Rapport de ZHPDiag v1.3.5.134 par Nicolas Coolman, Update du 26/02/2013
Run by delphine at 01/03/2013 22:49:41
State : 
High Elevated Privileges : OK
UAC : Activate by user


---\\ Web Browser
MSIE: Internet Explorer v9.10.9200.16484
MFIE: Mozilla Firefox 14.0.1 v14.0.1 (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows 8 Home Premium Edition, 64-bit  (Build 9200)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : KBQHT
Windows License : OK
~ Windows Remaining Initializations Number : 998
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3988 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 533 GB (92%) free of 575 GB

---\\ Logged in mode
~ Computer Name: PORTABLE
~ User Name: delphine
~ All Users Names: HomeGroupUser$, delphine, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\delphine\AppData\Roaming\
~ %Desktop% : C:\Users\delphine\Desktop\
~ %Favorites% : C:\Users\delphine\Favorites\
~ %LocalAppData% : C:\Users\delphine\AppData\Local\
~ %StartMenu% : C:\Users\delphine\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 533 Go of 575 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 20 Go)
E:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.E13A31D5254C25406A7946BDD9B06364] - (.Microsoft Corporation - Explorateur Windows.) (.11/10/2012 - 08:35:16.) -- C:\Windows\Explorer.exe [2380944]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.BDE820861D8107C67E182DF66A27074F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.20/12/2012 - 01:29:16.) -- C:\Windows\System32\wininet.dll [2246656]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.36D6A3201721558A8AFBCC09C2DA4C2C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.06/11/2012 - 04:53:44.) -- C:\Windows\system32\Drivers\AFD.sys [560640]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.877D60D6E4156EC4A2E0B6871D41BED9] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.06/11/2012 - 04:52:49.) -- C:\Windows\system32\Drivers\MRxSmb.sys [366080]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.11D7A4A4A1DA60F394F53B413DCDF0DE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.10/01/2013 - 02:29:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1934056]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.26/07/2012 - 05:57:09.) -- C:\Windows\system32\Drivers\volsnap.sys [332016]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/37
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/14
~ Mes Documents (My Documents) : 1/4368
~ Mon Bureau (My Desktop) : 1/10
~ Menu demarrer (Programs) : 1/46
~ Scan Hidden Files in 00mn 00s



---\\ Processus lancés
[MD5.7853D2AB445C10F97610B2B05FA4CF0A] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe   [512360] [PID.2256]
[MD5.ED6D5937EF7C28A52BA4039AB1ADED75] - (.Advernet - Notation.) -- C:\Program Files (x86)\Notation\NotationSysTray.exe   [269440] [PID.3284]
[MD5.3F677172F23FC17283D9BCE4B42E3F65] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe   [913888] [PID.4244]
[MD5.B7995C675014EEBE77A0BEB7AFCCFC08] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe   [91432] [PID.4752]
[MD5.F0EFE6B69853652A220A5A2D1DD97F62] - (.cyberlink - brs.) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe   [78352] [PID.5076]
[MD5.EBAE9EE13F51F38B57D616CF4A420682] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe   [580512] [PID.4152]
[MD5.9F3655267BA37004F519ABDDB3AEE244] - (.Hewlett-Packard Development Company, L.P. - HP CoolSense.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe   [1342008] [PID.4504]
[MD5.B5A4EBA9487F08BECC843A87422B8052] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe   [3825176] [PID.5068]
[MD5.DAE282BA9BFD5283A21761F1EE73F6A3] - (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files (x86)\OLYMPUS\ib\olycamdetect.exe   [96128] [PID.4448]
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe   [136488] [PID.4840]
[MD5.724CB7A116F7E1A67009D751BCF86586] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe   [111120] [PID.4864]
[MD5.A06AB1550658A19E871A6FD7FF1C2CDB] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe   [16864] [PID.3184]
[MD5.4774541ACC36665A80F7E8BC432AFE86] - (.Adobe Systems, Inc. - Adobe Flash Player 11.6 r602.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe   [1820016] [PID.4364]
[MD5.4BA84C832E0741A294C4444556DFE993] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe   [143928] [PID.3480]
[MD5.4A4CAA5B17A420157D04903313CC9380] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [5711872] [PID.164]
~ Scan Processes Running in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\delphine\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default] tore_on_startup":	["http://securesearch.lavasoft.com
G0 - GCSP: Preference [User Data\Default] ore_on_startup":	["http://securesearch.lavasoft.com
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\delphine\AppData\Roaming\Mozilla\Firefox\Profiles\k4g8kcwl.default\prefs.js
M3 - MFPP: Plugins - [delphine] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [delphine] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [delphine] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [delphine] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [delphine] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [delphine] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [delphine] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [delphine - k4g8kcwl.default] http://securesearch.lavasoft.com
M2 - MFEP: prefs.js [delphine - k4g8kcwl.default\ffxtlbr@delta.com] [] Delta Toolbar v1.5.0 (.delta-search.com.)
M2 - MFEP: prefs.js [delphine - k4g8kcwl.default\jid1-yZwVFzbsyfMrqQ@jetpack] [] Lavasoft Search Plugin v0.6 (.Lavasoft.)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securesearch.lavasoft.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Spybot-S&D IE Protection [64Bits] - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer-Networking Ltd. - Blocks URLs that could install spyware, mal.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Norton Identity Protection [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection [64Bits] - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\IPS\IPSBHO.dll
O2 - BHO: HP Network Check Helper [64Bits] - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} . (.Hewlett-Packard - HP Network Check IE Plug-in.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
~ Scan BHO in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe 
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe 
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe 
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe 
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) 
O4 - HKCU\..\Run: [systray] . (.Advernet - Notation.) -- C:\Program Files (x86)\Notation\NotationSysTray.exe 
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe 
O4 - HKLM\..\Wow6432Node\Run: [CLVirtualDrive] . (.CyberLink Corp. - CyberLink Virtual Drive.) -- C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe 
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe 
O4 - HKLM\..\Wow6432Node\Run: [BDRegion] . (.cyberlink - brs.) -- C:\Program Files (x86)\Cyberlink\Shared files\brs.exe 
O4 - HKLM\..\Wow6432Node\Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe 
O4 - HKLM\..\Wow6432Node\Run: [HP CoolSense] . (.Hewlett-Packard Development Company, L.P. - HP CoolSense.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe 
O4 - HKLM\..\Wow6432Node\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe 
O4 - HKLM\..\Wow6432Node\Run: [Olympus ib] . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files (x86)\Olympus\ib\olycamdetect.exe 
O4 - HKLM\..\Wow6432Node\Run: [MDS_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe 
O4 - HKUS\S-1-5-18\..\Run: [systray] . (.Advernet - Notation.) -- C:\Program Files (x86)\Notation\NotationSysTray.exe 
O4 - HKUS\S-1-5-19\..\Run: [systray] . (.Advernet - Notation.) -- C:\Program Files (x86)\Notation\NotationSysTray.exe 
O4 - HKUS\S-1-5-20\..\Run: [systray] . (.Advernet - Notation.) -- C:\Program Files (x86)\Notation\NotationSysTray.exe 
O4 - HKUS\S-1-5-21-2032756789-3265916964-3165078470-1001\..\Run: [systray] . (.Advernet - Notation.) -- C:\Program Files (x86)\Notation\NotationSysTray.exe 
O4 - HKUS\S-1-5-21-2032756789-3265916964-3165078470-1001\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe 
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch: Spybot-S&D Start Center.lnk . (.Safer-Networking Ltd..)  -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe 
O4 - GS\QuickLaunch: System Scan.lnk . (.Safer-Networking Ltd..)  -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe 
O4 - GS\Desktop: ib.lnk . (.OLYMPUS IMAGING CORP..)  -- C:\Program Files (x86)\OLYMPUS\ib\ib.exe 
O4 - GS\Desktop: OLYMPUS Digital Camera Updater.lnk . (.OLYMPUS IMAGING CORP..)  -- C:\Program Files (x86)\OLYMPUS\CameraUpdateTool\CameraUpdate.exe 
O4 - GS\Desktop: OLYMPUS Viewer 2.lnk . (.OLYMPUS IMAGING CORP..)  -- C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 2\OLYMPUS Viewer 2.exe 
O4 - GS\Desktop: SZ-14,SZ-12 Manuel d’instructions.lnk . (...)  -- C:\Users\Public\Documents\OLYMPUS\Camera Manual\SZ-14,SZ-12\FRA.pdf 
~ Scan Global Startup in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{59BEB8F8-16B0-49B9-91D2-6B8F33732235}: DhcpNameServer = 40.21.1.201 40.21.1.202
O17 - HKLM\System\CCS\Services\Tcpip\..\{CE67B91D-4F12-475C-9ED8-3DE123FCE7FE}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{59BEB8F8-16B0-49B9-91D2-6B8F33732235}: DhcpDomain = B1-LINE.COM
O17 - HKLM\System\CS1\Services\Tcpip\..\{59BEB8F8-16B0-49B9-91D2-6B8F33732235}: DhcpNameServer = 40.21.1.201 40.21.1.202
O17 - HKLM\System\CS1\Services\Tcpip\..\{CE67B91D-4F12-475C-9ED8-3DE123FCE7FE}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{59BEB8F8-16B0-49B9-91D2-6B8F33732235}: DhcpDomain = B1-LINE.COM
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- 
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Scan Winlogon in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Product - 2012/12/11 20:47:29 (CLKMSVC10_38F51D56) . (.CyberLink - CyberLink KM Service.) - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: oem17.inf (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\System32\Hpservice.exe
O23 - Service: HPWMISVC (HPWMISVC) . (.Hewlett-Packard Development Company, L.P. - HP Quick Launch WMI Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Patch Tool..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service In (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service:  (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service:  (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Norton Internet Security (NIS) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe
O23 - Service:  (Notation) . (.Advernet - Notation.) - C:\Program Files (x86)\Notation\Notation.exe
O23 - Service: NotationMonitor (NotationMonitor) . (.Advernet - SavdmMonitor.) - C:\Program Files (x86)\Notation\NotationMonitor.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: C:\Windows\System32\stlang64.dll (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service:  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
~ Scan Services in 00mn 05s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\HPCeeScheduleFordelphine.job
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Antivirus Scheduled Scan] (...) -- C:\Program Files (x86)\AD-AWA~1\AdAwareLauncher.exe (.not file.)
