTICON.exe
O90 - PUC: "AF5A5D893AA1EBC42BC67A732EF0A8D6" . (.HP Software Framework.) -- C:\Windows\Installer\{98D5A5FA-1AA3-4CBE-B26C-A737E20F8A6D}\app_1.exe
O90 - PUC: "B18BA825A56D0BA42A6B285BA180D710" . (.HP Recovery Manager.) -- C:\windows\Installer\{528AB81B-D65A-4AB0-A2B6-82B51A087D01}\_853F67D554F05449430E7E.exe
O90 - PUC: "C0507DE423392BF4BA709EF4525AD393" . (.HP Quick Launch.) -- C:\windows\Installer\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}\_853F67D554F05449430E7E.exe
O90 - PUC: "C971C95CD8669A946BAE1012CCCF2134" . (.LabelPrint.) -- C:\Windows\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe
O90 - PUC: "CC599AF0948C55741BB44540CC57CD42" . (.Energy Star.) -- C:\Windows\Installer\{0FA995CC-C849-4755-B14B-5404CC75DC24}\_853F67D554F05449430E7E.exe
O90 - PUC: "D84D78A2FDF3df1479DC1A3E07FEFF2E" . (.Power2Go.) -- C:\Windows\Installer\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\ARPPRODUCTICON.exe
O90 - PUC: "D96ED149EEC61714F8F1D3E753A24A89" . (.HP Wireless Button Driver.) -- C:\Windows\Installer\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}\ARPPRODUCTICON.exe
O90 - PUC: "DE532CED4A8571542A874CE1D8EABAB3" . (.PowerDVD.) -- C:\Windows\Installer\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\ARPPRODUCTICON.exe
~ Scan Files in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 01/03/2013 251248 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Auto 16/07/2012 244752 | (CLKMSVC10_38F51D56) . (.CyberLink.) - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
SS - | Demand 08/08/2012 276288 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SR - | Auto 10/08/2012 85504 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
SR - | Demand 06/09/2012 1001376 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SR - | Auto 23/08/2012 29600 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SR - | Auto 09/07/2012 35232 | (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
SR - | Auto 14/07/2012 2451456 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 18/07/2012 128896 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 18/07/2012 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 18/07/2012 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 14/12/2012 398184 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 14/12/2012 682344 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 27/02/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 24/12/2012 144520 | (NIS) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe
SR - | Auto 22/07/2012 321536 | (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe
SR - | Auto 18/07/2012 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 00s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by delphine at 06/03/2013 19:49:55
device: opened successfully
user: error reading MBR
Disk trace:
error: Read Descripteur non valide
kernel: error reading MBR
~ Scan MBR in 00mn 02s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by delphine at 06/03/2013 19:49:57
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 04s
End of the scan (1405 lines in 01mn 51s)(0)