[MD5.9942DC4CC265CDA00486504444EF521D] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.724CB7A116F7E1A67009D751BCF86586] [APT] [CLMLSvc_P2G8] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
[MD5.AF51D4FE088A3EFA5303B36FFFD0581B] [APT] [HPCeeScheduleFordelphine] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] [APT] [MirageAgent] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
[MD5.255236F43012C430B99D78BCA59C9593] [APT] [Norton WSC Integration] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\WSCStub.exe
[MD5.829AD42B9B9E3F589DAA30ACCAB76214] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.829AD42B9B9E3F589DAA30ACCAB76214] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.829AD42B9B9E3F589DAA30ACCAB76214] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.70240BB9753DC1C9A66D6F37344B3957] [APT] [Update Check] (.Hewlett-Packard Company.) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
[MD5.C82886A0C88DA48CF36DC2B9CA701E11] [APT] [Norton Error Analyzer] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\SymErr.exe
[MD5.C82886A0C88DA48CF36DC2B9CA701E11] [APT] [Norton Error Processor] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\SymErr.exe
[MD5.452DB84283EB2F043827AC95D62CE19C] [APT] [Check for updates] (.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
[MD5.36A82C214B46787385F3B0CD02ECAA88] [APT] [Refresh immunization] (.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
[MD5.E4A0900CF535888DDD85B10040CA3E34] [APT] [Scan the system] (.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
~ Scan Scheduled Task in 00mn 01s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Scan Active Setup in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver:  (CLVirtualDrive) . (.CyberLink - It is a virtual device driver which could c.) - C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 7 Wonders II - (.WildTangent.) [HKLM][64Bits] -- WTA-0e88a5cf-56db-40f9-b6a1-db8d1a21c56d
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Aloha TriPeaks - (.WildTangent.) [HKLM][64Bits] -- WTA-ab62d97f-0cd8-4418-b725-5cc41602c1a5
O42 - Logiciel: Bejeweled 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-3f24f65f-a088-4e55-91d5-288fd7ad38eb
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Build-a-lot 4 - Power Source - (.WildTangent.) [HKLM][64Bits] -- WTA-2eb9e434-33c4-4c0d-9795-bcebcaa6b04f
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-1e38c2c8-1f49-449f-b9ad-b80bc6374d04
O42 - Logiciel: Connected Music powered by Universal Music Group version 1.0 - (.Snowite.) [HKLM][64Bits] -- {46037DC7-F927-46DF-935F-D6F122BDD34B}_is1
O42 - Logiciel: Cradle of Rome 2 - (.WildTangent.) [HKLM][64Bits] -- WTA-75c9cefb-eabf-4b26-abbc-e1d707079233
O42 - Logiciel: Crazy Chicken Soccer - (.WildTangent.) [HKLM][64Bits] -- WTA-a170daec-11c1-452e-a600-415f00a267a2
O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink PhotoDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}
O42 - Logiciel: CyberLink PhotoDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {4862344A-A39C-4897-ACD4-A1BED5163C5A}
O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- {2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
O42 - Logiciel: CyberLink PowerDVD - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: CyberLink PowerDVD - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Energy Star - (.Hewlett-Packard.) [HKLM][64Bits] -- {0FA995CC-C849-4755-B14B-5404CC75DC24}
O42 - Logiciel: Farm Frenzy - (.WildTangent.) [HKLM][64Bits] -- WTA-d68205d9-ec80-400c-ba63-1488975a6b7c
O42 - Logiciel: Final Drive Fury - (.WildTangent.) [HKLM][64Bits] -- WTA-93653345-e086-4e89-a39b-b9d40bdd0a34
O42 - Logiciel: Governor of Poker 2 Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-a5690c2d-152c-4063-bfcb-e16d2dc0a619
O42 - Logiciel: HP 3D DriveGuard - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {D878BE22-3270-4909-B1E1-91C8EF8D3234}
O42 - Logiciel: HP Connected Music (Meridian - installer) - (.Meridian Audio Ltd.) [HKLM][64Bits] -- StartHPConnectedMusic
O42 - Logiciel: HP CoolSense - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {16B7BDA1-B967-4D2D-8B27-E12727C28350}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: HP Documentation - (.Hewlett-Packard.) [HKLM][64Bits] -- {1AC082E0-049D-4C5C-9ECF-9473AD5A949D}
O42 - Logiciel: HP Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent hp Master Uninstall
O42 - Logiciel: HP Postscript Converter - (.Hewlett-Packard.) [HKLM][64Bits] -- {6E14E6D6-3175-4E1A-B934-CAB5A86367CD}
O42 - Logiciel: HP Quick Launch - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {4ED7050C-9332-4FB2-AB07-E94F25A53D39}
O42 - Logiciel: HP Recovery Manager - (.Hewlett-Packard.) [HKLM][64Bits] -- {528AB81B-D65A-4AB0-A2B6-82B51A087D01}
O42 - Logiciel: HP Registration Service - (.Hewlett-Packard.) [HKLM][64Bits] -- {E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}
O42 - Logiciel: HP Software Framework - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {98D5A5FA-1AA3-4CBE-B26C-A737E20F8A6D}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {B8019B54-F9BE-490A-9619-6D06F18F129F}
O42 - Logiciel: HP Utility Center - (.Hewlett-Packard.) [HKLM][64Bits] -- {0C57987A-A03A-4B95-A309-D23F78F406CA}
O42 - Logiciel: HP Wireless Button Driver - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {941DE69D-6CEE-4171-8F1F-3D7E352AA498}
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.2.0.0 - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM][64Bits] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
O42 - Logiciel: Jeux WildTangent - (.WildTangent.) [HKLM][64Bits] -- WildTangent wildgames Master Uninstall
O42 - Logiciel: Jewel Match 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-9bdb6881-8f3f-456d-94fd-13fe9fff60d0
O42 - Logiciel: Jewel Quest II - (.WildTangent.) [HKLM][64Bits] -- WTA-5b9778aa-f5af-442f-8c2f-9840bc4114a1
O42 - Logiciel: Jewel Quest Solitaire 2 - (.WildTangent.) [HKLM][64Bits] -- WTA-267f6629-0fd8-4b1a-82fe-7ac3057b4199
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 Parser and SDK - (.Microsoft Corporation.) [HKLM][64Bits] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC}
O42 - Logiciel: Mahjongg Artifacts - (.WildTangent.) [HKLM][64Bits] -- WTA-b6722e44-8c60-4c08-b4e2-ba23031f594e
O42 - Logiciel: Malwarebytes Anti-Malware version 1.70.0.1100 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Mozilla Firefox 14.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 14.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Mystery of Mortlake Mansion - (.WildTangent.) [HKLM][64Bits] -- WTA-9e4b0894-773e-4a6d-8332-94b7698fbdcb
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM][64Bits] -- NIS
O42 - Logiciel: Notation - (.Advernet.) [HKLM][64Bits] -- {29633E53-BF13-41B5-9E10-19D7843BD9C3}
O42 - Logiciel: OLYMPUS Digital Camera Updater - (.OLYMPUS IMAGING CORP..) [HKLM][64Bits] -- {2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}
O42 - Logiciel: OLYMPUS Viewer 2 - (.OLYMPUS IMAGING CORP..) [HKLM][64Bits] -- {AEE39224-92BE-4389-9493-E57FF73BB96A}
O42 - Logiciel: Olympus ib - (.OLYMPUS IMAGING CORP..) [HKLM][64Bits] -- InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}
O42 - Logiciel: Olympus ib - (.OLYMPUS IMAGING CORP..) [HKLM][64Bits] -- {89A43E80-AC6C-4DA8-9800-F4B30ED577C0}
O42 - Logiciel: Package de pilotes Windows - OLYMPUS IMAGING CORP. Camera Communication Dri - (.OLYMPUS IMAGING CORP..) [HKLM][64Bits] -- 2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WTA-19c05930-3edf-433a-a2fb-abfd72c91259
O42 - Logiciel: Ralink RT5390R 802.11bgn Wi-Fi Adapter - (.Ralink.) [HKLM][64Bits] -- {8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}
O42 - Logiciel: Ranch Rush 2 - Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-69698f37-6cbc-4e12-89e7-4aa19ae22a54
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek PCIE Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {C1594429-8296-4652-BF54-9DBE4932A44C}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: Tetris - (.Crystal Office Systems.) [HKLM][64Bits] -- {95E0E6DC-C308-4C96-BEDB-68C75A32FAF8}_is1
O42 - Logiciel: Trinklit Supreme - (.WildTangent.) [HKLM][64Bits] -- WTA-e9d03400-a63b-4d51-9cdd-2fc9a23d7821
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Veetle TV - (.Veetle, Inc.) [HKLM][64Bits] -- Veetle TV
O42 - Logiciel: Virtual Families - (.WildTangent.) [HKLM][64Bits] -- WTA-a95f67f3-1aa7-4ba4-a060-b10c4946332b
O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM][64Bits] -- WTA-3c7381f5-e5ac-47ef-8a01-f9179bc75fcd
O42 - Logiciel: WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp
O42 - Logiciel: Zuma's Revenge - (.WildTangent.) [HKLM][64Bits] -- WTA-46ce0cd7-dbf4-4791-b740-6beedcf896b2
O42 - Logiciel: eDownloader - (.Advernet.) [HKLM][64Bits] -- eDownloader 1.0.1
O42 - Logiciel: eDownloader - (.Advernet.) [HKLM][64Bits] -- {29D4F37D-914A-4B8E-BBCE-C181329959F2}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ad-Aware Search Protection]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\adawarebp]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Avast Software]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Crystal Office]
[HKCU\Software\CyberLink]
[HKCU\Software\FileScout]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\Intel]
[HKCU\Software\Licenses]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mine]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Norton]
[HKCU\Software\OLYMPUS]
[HKCU\Software\PerformerSoft LLC]
[HKCU\Software\Policies]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Symantec]
[HKCU\Software\Synaptics]
[HKCU\Software\Veetle]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\delta LTD]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Dolby]
[HKLM\Software\HPQ]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IDT]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\Advernet]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Caphyon]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\IDT]
[HKLM\Software\Wow6432Node\Insyde]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Norton]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OLYMPUS]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Ralink]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Safer Networking Limited]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Veetle]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 01/03/2013 - 17:05:50 - [165,404] ----D C:\Program Files (x86)\Ad-Aware Antivirus
O43 - CFD: 11/12/2012 - 20:28:55 - [0,602] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 02/02/2013 - 21:20:12 - [56,981] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 01/09/2012 - 21:29:02 - [2,557] ----D C:\Program Files (x86)\Connected Music powered by Universal Music Group
O43 - CFD: 11/12/2012 - 20:49:01 - [-1318,187] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 10/02/2013 - 17:33:29 - [0] ----D C:\Program Files (x86)\Google
O43 - CFD: 03/02/2013 - 18:00:18 - [376,712] ----D C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 01/09/2012 - 21:39:12 - [794,864] ----D C:\Program Files (x86)\HP Games
O43 - CFD: 01/09/2012 - 21:28:55 - [0,671] ----D C:\Program Files (x86)\HPConnectedMusic
O43 - CFD: 10/02/2013 - 16:38:57 - [191,371] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 11/12/2012 - 20:25:44 - [136,797] ----D C:\Program Files (x86)\Intel
O43 - CFD: 13/02/2013 - 12:42:46 - [4,622] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 28/02/2013 - 17:34:48 - [12,242] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 01/09/2012 - 21:19:24 - [6,085] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 01/09/2012 - 21:24:17 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 26/07/2012 - 09:12:59 - [0,023] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 02/02/2013 - 21:45:58 - [37,713] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 02/02/2013 - 21:37:34 - [0,195] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 03/08/2012 - 23:37:58 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 10/02/2013 - 16:19:59 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 11/12/2012 - 20:54:10 - [399,253] ----D C:\Program Files (x86)\Norton Internet Security
O43 - CFD: 11/12/2012 - 20:53:17 - [44,875] ----D C:\Program Files (x86)\NortonInstaller
O43 - CFD: 02/02/2013 - 21:35:12 - [0,814] ----D C:\Program Files (x86)\Notation
O43 - CFD: 10/02/2013 - 16:41:10 - [380,058] ----D C:\Program Files (x86)\OLYMPUS
O43 - CFD: 02/02/2013 - 20:38:47 - [1,567] R---D C:\Program Files (x86)\Online Services
O43 - CFD: 11/12/2012 - 20:27:52 - [30,560] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 03/08/2012 - 23:37:58 - [36,536] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 02/02/2013 - 21:34:35 - [3,221] ----D C:\Program Files (x86)\Software Installer
O43 - CFD: 06/02/2013 - 20:09:47 - [163,086] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2
O43 - CFD: 11/12/2012 - 20:55:17 - [2,444] ----D C:\Program Files (x86)\SymSilent
O43 - CFD: 12/02/2013 - 20:34:24 - [2,320] ----D C:\Program Files (x86)\Tetris
O43 - CFD: 03/02/2013 - 21:05:47 - [9,935] ----D C:\Program Files (x86)\Veetle
O43 - CFD: 02/02/2013 - 21:58:14 - [78,479] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 03/02/2013 - 21:10:47 - [12,479] ----D C:\Program Files (x86)\VideoPerformer
O43 - CFD: 01/09/2012 - 21:39:01 - [0,441] ----D C:\Program Files (x86)\WildGames
O43 - CFD: 06/02/2013 - 19:59:40 - [16,267] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 03/02/2013 - 18:04:28 - [0,870] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 01/09/2012 - 21:24:43 - [98,217] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 03/02/2013 - 18:04:29 - [5,466] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 07/02/2013 - 13:14:40 - [3,494] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 26/07/2012 - 09:12:59 - [7,243] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 03/02/2013 - 18:04:29 - [5,226] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/07/2012 - 09:12:59 - [0] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 01/03/2013 - 22:49:43 - [15,161] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 11/12/2012 - 20:43:26 - [0,091] ----D C:\Program Files (x86)\Common Files\CyberLink
O43 - CFD: 11/12/2012 - 20:23:17 - [13,438] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 24/02/2013 - 23:00:03 - [31,848] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 01/09/2012 - 21:16:41 - [1,416] ----D C:\Program Files (x86)\Common Files\Nikon
O43 - CFD: 11/12/2012 - 20:24:22 - [0,185] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 26/07/2012 - 09:13:01 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 02/02/2013 - 21:20:12 - [0,595] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 03/02/2013 - 18:04:28 - [9,406] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 01/09/2012 - 21:23:00 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 24/02/2013 - 23:16:10 - [0,043] ----D C:\ProgramData\Ad-Aware Antivirus
O43 - CFD: 24/02/2013 - 23:00:23 - [1,231] ----D C:\ProgramData\Ad-Aware Browsing Protection
O43 - CFD: 11/12/2012 - 20:28:53 - [2,558] ----D C:\ProgramData\Apple
O43 - CFD: 26/07/2012 - 08:22:08 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 01/03/2013 - 22:08:02 - [0] ----D C:\ProgramData\AVAST Software
O43 - CFD: 02/02/2013 - 19:20:03 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 03/02/2013 - 00:16:04 - [0,147] ----D C:\ProgramData\CyberLink
O43 - CFD: 26/07/2012 - 08:22:08 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 26/07/2012 - 08:22:08 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 24/02/2013 - 22:59:53 - [19,099] ----D C:\ProgramData\Downloaded Installations
O43 - CFD: 11/12/2012 - 20:56:32 - [124,218] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 11/12/2012 - 20:41:57 - [0,100] ----D C:\ProgramData\install_clap
O43 - CFD: 11/12/2012 - 20:25:51 - [0,018] ----D C:\ProgramData\Intel
O43 - CFD: 24/02/2013 - 23:00:03 - [5,304] ----D C:\ProgramData\Lavasoft
O43 - CFD: 28/02/2013 - 17:34:46 - [5,691] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 02/02/2013 - 19:20:03 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 10/02/2013 - 16:59:23 - [1870,672] -S--D C:\ProgramData\Microsoft
O43 - CFD: 02/02/2013 - 19:20:03 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 02/02/2013 - 21:37:33 - [0,000] ----D C:\ProgramData\Mozilla
O43 - CFD: 02/02/2013 - 20:58:41 - [283,651] ----D C:\ProgramData\Norton
O43 - CFD: 11/12/2012 - 20:53:17 - [14,826] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 05/02/2013 - 16:27:18 - [0,039] ----D C:\ProgramData\PRICache
O43 - CFD: 11/12/2012 - 20:29:07 - [6,985] ----D C:\ProgramData\Ralink Driver
O43 - CFD: 12/12/2012 - 06:17:22 - [0,001] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 13/02/2013 - 01:11:17 - [0,641] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 26/07/2012 - 08:22:08 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 11/12/2012 - 21:03:42 - [0,002] ----D C:\ProgramData\Synaptics
O43 - CFD: 10/02/2013 - 16:38:59 - [2,467] ----D C:\ProgramData\Temp
O43 - CFD: 26/07/2012 - 08:22:08 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 03/02/2013 - 00:14:10 - [-827,579] ----D C:\ProgramData\WildTangent
O43 - CFD: 01/09/2012 - 21:30:09 - [43,928] ----D C:\ProgramData\{BE4DD016-EE56-4AC8-9832-69281423A3D4}
O43 - CFD: 25/02/2013 - 20:24:35 - [0,026] ----D C:\Users\delphine\AppData\Roaming\Ad-Aware Antivirus
O43 - CFD: 02/02/2013 - 20:38:49 - [0,910] ----D C:\Users\delphine\AppData\Roaming\Adobe
O43 - CFD: 17/02/2013 - 11:44:35 - [0] ----D C:\Users\delphine\AppData\Roaming\Advernet
O43 - CFD: 03/02/2013 - 18:01:09 - [0,007] ----D C:\Users\delphine\AppData\Roaming\Hewlett-Packard
O43 - CFD: 02/02/2013 - 22:56:52 - [0,208] ----D C:\Users\delphine\AppData\Roaming\hpqlog
O43 - CFD: 04/02/2013 - 19:19:03 - [0] ----D C:\Users\delphine\AppData\Roaming\Identities
O43 - CFD: 24/02/2013 - 22:58:17 - [0,001] ----D C:\Users\delphine\AppData\Roaming\LavasoftStatistics
O43 - CFD: 02/02/2013 - 21:32:40 - [0,010] ----D C:\Users\delphine\AppData\Roaming\Macromedia
O43 - CFD: 28/02/2013 - 17:34:55 - [0,007] ----D C:\Users\delphine\AppData\Roaming\Malwarebytes
O43 - CFD: 10/02/2013 - 16:59:23 - [0,929] -S--D C:\Users\delphine\AppData\Roaming\Microsoft
O43 - CFD: 02/02/2013 - 21:37:56 - [90,269] ----D C:\Users\delphine\AppData\Roaming\Mozilla
O43 - CFD: 02/02/2013 - 20:39:18 - [0] ----D C:\Users\delphine\AppData\Roaming\Synaptics
O43 - CFD: 02/02/2013 - 22:02:09 - [0,072] ----D C:\Users\delphine\AppData\Roaming\vlc
O43 - CFD: 03/02/2013 - 00:08:58 - [3,642] ----D C:\Users\delphine\AppData\Roaming\WildTangent
O43 - CFD: 24/02/2013 - 23:02:31 - [2,801] ----D C:\Users\delphine\AppData\Local\adawarebp
O43 - CFD: 02/02/2013 - 20:36:02 - [0] ----D C:\Users\delphine\AppData\Local\Application Data
O43 - CFD: 21/02/2013 - 18:50:37 - [0,064] ----D C:\Users\delphine\AppData\Local\Diagnostics
O43 - CFD: 03/02/2013 - 22:08:27 - [13,132] ----D C:\Users\delphine\AppData\Local\Google
O43 - CFD: 12/02/2013 - 08:01:24 - [0,010] ----D C:\Users\delphine\AppData\Local\Hewlett-Packard
O43 - CFD: 02/02/2013 - 20:36:02 - [0] ----D C:\Users\delphine\AppData\Local\Historique
O43 - CFD: 02/02/2013 - 22:37:39 - [0] ----D C:\Users\delphine\AppData\Local\Macromedia
O43 - CFD: 19/02/2013 - 18:28:23 - [137,465] ----D C:\Users\delphine\AppData\Local\Microsoft
O43 - CFD: 02/02/2013 - 21:37:41 - [64,525] ----D C:\Users\delphine\AppData\Local\Mozilla
O43 - CFD: 02/02/2013 - 21:34:10 - [0,189] ----D C:\Users\delphine\AppData\Local\Notation
O43 - CFD: 10/02/2013 - 16:43:57 - [40,327] ----D C:\Users\delphine\AppData\Local\OLYMPUS
O43 - CFD: 22/02/2013 - 08:32:19 - [132,272] ----D C:\Users\delphine\AppData\Local\Packages
O43 - CFD: 02/02/2013 - 20:37:08 - [0,039] ----D C:\Users\delphine\AppData\Local\Power2Go8
O43 - CFD: 06/02/2013 - 20:09:06 - [0] ----D C:\Users\delphine\AppData\Local\Programs
O43 - CFD: 01/03/2013 - 22:41:05 - [97,947] ----D C:\Users\delphine\AppData\Local\Temp
O43 - CFD: 02/02/2013 - 20:36:03 - [0] ----D C:\Users\delphine\AppData\Local\Temporary Internet Files
O43 - CFD: 02/02/2013 - 20:36:37 - [0] ----D C:\Users\delphine\AppData\Local\VirtualStore
O43 - CFD: 26/07/2012 - 09:13:00 - [0,004] R---D C:\Users\delphine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/07/2012 - 09:13:00 - [0,001] R---D C:\Users\delphine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 27/02/2013 - 08:24:01 - [0,000] R---D C:\Users\delphine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 26/07/2012 - 09:13:00 - [0,000] ----D C:\Users\delphine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 10/02/2013 - 16:43:27 - [0,005] ----D C:\Users\delphine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OLYMPUS ib
O43 - CFD: 27/02/2013 - 08:24:01 - [0,000] R---D C:\Users\delphine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/07/2012 - 09:13:00 - [0,005] R---D C:\Users\delphine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
~ Scan Program Folder in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.FFBB3A488B02468ADB9A6C7B6117AD10] - 01/03/2013 - 22:39:16 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin   [512]
O44 - LFC:[MD5.EEBE51A654DEC13FD40401344034B4B4] - 01/03/2013 - 22:22:20 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI   [1994362]
O44 - LFC:[MD5.39D945D76A1EEB23F1D86E5DB2349EF7] - 01/03/2013 - 22:22:20 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat   [158234]
O44 - LFC:[MD5.75E08AD02A7F6A8FAB82B7FBF86F8E61] - 01/03/2013 - 22:22:20 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat   [188148]
O44 - LFC:[MD5.5833AB229C304074E7A6B55089346797] - 01/03/2013 - 22:22:20 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat   [774720]
O44 - LFC:[MD5.D376A3DA5CA6A999D87A629F5AFE2BFE] - 01/03/2013 - 22:22:20 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat   [874848]
O44 - LFC:[MD5.EEBE51A654DEC13FD40401344034B4B4] - 01/03/2013 - 22:22:20 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1994362]
O44 - LFC:[MD5.A0B5F32AD04EE57F345098022756F42C] - 01/03/2013 - 22:16:49 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.711BA921F844256CB703807105BB6225] - 01/03/2013 - 22:13:55 ---A- . (...) -- C:\AdwCleaner[S1].txt   [10078]
O44 - LFC:[MD5.DAF8D6BED7AD025FF2428BBA0F11D7B8] - 01/03/2013 - 22:13:40 ---A- . (...) -- C:\AdwCleaner[R3].txt   [10274]
O44 - LFC:[MD5.8A2524EE163201CD9EB243F190BA7322] - 01/03/2013 - 22:08:03 ---A- . (...) -- C:\Windows\PFRO.log   [13550]
O44 - LFC:[MD5.63D58B07654C52FFC4E9F6DBD3FEB35E] - 01/03/2013 - 22:02:40 ---A- . (...) -- C:\AdwCleaner[R2].txt   [10213]
O44 - LFC:[MD5.2B7BA5561E0B11726D1C533EB051C734] - 01/03/2013 - 22:00:56 ---A- . (...) -- C:\AdwCleaner[R1].txt   [10152]
O44 - LFC:[MD5.19FEA748F36557685A42BF2012FC0A9C] - 01/03/2013 - 09:17:12 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1423375]
O44 - LFC:[MD5.9E990EA9C021A9D482614E2B9E83995D] - 28/02/2013 - 09:35:43 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\SysNative\aswBoot.exe   [287840]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/02/2013 - 16:45:21 ---A- . (...) -- C:\Windows\SysNative\HP_ActiveX_Patch_NOT_DETECTED.txt   [0]
O44 - LFC:[MD5.9B12D2AEC4E774D96578E7ECBE4459C5] - 17/02/2013 - 13:45:27 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT   [295848]
O44 - LFC:[MD5.C1BF55AD208A7950FA85B311D689E12F] - 10/02/2013 - 16:22:17 ---A- . (...) -- C:\Windows\DPINST.LOG   [11832]
O44 - LFC:[MD5.23948829C6D049B8ADE0E0FB87305AC3] - 06/02/2013 - 20:09:39 ---A- . (.Safer Networking Limited - Pas de description.) -- C:\Windows\SysNative\sdnclean64.exe   [17272]
O44 - LFC:[MD5.F61538DADA4EF556BEA8F3AEF12A7E6B] - 06/02/2013 - 09:10:28  . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\audiodg.exe   [46080]
O44 - LFC:[MD5.810ED88782952228AF9C0985FB7D259E] - 06/02/2013 - 09:10:18  . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\AudioEndpointBuilder.dll   [46080]
O44 - LFC:[MD5.6A8692468662C2780717FACA07269CA6] - 03/02/2013 - 21:07:11 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\SysNative\atmlib.dll   [46080]
O44 - LFC:[MD5.6A8692468662C2780717FACA07269CA6] - 03/02/2013 - 21:07:11 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll   [46080]
O44 - LFC:[MD5.DAFF45EACE818FA560BDA2E0672487F0] - 03/02/2013 - 21:07:11 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\SysNative\atmfd.dll   [362496]
O44 - LFC:[MD5.DAFF45EACE818FA560BDA2E0672487F0] - 03/02/2013 - 21:07:11 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll   [362496]
O44 - LFC:[MD5.4CA4361F9C6FA21B65821AD74D0CD081] - 05/01/2013 - 01:08:04 ---A- . (...) -- C:\Windows\SysNative\ApnDatabase.xml   [386577]
O44 - LFC:[MD5.7F38EFD2A0A2C393E8348A73073D6F8E] - 06/11/2012 - 05:18:37  . (...) -- C:\Windows\System32\localspl.dll   [478424]
O44 - LFC:[MD5.73FF017788E8494524F7348BE197E75A] - 11/10/2012 - 01:44:27 ---A- . (...) -- C:\Windows\SysNative\locale.nls   [478424]
O44 - LFC:[MD5.73FF017788E8494524F7348BE197E75A] - 11/10/2012 - 01:44:27 ---A- . (...) -- C:\Windows\System32\locale.nls   [478424]
O44 - LFC:[MD5.E72DE55561A739D3EF5C2BA1464F1298] - 20/09/2012 - 07:33:19 ---A- . (...) -- C:\Windows\SysNative\OEMLicense.dll   [110592]
O44 - LFC:[MD5.E72DE55561A739D3EF5C2BA1464F1298] - 20/09/2012 - 07:33:19 ---A- . (...) -- C:\Windows\System32\OEMLicense.dll   [110592]
~ Scan Files in 00mn 02s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.9A59E1CDCDD9BBD6022DD69A6A859251] - 01/03/2013 - 08:50:53 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-4DB88ADA.pf
O45 - LFCP:[MD5.A05A1B7ABC89641344D139E39C216D43] - 01/03/2013 - 08:50:55 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-CD4E002C.pf
O45 - LFCP:[MD5.12A9368C2BC9FCD56BDCD3136E512F1C] - 01/03/2013 - 12:53:08 ---A- - C:\Windows\Prefetch\ADAWARE.EXE-EC222E9B.pf
O45 - LFCP:[MD5.E40BEEA834BFC852FCF0F9F127F3BFFD] - 01/03/2013 - 16:57:43 ---A- - C:\Windows\Prefetch\AgCx_SC5.db
O45 - LFCP:[MD5.7CFC155E6598961C07B12E5BD17EE5A9] - 01/03/2013 - 16:57:57 ---A- - C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_5_502_14-95226A97.pf
O45 - LFCP:[MD5.2C2214CC2A49D3EDCED26CE6367817C1] - 01/03/2013 - 17:30:00 ---A- - C:\Windows\Prefetch\dynreservedpri.db
O45 - LFCP:[MD5.FC60E1CD8B661D66DD8C6A8E2DFBBDBB] - 01/03/2013 - 17:30:01 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.A584DE87E21E08B44EAFEDD851E09C44] - 01/03/2013 - 17:30:03 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-D687BE54.pf
O45 - LFCP:[MD5.3FD57469923A14E7E1BA53D47F5C1F6F] - 01/03/2013 - 17:30:11 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-22AD8A37.pf
O45 - LFCP:[MD5.7AA15E5F7A5502409D9F8E97EDE9E886] - 01/03/2013 - 17:30:11 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5511E724.pf
O45 - LFCP:[MD5.92DC5890A232A4BD31024A8858515FC5] - 01/03/2013 - 17:39:27 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B865F023.pf
O45 - LFCP:[MD5.DB95B01B25D1F44CF0049CB58472EC9B] - 01/03/2013 - 17:39:37 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-98677702.pf
O45 - LFCP:[MD5.64A21631BBB70042EBB4B2D3DC173788] - 01/03/2013 - 18:24:25 ---A- - C:\Windows\Prefetch\MALWAREBYTES-ANTI-MALWARE_MAL-40547773.pf
O45 - LFCP:[MD5.EC6672D1C9652ED6A38E73E8575C7A60] - 01/03/2013 - 18:24:25 ---A- - C:\Windows\Prefetch\MALWAREBYTES-ANTI-MALWARE_MAL-7A57DB75.pf
O45 - LFCP:[MD5.87F28C7B9AD026B0D4BFB44CF3AF6451] - 01/03/2013 - 18:24:25 ---A- - C:\Windows\Prefetch\MALWAREBYTES-ANTI-MALWARE_MAL-8062B210.pf
O45 - LFCP:[MD5.31C87E32FD3E9CF6AB95A3332AD4DA93] - 01/03/2013 - 18:31:28 ---A- - C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP.EX-9C394DEF.pf
O45 - LFCP:[MD5.F108FE770AC57AF1C7A9A1D2D0EEE53A] - 01/03/2013 - 18:31:40 ---A- - C:\Windows\Prefetch\AVAST.SETUP-01A4C819.pf
O45 - LFCP:[MD5.80E4A9E3D64CBADEBDBDF79268728EB1] - 01/03/2013 - 18:31:41 ---A- - C:\Windows\Prefetch\ASWOFFERTOOL.EXE-CA5A99DA.pf
O45 - LFCP:[MD5.B66923218C9386CF2B166B49006BE324] - 01/03/2013 - 18:32:50 ---A- - C:\Windows\Prefetch\SRTASKS.EXE-29C2E869.pf
O45 - LFCP:[MD5.8A5DEC3C74AA71116339AC82EBC4B908] - 01/03/2013 - 18:33:14 ---A- - C:\Windows\Prefetch\VCREDIST_X86_SP1.EXE-9A7CACCD.pf
O45 - LFCP:[MD5.3FA49882A354AD96211CA933E19D53AA] - 01/03/2013 - 18:33:16 ---A- - C:\Windows\Prefetch\INSTALL.EXE-3E2C35A3.pf
O45 - LFCP:[MD5.7B88DD117F46A08A7D9493DCF41EED75] - 01/03/2013 - 18:33:17 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-7D20CFB0.pf
O45 - LFCP:[MD5.FF5D5B926B6935F94F71A63B473DBFCD] - 01/03/2013 - 18:33:27 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-B018CCBF.pf
O45 - LFCP:[MD5.21CD4BA84EC9FE48F6612C67502B7FAB] - 01/03/2013 - 18:33:28 ---A- - C:\Windows\Prefetch\TIWORKER.EXE-D3BFD41F.pf
O45 - LFCP:[MD5.137C375D5BD533F11AF7E925A452E148] - 01/03/2013 - 18:34:14 ---A- - C:\Windows\Prefetch\DRVINST.EXE-26FFA444.pf
O45 - LFCP:[MD5.8E7FCEBAE56DAFE40AD351AC77148067] - 01/03/2013 - 18:34:52 ---A- - C:\Windows\Prefetch\AVASTSVC.EXE-E895EC10.pf
O45 - LFCP:[MD5.F5BA5D94EA561E2ACCF41960D9ED83BB] - 01/03/2013 - 18:34:58 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-6520183E.pf
O45 - LFCP:[MD5.D5DB12261C25A12DB809C3304F17617F] - 01/03/2013 - 18:35:19 ---A- - C:\Windows\Prefetch\AVASTUI.EXE-DC11C262.pf
O45 - LFCP:[MD5.0E1FAAD06F2FF467C1F20CABAAA1BF94] - 01/03/2013 - 18:35:47 ---A- - C:\Windows\Prefetch\AVBUGREPORT.EXE-E4EA699E.pf
O45 - LFCP:[MD5.F31CBF52C284B4784C09EC02FE5AAA58] - 01/03/2013 - 18:52:24 ---A- - C:\Windows\Prefetch\INSTALL_FLASH_PLAYER_11_PLUGI-E419D3A5.pf
O45 - LFCP:[MD5.180EAD1EE3EEE1D92936B8A57CC925B2] - 01/03/2013 - 18:53:22 ---A- - C:\Windows\Prefetch\INSTALLFLASHPLAYER.EXE-B28E7C5E.pf
O45 - LFCP:[MD5.55EF6E96B7186E9BC5DF8ED635819F98] - 01/03/2013 - 18:54:19 ---A- - C:\Windows\Prefetch\GLCND.EXE-DD45F588.pf
O45 - LFCP:[MD5.7FD097111D302FBFC9CA10E5402DB0F9] - 01/03/2013 - 18:54:20 ---A- - C:\Windows\Prefetch\RUNTIMEBROKER.EXE-AE08465F.pf
O45 - LFCP:[MD5.33F8A239B8B855669E03388BBE402A57] - 01/03/2013 - 20:59:30 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-557E30C0.pf
O45 - LFCP:[MD5.CD56AF47CCB8BE6A81D88934913C2A0A] - 01/03/2013 - 20:59:30 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-5E1C7F80.pf
O45 - LFCP:[MD5.47D5FA51C66A04C433BB252AB41532A2] - 01/03/2013 - 21:18:48 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-E35F76FB.pf
O45 - LFCP:[MD5.12AD08FD4AF8C38CB94546EAB213CA0F] - 01/03/2013 - 21:44:30 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.EF848777913DF8CE5424326AD2D01A0A] - 01/03/2013 - 21:45:30 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.78CF6D48A0D8D99DC2C655717BDBF69F] - 01/03/2013 - 21:48:33 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2032756789-3265916964-3165078470-1001.db
O45 - LFCP:[MD5.4CDD13F527035C603249672F128137C5] - 01/03/2013 - 21:48:33 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2032756789-3265916964-3165078470-1001.db
O45 - LFCP:[MD5.57EA2EB9F0045CE2F236E0731DD31446] - 01/03/2013 - 22:03:07 ---A- - C:\Windows\Prefetch\CONTROL.EXE-5BCB0217.pf
O45 - LFCP:[MD5.D07789694537018B736CFFDAA01FB248] - 01/03/2013 - 22:03:08 ---A- - C:\Windows\Prefetch\Op-EXPLORER.EXE-03C49D11-000000F5.pf
O45 - LFCP:[MD5.9583CD6015D269B53339B09F3F7403E6] - 01/03/2013 - 22:03:16 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C7028A70.pf
O45 - LFCP:[MD5.35AB60E484BD4602C379D91671941BCE] - 01/03/2013 - 22:03:27 ---A- - C:\Windows\Prefetch\ASWRUNDLL.EXE-812C3585.pf
O45 - LFCP:[MD5.2CDB37E432B2C0CA49CD0A9393F30C06] - 01/03/2013 - 22:03:27 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-7242160E.pf
O45 - LFCP:[MD5.2DE4BFDCE2CF78B34A3CB4457D5F90E9] - 01/03/2013 - 22:03:29 ---A- - C:\Windows\Prefetch\AVAST.SETUP-50B30900.pf
O45 - LFCP:[MD5.97AD0049A3630AFB367821B6A7B710FB] - 01/03/2013 - 22:03:44 ---A- - C:\Windows\Prefetch\CTFMON.EXE-286F3259.pf
O45 - LFCP:[MD5.E68396ECB40E20B37E73D9A1240D13D9] - 01/03/2013 - 22:04:01 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-574A519D.pf
O45 - LFCP:[MD5.CCBF296F5A8028C752AEC20C7A422AB9] - 01/03/2013 - 22:04:01 ---A- - C:\Windows\Prefetch\VSSVC.EXE-206E55B3.pf
O45 - LFCP:[MD5.24B0965252C1360491CCE85D7860CCE4] - 01/03/2013 - 22:04:04 ---A- - C:\Windows\Prefetch\ASWREGSVR.EXE-258A15D5.pf
O45 - LFCP:[MD5.AF3DCD6E45C151403A75687BA7AF580B] - 01/03/2013 - 22:04:04 ---A- - C:\Windows\Prefetch\ASWREGSVR64.EXE-4668B667.pf
O45 - LFCP:[MD5.7E2D39CF90C1AE3D4850BBE1CE4BCC05] - 01/03/2013 - 22:04:04 ---A- - C:\Windows\Prefetch\VISTHAUX.EXE-2214E215.pf
O45 - LFCP:[MD5.0C33B1693BF9525957A461FCA6738231] - 01/03/2013 - 22:04:06 ---A- - C:\Windows\Prefetch\AVASTEMUPDATE.EXE-0DD1597D.pf
O45 - LFCP:[MD5.55D4C5BC5895D53F9DAB7F7FD0C8C8F2] - 01/03/2013 - 22:04:13 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-8D368B00.pf
O45 - LFCP:[MD5.CE2389DA95946167D9DF27F487520F9D] - 01/03/2013 - 22:04:20 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf
O45 - LFCP:[MD5.042E5DD406FF9CBEA12E021179FB790E] - 01/03/2013 - 22:04:22 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf
O45 - LFCP:[MD5.6708511E3E8D74EDB521E6C9C7D09A14] - 01/03/2013 - 22:07:17 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-210D3DBE.pf
O45 - LFCP:[MD5.6EE467DB75ACE867A68BE47850E589A6] - 01/03/2013 - 22:09:37 ---A- - C:\Windows\Prefetch\TASKHOSTEX.EXE-7356AAC0.pf
O45 - LFCP:[MD5.CF1165D51C3CC94B7D905BFA17EE8AD0] - 01/03/2013 - 22:09:37 ---A- - C:\Windows\Prefetch\USERINIT.EXE-7FD17ED1.pf
O45 - LFCP:[MD5.BEAEDA1AD7751D4913996D3612D4A00C] - 01/03/2013 - 22:09:43 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf
O45 - LFCP:[MD5.C63F9E49BF6D5BD07F5DC3BF1E4EB5D7] - 01/03/2013 - 22:09:56 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-528BC649.pf
O45 - LFCP:[MD5.2A384931000C6C690961C1A78DC413BA] - 01/03/2013 - 22:09:57 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-E874B0D0.pf
O45 - LFCP:[MD5.C98AFCA9848AE333A3C9B09A0C665A69] - 01/03/2013 - 22:09:59 ---A- - C:\Windows\Prefetch\SYNTPHELPER.EXE-878378AE.pf
O45 - LFCP:[MD5.B51B4465B100280065E6786BE27C3500] - 01/03/2013 - 22:10:34 ---A- - C:\Windows\Prefetch\AgCx_SC4.db
O45 - LFCP:[MD5.7DEA695BB0F341B45467D70A423D9B7D] - 01/03/2013 - 22:13:42 ---A- - C:\Windows\Prefetch\ADWCLEANER.EXE-FF168C49.pf
O45 - LFCP:[MD5.8317A2FD24F16238FF1126218D5181D8] - 01/03/2013 - 22:13:45 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-B28CC291.pf
O45 - LFCP:[MD5.4D962EB4E4E4CDBAF906C9D7D21C925B] - 01/03/2013 - 22:14:17 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.56D3451C060B82E29B363D5376F71157] - 01/03/2013 - 22:14:17 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.BBB7D7B1F6A34D8B1E7172C2E90659F7] - 01/03/2013 - 22:14:19 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.AAFCA389B14296E379ED2EBE65441846] - 01/03/2013 - 22:14:19 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.151DB88DF2EA5402A9B5687353559379] - 01/03/2013 - 22:14:19 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.4C0D95194FA2936A1B9513591C231CE8] - 01/03/2013 - 22:15:44 ---A- - C:\Windows\Prefetch\IGFXTRAY.EXE-21BDFE68.pf
O45 - LFCP:[MD5.0855E2253D0D56A526315C3B08B4B9B4] - 01/03/2013 - 22:15:44 ---A- - C:\Windows\Prefetch\MBAMGUI.EXE-9FF23AE2.pf
O45 - LFCP:[MD5.A6710EDF1608B3D1ABD95217B7419143] - 01/03/2013 - 22:15:44 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-EF8503D3.pf
O45 - LFCP:[MD5.1427DEB044E79FB317FE5EE8A6BF59D1] - 01/03/2013 - 22:15:45 ---A- - C:\Windows\Prefetch\IGFXSRVC.EXE-F41E6E8E.pf
O45 - LFCP:[MD5.C601B0BF34DD3961E57F5904C70581FB] - 01/03/2013 - 22:15:48 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-1B28B747.pf
O45 - LFCP:[MD5.EF42357BED70B1464CB8E11279B1BEFE] - 01/03/2013 - 22:15:48 ---A- - C:\Windows\Prefetch\HKCMD.EXE-15DC91D5.pf
O45 - LFCP:[MD5.4E51A4C61F0DB673348094E0D7DD40EA] - 01/03/2013 - 22:15:48 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-BB49B536.pf
O45 - LFCP:[MD5.A8C19887E9E5752315DDBEC91B0E8AE9] - 01/03/2013 - 22:15:49 ---A- - C:\Windows\Prefetch\IGFXPERS.EXE-82C794F2.pf
O45 - LFCP:[MD5.5C4333E7268EBC8C2EE8155080EE572B] - 01/03/2013 - 22:15:49 ---A- - C:\Windows\Prefetch\MUISTARTMENU.EXE-B646921D.pf
O45 - LFCP:[MD5.9F70FCF724881038FA220889480238A2] - 01/03/2013 - 22:15:50 ---A- - C:\Windows\Prefetch\STTRAY64.EXE-D84D4C46.pf
O45 - LFCP:[MD5.FF5735BD79FC60187332744A47A2F3EB] - 01/03/2013 - 22:15:51 ---A- - C:\Windows\Prefetch\NOTATIONSYSTRAY.EXE-7E0BF82E.pf
O45 - LFCP:[MD5.D3B5266D6E508BADDBD12A9FA96079F3] - 01/03/2013 - 22:15:51 ---A- - C:\Windows\Prefetch\SYNTPENH.EXE-2DD080ED.pf
O45 - LFCP:[MD5.1003A211C1B0C4D7B360582A2F0E8BD4] - 01/03/2013 - 22:15:56 ---A- - C:\Windows\Prefetch\HPMSGSVC.EXE-D38F7EA6.pf
O45 - LFCP:[MD5.A5410A4B8BD279891AED79594EFC87E3] - 01/03/2013 - 22:15:58 ---A- - C:\Windows\Prefetch\OLYCAMDETECT.EXE-6F62A4E9.pf
O45 - LFCP:[MD5.C38E9C622D90F141580A01C80B7E708F] - 01/03/2013 - 22:16:04 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6AA5D6C5.pf
O45 - LFCP:[MD5.64AB14448EAB5A787D1FA53001937EA6] - 01/03/2013 - 22:16:10 ---A- - C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_6_602_17-027ADC8F.pf
O45 - LFCP:[MD5.302178A1BB9DBC012B647330745D22DE] - 01/03/2013 - 22:16:10 ---A- - C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-E510713D.pf
O45 - LFCP:[MD5.857834F7C52B5221185735460B6E9482] - 01/03/2013 - 22:18:21 ---A- - C:\Windows\Prefetch\HPSA_SERVICE.EXE-1776F51A.pf
O45 - LFCP:[MD5.0386F1302E96DF58115B9287E428BDB4] - 01/03/2013 - 22:18:22 ---A- - C:\Windows\Prefetch\INTELMEFWSERVICE.EXE-265333D9.pf
O45 - LFCP:[MD5.FEECD3364B1B1B9524D777B6D651B17E] - 01/03/2013 - 22:18:22 ---A- - C:\Windows\Prefetch\RICONMAN.EXE-D63AD6B8.pf
O45 - LFCP:[MD5.E0DB45E3AD520338450A2748AA17C83D] - 01/03/2013 - 22:18:23 ---A- - C:\Windows\Prefetch\LMS.EXE-409EDB07.pf
O45 - LFCP:[MD5.46980F4340C8879ACC47CA846BFAD618] - 01/03/2013 - 22:18:25 ---A- - C:\Windows\Prefetch\CCSVCHST.EXE-A988759B.pf
O45 - LFCP:[MD5.68BD59080FB2F0085C0FC7BCDB1F3666] - 01/03/2013 - 22:19:03 ---A- - C:\Windows\Prefetch\CCSVCHST.EXE-A988759A.pf
O45 - LFCP:[MD5.EC9812358DD97B806316E2A82BA04A49] - 01/03/2013 - 22:19:14 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-7D63BB4C.pf
O45 - LFCP:[MD5.2444EE9E9D51F62B504ADD466ADACB77] - 01/03/2013 - 22:20:06 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-E0E5E52F.pf
O45 - LFCP:[MD5.DC46680F31B1881D01D793BFD5F7938A] - 01/03/2013 - 22:20:12 ---A- - C:\Windows\Prefetch\TASKENG.EXE-23205583.pf
O45 - LFCP:[MD5.F8D757D1967F4A54559EED48DE169D1D] - 01/03/2013 - 22:20:14 ---A- - C:\Windows\Prefetch\UNS.EXE-9B1279FB.pf
O45 - LFCP:[MD5.2E3AD6A1C87E82443D757E77EEE22FFA] - 01/03/2013 - 22:20:15 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-13D172B9.pf
O45 - LFCP:[MD5.66B68193B70260A710358731E1CDEF95] - 01/03/2013 - 22:23:48 ---A- - C:\Windows\Prefetch\CLTLMH.EXE-1E1B01E9.pf
O45 - LFCP:[MD5.E33A7E65AFBD0C78659511E1511FAB85] - 01/03/2013 - 22:23:48 ---A- - C:\Windows\Prefetch\CONHOST.EXE-F98A1078.pf
O45 - LFCP:[MD5.78C4375B0B75F6BC7C0CF903FD8ABDFF] - 01/03/2013 - 22:30:05 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-985C34E6.pf
O45 - LFCP:[MD5.50233D674D4BBBF02EC3DC650EC49DAC] - 01/03/2013 - 22:30:19 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-29D61DAB.pf
O45 - LFCP:[MD5.6B8B9B9C3C4AEBD591FF40FE39EC1029] - 01/03/2013 - 22:30:24 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C1C2EFBE.pf
O45 - LFCP:[MD5.05B3ECDB4893BE582EAF6F0D1BC496AF] - 01/03/2013 - 22:35:57 ---A- - C:\Windows\Prefetch\CONSENT.EXE-2D674CE4.pf
O45 - LFCP:[MD5.E957D2E4F594052CD10F850CE6C272FC] - 01/03/2013 - 22:36:02 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50AF0BCC.pf
O45 - LFCP:[MD5.0DAE0692C4F60BFE7136581D0AFD483B] - 01/03/2013 - 22:36:19 ---A- - C:\Windows\Prefetch\CMD.EXE-2EB3E6E2.pf
O45 - LFCP:[MD5.0AF117B9980BD5D220D57235605A0C35] - 01/03/2013 - 22:36:26 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-D08B2113.pf
O45 - LFCP:[MD5.A0257643EEE6B14543C7422EEBE6C3E7] - 01/03/2013 - 22:37:24 ---A- - C:\Windows\Prefetch\LADS.EXE-BC89FD22.pf
O45 - LFCP:[MD5.F2B49B93A82EF7C0D50CE6C036CF1DA6] - 01/03/2013 - 22:39:09 ---A- - C:\Windows\Prefetch\NSLOOKUP.EXE-EB35EDAD.pf
O45 - LFCP:[MD5.6E8CCBF0B1113EA973EA798DD2BA7832] - 01/03/2013 - 22:39:15 ---A- - C:\Windows\Prefetch\MBR.EXE-949248F3.pf
O45 - LFCP:[MD5.1144AE13F23BD45450229411EF7D9BEB] - 01/03/2013 - 22:39:16 ---A- - C:\Windows\Prefetch\MBRCHECK.EXE-52282269.pf
O45 - LFCP:[MD5.D935538036D79919DB3BBD7C2036B0E2] - 01/03/2013 - 22:39:18 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-94CE7668.pf
O45 - LFCP:[MD5.19FE3658199F7A9E0F0BE39CEA46232E] - 01/03/2013 - 22:39:20 ---A- - C:\Windows\Prefetch\SYMERR.EXE-85F7934F.pf
O45 - LFCP:[MD5.49FCECFF29AFA69C1C692CE94D756EAF] - 01/03/2013 - 22:45:03 ---A- - C:\Windows\Prefetch\THUMBNAILEXTRACTIONHOST.EXE-C3FB8861.pf
O45 - LFCP:[MD5.B30580E18F92EA18C190356809405325] - 01/03/2013 - 22:45:30 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-9848A323.pf
O45 - LFCP:[MD5.0CBEB26E6FBC0D2038D107C7F7060137] - 01/03/2013 - 22:46:03 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-5F2753B1.pf
O45 - LFCP:[MD5.188D44680A3C6FDB2DC155A11A2C19C1] - 01/03/2013 - 22:46:13 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-C7289479.pf
O45 - LFCP:[MD5.5DE5F8D3F34C884CA62B363AB6D6ED85] - 01/03/2013 - 22:47:07 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5B401A7E.pf
O45 - LFCP:[MD5.4EF936D8949068E3F077570FA1760329] - 01/03/2013 - 22:47:15 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-38926D07.pf
O45 - LFCP:[MD5.872AAE79EB19FAC9209E8CA887FC1EE5] - 01/03/2013 - 22:47:19 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-10E4267C.pf
O45 - LFCP:[MD5.F407A7A18E59B66EEEEE43E4B4B0941F] - 01/03/2013 - 22:47:19 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-C6CFE2A8.pf
O45 - LFCP:[MD5.A7F02650F6AC40935209F5B3E39397BB] - 01/03/2013 - 22:49:42 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-E9FF6526.pf
O45 - LFCP:[MD5.876D117978DD41144FB234D1914C8126] - 01/03/2013 - 22:49:43 ---A- - C:\Windows\Prefetch\PV.EXE-D9D90B9C.pf
O45 - LFCP:[MD5.11CA2C801329368DB5CA26044E6C35A6] - 01/03/2013 - 22:49:51 ---A- - C:\Windows\Prefetch\CMD.EXE-CD245F9E.pf
O45 - LFCP:[MD5.6A95C76A335F4376B79E3FB560D29AEF] - 01/03/2013 - 22:49:51 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-BA1E321E.pf
O45 - LFCP:[MD5.AEC2CBCE54B0FB75059DD9058E73E7BA] - 01/03/2013 - 22:49:51 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-7B160CA5.pf
O45 - LFCP:[MD5.90F54B56EBE08FA70C969AD9FD020E1A] - 01/03/2013 - 22:49:51 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-0C8A533A.pf
O45 - LFCP:[MD5.2312735AD8258CCF01659FB50F33D544] - 02/02/2013 - 20:35:38 ---A- - C:\Windows\Prefetch\MSOOBE.EXE-AE41C2E0.pf
O45 - LFCP:[MD5.E98A35F1E2F250F76D6426CFDCDED612] - 02/02/2013 - 20:42:26 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-6C28DB75.pf
O45 - LFCP:[MD5.843D698969E23D0FD278BFAAB09A0B05] - 02/02/2013 - 20:45:44 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-6132DF3D.pf
O45 - LFCP:[MD5.1EE67EE39B31C6F3CF714B466629EBD3] - 02/02/2013 - 20:47:24 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-6C28DB76.pf
O45 - LFCP:[MD5.D415B84E7558947645CEFB664DC21EAD] - 02/02/2013 - 21:07:54 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-11B06426.pf
O45 - LFCP:[MD5.7C6C842741F5D0F64379D5E5FFC2ED3A] - 02/02/2013 - 21:29:44 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-B0D35A7E.pf
O45 - LFCP:[MD5.EA0C669BC605FA450B35B1CFDC672AF6] - 02/02/2013 - 21:34:45 ---A- - C:\Windows\Prefetch\WGET.EXE-B11DD3CA.pf
O45 - LFCP:[MD5.882C13777076A95EBAAF22D4BDF17272] - 02/02/2013 - 21:37:34 ---A- - C:\Windows\Prefetch\MAINTENANCESERVICE_INSTALLER.-A809585F.pf
O45 - LFCP:[MD5.60016D568B473436DCA9C189DD7924B8] - 02/02/2013 - 21:52:42 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-8423D9C3.pf
O45 - LFCP:[MD5.69FB9971CB570B439FBF3AA09E8989B0] - 02/02/2013 - 22:25:25 ---A- - C:\Windows\Prefetch\WEBCAM.EXE-0FC158C9.pf
O45 - LFCP:[MD5.968F411A9CD9B989246E9E6999FD4013] - 02/02/2013 - 22:33:16 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-917C29EF.pf
O45 - LFCP:[MD5.27A4A59265E32D0BA99A49B9652522F6] - 02/02/2013 - 22:37:22 ---A- - C:\Windows\Prefetch\FP_PL_PFS_INSTALLER.EXE-5EB32D9E.pf
O45 - LFCP:[MD5.A2C7280BE8D1D6B910FCBFDCDBB8ACEC] - 03/02/2013 - 18:01:55 ---A- - C:\Windows\Prefetch\WLRMDR.EXE-8CD26CA2.pf
O45 - LFCP:[MD5.56E1696F829FDB5697148A55E699DF7C] - 03/02/2013 - 20:47:03 ---A- - C:\Windows\Prefetch\SETUP.EXE-4E0B051C.pf
O45 - LFCP:[MD5.9B7DAACE0F641533535D0770A36F2B7E] - 03/02/2013 - 20:47:23 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-0932DD98.pf
O45 - LFCP:[MD5.F766D7B3B37FB7A7154F5BE6EA480898] - 03/02/2013 - 20:49:07 ---A- - C:\Windows\Prefetch\VIDEOPERFORMER.EXE-78D165C5.pf
O45 - LFCP:[MD5.847687B34362FB7B3ABE60048F656318] - 03/02/2013 - 20:49:15 ---A- - C:\Windows\Prefetch\COMPONENT_358.TMP-54C0E96B.pf
O45 - LFCP:[MD5.136CDF4675C59520D701C44CC2CB7B10] - 03/02/2013 - 21:05:47 ---A- - C:\Windows\Prefetch\VEETLE-0.9.19.EXE-ABE318A8.pf
O45 - LFCP:[MD5.BC8B9B91423449ECA39F7AB61C44EF39] - 03/02/2013 - 21:05:57 ---A- - C:\Windows\Prefetch\INSTALLWRAPPER.EXE-FBE266E3.pf
O45 - LFCP:[MD5.938F78DA067B0D46D4F7DCA634C6645E] - 05/02/2013 - 16:28:13 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-B4587EAF.pf
O45 - LFCP:[MD5.133B15ECA8F0256EAB99BBA3293EF8DE] - 05/02/2013 - 17:06:44 ---A- - C:\Windows\Prefetch\UNINS000.EXE-1DB00DCD.pf
O45 - LFCP:[MD5.61E1616610B9E67D0D8F90F039F16E16] - 06/02/2013 - 20:03:45 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-0C8E17B4.pf
O45 - LFCP:[MD5.DCEAAAF28AB0BC7A640058E90F670276] - 06/02/2013 - 20:09:05 ---A- - C:\Windows\Prefetch\SPYBOTSD2.TMP-3C2E5D02.pf
O45 - LFCP:[MD5.73353381AC05AEC289C30D1CA259B961] - 06/02/2013 - 20:09:09 ---A- - C:\Windows\Prefetch\SPYBOTSD2.TMP-29E62DD8.pf
O45 - LFCP:[MD5.8F12485183397A5DFAD7F62199F43EB1] - 06/02/2013 - 22:38:02 ---A- - C:\Windows\Prefetch\MSDT.EXE-A16F1692.pf
O45 - LFCP:[MD5.3E4BA0AE3D2D6A4F8EBE03146F53ABDE] - 06/02/2013 - 22:40:10 ---A- - C:\Windows\Prefetch\DISPLAYSWITCH.EXE-4D432882.pf
O45 - LFCP:[MD5.80AC34313C6EDE854D2BF31BA9C35BF8] - 08/02/2013 - 18:22:06 ---A- - C:\Windows\Prefetch\MSOO.EXE-05A89D5C.pf
O45 - LFCP:[MD5.48CD6237876FB9B60E0042868526A195] - 08/02/2013 - 18:27:53 ---A- - C:\Windows\Prefetch\UPDATER.EXE-6E272550.pf
O45 - LFCP:[MD5.EBC11B594AA075817D5922DC76FE97F8] - 08/02/2013 - 18:27:58 ---A- - C:\Windows\Prefetch\GAMECONSOLE-WT.EXE-955CC1AB.pf
O45 - LFCP:[MD5.78FA0C415E9D279AA7158C1138A93ADC] - 08/02/2013 - 18:28:42 ---A- - C:\Windows\Prefetch\PS.EXE-1EE522C7.pf
O45 - LFCP:[MD5.B1C5498BF21ADE7CE96F619ED26BC633] - 10/02/2013 - 15:22:52 ---A- - C:\Windows\Prefetch\FLASHUTIL32_11_5_502_146_PLUG-A822E030.pf
O45 - LFCP:[MD5.6033E3E099CC55B8FBA264068E74AEF7] - 10/02/2013 - 15:32:34 ---A- - C:\Windows\Prefetch\LAUNCHER.EXE-85C9A436.pf
O45 - LFCP:[MD5.36BCF822915366ABCEA6C109EEA3676B] - 10/02/2013 - 16:02:31 ---A- - C:\Windows\Prefetch\PASSWORDDETECTION.EXE-F556DA0F.pf
O45 - LFCP:[MD5.5E313C05C61D75DF0E7DAB8245F87604] - 10/02/2013 - 16:38:39 ---A- - C:\Windows\Prefetch\IBSETUP.EXE-751D22CE.pf
O45 - LFCP:[MD5.7A648A7747824B2A1A9D8468B16C7A88] - 10/02/2013 - 16:38:40 ---A- - C:\Windows\Prefetch\DRIVERINSTALLER.EXE-D82D105C.pf
O45 - LFCP:[MD5.A422FDB686A2B40903EFDF7EB8BE7363] - 10/02/2013 - 16:38:53 ---A- - C:\Windows\Prefetch\SETUP.EXE-6DF7236F.pf
O45 - LFCP:[MD5.05DED95AF6354EFE08B6B765B42E3766] - 10/02/2013 - 16:40:38 ---A- - C:\Windows\Prefetch\VCREDIST_X86_VC9.EXE-263E9B0C.pf
O45 - LFCP:[MD5.B4D6470A3EB74DA0F6A954B7978D52F9] - 10/02/2013 - 16:40:48 ---A- - C:\Windows\Prefetch\SHOWAD.EXE-A930973B.pf
O45 - LFCP:[MD5.ED80C489DB1D6F1A2AAFB7A3E8956C10] - 10/02/2013 - 16:43:58 ---A- - C:\Windows\Prefetch\OLYMPUS VIEWER 2.EXE-26097426.pf
O45 - LFCP:[MD5.2930D282CC3C1FFF78DC3D12C547B2CA] - 10/02/2013 - 17:02:40 ---A- - C:\Windows\Prefetch\MANUALSETUP.EXE-120A660D.pf
O45 - LFCP:[MD5.D39FB5C9C5D2DA4E13466DD6EC0AF970] - 10/02/2013 - 17:16:31 ---A- - C:\Windows\Prefetch\CAMERAUPDATE.EXE-CC1A52C2.pf
O45 - LFCP:[MD5.58A6F5041526B320E86CA72AE32B92C9] - 10/02/2013 - 17:32:59 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3F4.pf
O45 - LFCP:[MD5.C44231B5CC28D4017AF4AC6909FD69B7] - 11/02/2013 - 17:17:00 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-F7FB8768.pf
O45 - LFCP:[MD5.599F7F323802981E32107FB12AEA3585] - 12/02/2013 - 07:41:09 ---A- - C:\Windows\Prefetch\XMLVIEWERHPSF.EXE-103D9A1D.pf
O45 - LFCP:[MD5.B7DABBCA743FDE866B6996C810B2F615] - 12/02/2013 - 07:46:07 ---A- - C:\Windows\Prefetch\MOUNTVOL.EXE-84487FEE.pf
O45 - LFCP:[MD5.30D048538D08BE852DB64B3182AF50D5] - 12/02/2013 - 07:58:44 ---A- - C:\Windows\Prefetch\NOTEBOOKDOCS.EXE-72BE5D8B.pf
O45 - LFCP:[MD5.627342FF58F1EF4D52EDFE033862B634] - 12/02/2013 - 08:11:24 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-C8891C4B.pf
O45 - LFCP:[MD5.1A8048A1CD6A09AD4C4E02D1FAD47899] - 12/02/2013 - 09:12:32 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-E6CE32EB.pf
O45 - LFCP:[MD5.82C0D5CF8ACBF24B470A0049083D6330] - 12/02/2013 - 20:33:56 ---A- - C:\Windows\Prefetch\TETRIS.TMP-8F0B41A2.pf
O45 - LFCP:[MD5.A38BFC10A88D85EA2BB3ED7074B8EB71] - 12/02/2013 - 20:34:01 ---A- - C:\Windows\Prefetch\TETRIS.TMP-1FFC5C73.pf
O45 - LFCP:[MD5.28B979F478DD3B39C1F8C18CAC4A6B87] - 12/02/2013 - 20:35:28 ---A- - C:\Windows\Prefetch\TETRIS.EXE-37AFF8C9.pf
O45 - LFCP:[MD5.464C056585E8ED6E5830D6F4605549F3] - 13/02/2013 - 08:19:40 ---A- - C:\Windows\Prefetch\MMAMAIN.EXE-02A9BA80.pf
O45 - LFCP:[MD5.72141F2D47F4C2AD771FE2C34F2FEE28] - 13/02/2013 - 08:22:27 ---A- - C:\Windows\Prefetch\SDIMMUNIZE.EXE-1AE7723A.pf
O45 - LFCP:[MD5.E34CE7DE2C57BDAB0BF3286F1FE8882A] - 13/02/2013 - 08:22:57 ---A- - C:\Windows\Prefetch\SDFILES.EXE-76405DF3.pf
O45 - LFCP:[MD5.FE6D4E114F334BF9864AF847F68CF5A0] - 14/02/2013 - 20:32:18 ---A- - C:\Windows\Prefetch\EASEOFACCESSDIALOG.EXE-E54B6BCB.pf
O45 - LFCP:[MD5.441B7A123F01541FB69EBF08C12CF981] - 17/02/2013 - 09:12:42 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-28A962DF.pf
O45 - LFCP:[MD5.C7442FA4753E58EAE1E3670458FB4071] - 17/02/2013 - 11:44:05 ---A- - C:\Windows\Prefetch\SETUP-FIREFOX.EXE-E2A50758.pf
O45 - LFCP:[MD5.A276F68FA164DF662A6F406C923CF57D] - 17/02/2013 - 13:53:13 ---A- - C:\Windows\Prefetch\IB.EXE-71A4B4F2.pf
O45 - LFCP:[MD5.62A57B86FB57612EFAABD1DDC3ED83C8] - 19/02/2013 - 18:14:58 ---A- - C:\Windows\Prefetch\SETUP.EXE-5DA64B9D.pf
O45 - LFCP:[MD5.38CED0E107BFD7C45CFE76FE39BD29DD] - 19/02/2013 - 18:22:53 ---A- - C:\Windows\Prefetch\WORDPAD.EXE-505FE0CE.pf
O45 - LFCP:[MD5.79C4C044FB4F3C81830E609C8690FCB2] - 19/02/2013 - 18:27:23 ---A- - C:\Windows\Prefetch\DSMUSERTASK.EXE-D4A83970.pf
O45 - LFCP:[MD5.1484DC9A4688EC7E025EAD1A7B6B8F49] - 19/02/2013 - 18:27:45 ---A- - C:\Windows\Prefetch\SETUP_WM.EXE-5D2609E7.pf
O45 - LFCP:[MD5.BFC3D9ABF2F7F4A7401F9F363880FC3E] - 19/02/2013 - 18:28:16 ---A- - C:\Windows\Prefetch\WMPLAYER.EXE-B0AD61F0.pf
O45 - LFCP:[MD5.1F4C24FB32F1974BFCD7B348B85AD5F4] - 22/02/2013 - 19:41:00 ---A- - C:\Windows\Prefetch\RSTRUI.EXE-F76EBF17.pf
O45 - LFCP:[MD5.122BAAF8387496FD7B77AB84E98AB80C] - 22/02/2013 - 19:41:07 ---A- - C:\Windows\Prefetch\RELPOST.EXE-AC41CDAF.pf
O45 - LFCP:[MD5.2B7FDCF5B9A9BC76216CD81D433C2C73] - 22/02/2013 - 19:49:32 ---A- - C:\Windows\Prefetch\VLC-1.1.11-WIN32-SFR12(3).EXE-E1A2C470.pf
O45 - LFCP:[MD5.80344D523F7A347DA018DEE63F5AE45A] - 22/02/2013 - 19:49:50 ---A- - C:\Windows\Prefetch\VLC-CACHE-GEN.EXE-B13F780B.pf
O45 - LFCP:[MD5.290601A924F4CB1127928A500B5B39D8] - 22/02/2013 - 19:50:03 ---A- - C:\Windows\Prefetch\VLC.EXE-F1ED81B3.pf
O45 - LFCP:[MD5.D026853E469E711BAA45B8DD3998897A] - 24/02/2013 - 22:29:12 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-39AABA37.pf
O45 - LFCP:[MD5.7A58351610B48CE869BD6FAA538F603D] - 24/02/2013 - 22:31:06 ---A- - C:\Windows\Prefetch\HPPU.EXE-52E9C521.pf
O45 - LFCP:[MD5.BC94127E9DC3C353F8BC82A4F2CD8882] - 24/02/2013 - 22:53:55 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-B4940439.pf
O45 - LFCP:[MD5.EE90200E75ED9C511916DC5750A73CFA] - 24/02/2013 - 22:54:32 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-9178D9A9.pf
O45 - LFCP:[MD5.021C95FDB3401628FA340F8784B91EC1] - 24/02/2013 - 22:58:02 ---A- - C:\Windows\Prefetch\ADAWARE_INSTALLER.EXE-B8A28875.pf
O45 - LFCP:[MD5.6D2E806CA618AE4B59F0EC2296EB0954] - 24/02/2013 - 22:58:25 ---A- - C:\Windows\Prefetch\F1590CC6-776A-4463-9291-7D67D-C1A8D23D.pf
O45 - LFCP:[MD5.907C7F5B8DD09BC88C2340FD5D4FE584] - 24/02/2013 - 23:00:18 ---A- - C:\Windows\Prefetch\TOOLBARCLEANERSETUP.EXE-8527EDA4.pf
O45 - LFCP:[MD5.B97915DFFDDAE31E8F5497E0F3CE8E44] - 24/02/2013 - 23:00:21 ---A- - C:\Windows\Prefetch\2F6FF1CF-DD0B-4C52-8EEA-7A200-ED3A1042.pf
O45 - LFCP:[MD5.7018D1407C747C80C8A0648697F99E86] - 24/02/2013 - 23:00:23 ---A- - C:\Windows\Prefetch\ADAWAREBROWSINGPROTECTION_SET-BD8CF4D9.pf
O45 - LFCP:[MD5.C1278DAF33B59A346CA47E74C0ACFB09] - 24/02/2013 - 23:02:31 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-08E78623.pf
O45 - LFCP:[MD5.39C15B505E8C8D390047602AE0131FAC] - 24/02/2013 - 23:03:10 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-4C1933AC.pf
O45 - LFCP:[MD5.0C39F1281761EECD9A155AECACC558C5] - 24/02/2013 - 23:03:11 ---A- - C:\Windows\Prefetch\CREDENTIALUIBROKER.EXE-E9F92FD0.pf
O45 - LFCP:[MD5.98A07059FCFF1C2652EAA3E343A9E5D8] - 24/02/2013 - 23:03:28 ---A- - C:\Windows\Prefetch\OPENWITH.EXE-BA0DC300.pf
O45 - LFCP:[MD5.411270D1980FB1E110AB98EE9831E18E] - 24/02/2013 - 23:04:30 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-5ECC1B9F.pf
O45 - LFCP:[MD5.EBA56AB2152F7BE280293E6426D49039] - 27/02/2013 - 16:49:36 ---A- - C:\Windows\Prefetch\AD-AWARE SECURITY ADD-ON UNIN-0FC457B2.pf
O45 - LFCP:[MD5.1BF97CFD67150A668EA0960F1DB38E13] - 27/02/2013 - 16:49:43 ---A- - C:\Windows\Prefetch\TOOLBAR CLEANER UNINSTALL.EXE-3F790444.pf
O45 - LFCP:[MD5.FF27AE468288EADD1817EDEA997B38B9] - 27/02/2013 - 17:02:05 ---A- - C:\Windows\Prefetch\AD-AWARE BROWSING PROTECTION -1799ADF9.pf
O45 - LFCP:[MD5.B7F25ABB264016BB89B081B78C4A53E9] - 27/02/2013 - 17:02:05 ---A- - C:\Windows\Prefetch\AU_.EXE-CB1D0634.pf
O45 - LFCP:[MD5.CA5272A214E5EABA1777CD4370F08926] - 27/02/2013 - 17:10:57 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-66DF21D5.pf
O45 - LFCP:[MD5.0BEEAAF6655676136BCEF0E712FAA498] - 27/02/2013 - 17:10:59 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-0697D2E0.pf
O45 - LFCP:[MD5.6F619746E564410242CE53464029CA56] - 27/02/2013 - 17:12:09 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-8162C2FA.pf
O45 - LFCP:[MD5.D3C238555E554776C5DBEB2687B3B9A3] - 27/02/2013 - 17:12:19 ---A- - C:\Windows\Prefetch\ZHPFIX.EXE-AFDB3DAC.pf
O45 - LFCP:[MD5.CBAD0918237269EDB23DD14EE932BDCB] - 27/02/2013 - 22:35:07 ---A- - C:\Windows\Prefetch\ROGUEKILLER.EXE-1162F6FC.pf
O45 - LFCP:[MD5.7BDE967B7E183369CE87D9CDBDE27C34] - 27/02/2013 - 22:52:55 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-F0516D55.pf
O45 - LFCP:[MD5.5A83FEA399AD3AF0AE56CA88E4309F68] - 27/02/2013 - 23:41:02 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-276AC160.pf
O45 - LFCP:[MD5.E5828235E7FF3F686DF52890920AADE4] - 28/02/2013 - 07:50:57 ---A- - C:\Windows\Prefetch\SDWELCOME.EXE-FA3DE6B8.pf
O45 - LFCP:[MD5.77C9EA30385A29EE3738995FEAC199DA] - 28/02/2013 - 07:50:58 ---A- - C:\Windows\Prefetch\SDUPDATE.EXE-2C43824B.pf
O45 - LFCP:[MD5.D21F3782A1746CA3ED6746ADA17448A0] - 28/02/2013 - 07:51:32 ---A- - C:\Windows\Prefetch\SDSCAN.EXE-0F32CACD.pf
O45 - LFCP:[MD5.EEF9DE7FB72261E8CAF1947E434731E8] - 28/02/2013 - 08:57:44 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-44194444.pf
O45 - LFCP:[MD5.EB1582ED103CE71E77ED933CB5D2DE22] - 28/02/2013 - 16:59:57 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-C894EFDF.pf
O45 - LFCP:[MD5.1AB0FEC11870DBBC2D5319CC15BB9109] - 28/02/2013 - 17:34:35 ---A- - C:\Windows\Prefetch\MALWAREBYTES-ANTI-MALWARE_MAL-2C024401.pf
O45 - LFCP:[MD5.93E978CE29AAF5FE9DE5A479E40D8B6A] - 28/02/2013 - 17:34:38 ---A- - C:\Windows\Prefetch\MALWAREBYTES-ANTI-MALWARE_MAL-3A0CE590.pf
O45 - LFCP:[MD5.439460A24864D46ED5898DA54E81F1C6] - 28/02/2013 - 17:35:43 ---A- - C:\Windows\Prefetch\MBAM.EXE-125A28F9.pf
O45 - LFCP:[MD5.214FB224D98B696621E26AA0BE524A75] - 28/02/2013 - 18:41:03 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-1A4CC1C3.pf
O45 - LFCP:[MD5.D75B40188815895F131DC2E9A8A5FF8E] - 28/02/2013 - 19:04:50 ---A- - C:\Windows\Prefetch\MSOO.EXE-C716B01E.pf
O45 - LFCP:[MD5.7AABA8485EDBC193138AB5727380E9AF] - 28/02/2013 - 23:37:17 ---A- - C:\Windows\Prefetch\HPSF.EXE-FF58409B.pf
O45 - LFCP:[MD5.A047B44F768A04A48DBA1D358460BF28] - 28/02/2013 - 23:39:10 ---A- - C:\Windows\Prefetch\MAP.EXE-64827744.pf
O45 - LFCP:[MD5.438C57701481871F12C30856A6752296] - 28/02/2013 - 23:39:48 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-2D7D5944.pf
~ Scan Prefetcher in 00mn 01s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" [Enabled] .(.Safer-Networking Ltd. - Update.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
~ Scan Keys in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll
~ Scan Keys in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s



---\\ MountPoints2 Shell Key (O51) (None)

---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53) (None)

---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.4F18D4C7EA14F11A7211F60D553C03DB] - 26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys   [106736]
~ Scan Drivers in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 01/03/2013 - 08:40:58 ---A- C:\Users\delphine\AppData\Local\Temp\7136cf11-f6e6-4668-823c-8241e767b3c4.xml   [5958]
O61 - LFC: 01/03/2013 - 08:50:48 ---A- C:\Users\delphine\AppData\Local\Packages\BrowserChoice_cw5n1h2txyewy\Settings\settings.dat   [8192]
O61 - LFC: 01/03/2013 - 08:52:18 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Map\88231679923a39b168ab1d22f2e82bc6\Map.ni.exe.aux   [7652]
O61 - LFC: 01/03/2013 - 08:52:19 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Map\88231679923a39b168ab1d22f2e82bc6\Map.ni.exe   [2900480]
O61 - LFC: 01/03/2013 - 08:52:39 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\155013cc4fad3f6ae9e48db9c4431f74\Platform.ni.dll   [3164672]
O61 - LFC: 01/03/2013 - 08:52:39 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\155013cc4fad3f6ae9e48db9c4431f74\Platform.ni.dll.aux   [6900]
O61 - LFC: 01/03/2013 - 08:52:41 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Bing.Maps\af9736f99260caba58d960476aca62c4\Bing.Maps.ni.dll   [377856]
O61 - LFC: 01/03/2013 - 08:52:41 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Bing.Maps\af9736f99260caba58d960476aca62c4\Bing.Maps.ni.dll.aux   [2036]
O61 - LFC: 01/03/2013 - 12:53:17 ---A- C:\Users\delphine\AppData\Local\Temp\155a334c-907d-4ec9-bbcc-ef60811d46b6.xml   [5958]
O61 - LFC: 01/03/2013 - 16:57:00 ---A- C:\Users\delphine\AppData\Local\Temp\7605ec15-2cbf-4511-b348-e70bf44eee5c.xml   [5958]
O61 - LFC: 01/03/2013 - 17:05:27 ---A- C:\Users\delphine\AppData\Roaming\Ad-Aware Antivirus\definitions-date.xml   [256]
O61 - LFC: 01/03/2013 - 17:05:27 ---A- C:\Users\delphine\AppData\Roaming\Ad-Aware Antivirus\gaming-mode.xml   [64]
O61 - LFC: 01/03/2013 - 17:05:27 ---A- C:\Users\delphine\AppData\Roaming\Ad-Aware Antivirus\id-watch-dog.xml   [352]
O61 - LFC: 01/03/2013 - 17:05:27 ---A- C:\Users\delphine\AppData\Roaming\Ad-Aware Antivirus\language.xml   [128]
O61 - LFC: 01/03/2013 - 17:05:27 ---A- C:\Users\delphine\AppData\Roaming\Ad-Aware Antivirus\protection-status.xml   [96]
O61 - LFC: 01/03/2013 - 17:05:27 ---A- C:\Users\delphine\AppData\Roaming\Ad-Aware Antivirus\update-parameters.xml   [96]
O61 - LFC: 01/03/2013 - 17:05:28 ---A- C:\Users\delphine\AppData\Roaming\Ad-Aware Antivirus\application-settings.xml   [448]
O61 - LFC: 01/03/2013 - 17:05:42 ---A- C:\Users\delphine\AppData\Roaming\LavasoftStatistics\adaware.xml   [1024]
O61 - LFC: 01/03/2013 - 17:05:59 ---A- C:\Users\delphine\AppData\Local\Temp\MSIebf27.LOG   [820940]
O61 - LFC: 01/03/2013 - 17:39:26 ---A- C:\Users\delphine\AppData\Local\Temp\flyer-surete.pdf   [1553569]
O61 - LFC: 01/03/2013 - 18:31:03 ---A- C:\Users\delphine\Downloads\avast_free_antivirus_setup.exe   [110539200]
O61 - LFC: 01/03/2013 - 18:33:55 ---A- C:\Users\delphine\AppData\Local\Temp\dd_vcredistMSI3CB7.txt   [438908]
O61 - LFC: 01/03/2013 - 18:33:55 ---A- C:\Users\delphine\AppData\Local\Temp\dd_vcredistUI3CB7.txt   [11630]
O61 - LFC: 01/03/2013 - 22:00:18 ---A- C:\Users\delphine\Downloads\adwcleaner.exe   [594019]
O61 - LFC: 01/03/2013 - 22:00:44 ---A- C:\Users\delphine\AppData\Local\Temp\~DF84C00780FAFD1A36.TMP   [32768]
O61 - LFC: 01/03/2013 - 22:07:17 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\Settings\settings.dat   [262144]
O61 - LFC: 01/03/2013 - 22:13:55 ---A- C:\Users\delphine\AppData\Local\Google\Chrome\User Data\Default\Preferences   [16991]
O61 - LFC: 01/03/2013 - 22:14:16 --HA- C:\Users\delphine\AppData\Local\IconCache.db   [180408]
O61 - LFC: 01/03/2013 - 22:15:37 ---A- C:\Users\delphine\AppData\Local\Notation\config.dat   [818]
O61 - LFC: 01/03/2013 - 22:15:53 ---A- C:\Users\delphine\AppData\Local\Notation\domains.dat   [197506]
O61 - LFC: 01/03/2013 - 22:41:13 ---A- C:\Users\delphine\Downloads\ZHPDiag2(1).exe   [5395373]
O61 - LFC: 26/02/2013 - 08:34:03 ---A- C:\Users\delphine\AppData\Local\Temp\bcc64c75-6331-4416-9e7c-2dbb07e8b57a.xml   [5958]
O61 - LFC: 26/02/2013 - 08:35:54 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226072330-f.list   [1182342]
O61 - LFC: 26/02/2013 - 08:43:04 ---A- C:\Users\delphine\AppData\Local\Packages\AD2F1837.HPConnectedPhotopoweredbySnapfish_v10z8vjag6ke6\Settings\settings.dat   [8192]
O61 - LFC: 26/02/2013 - 08:43:04 ---A- C:\Users\delphine\AppData\Local\Packages\AD2F1837.HPRegistration_v10z8vjag6ke6\Settings\settings.dat   [8192]
O61 - LFC: 26/02/2013 - 08:43:04 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 26/02/2013 - 08:43:05 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 26/02/2013 - 08:43:05 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 26/02/2013 - 08:43:06 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 26/02/2013 - 08:43:06 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Camera_8wekyb3d8bbwe\Settings\settings.dat   [262144]
O61 - LFC: 26/02/2013 - 08:43:06 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Media.PlayReadyClient_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 26/02/2013 - 08:43:07 ---A- C:\Users\delphine\AppData\Local\Packages\microsoft.microsoftskydrive_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 26/02/2013 - 08:43:08 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\Settings\settings.dat   [8192]
O61 - LFC: 26/02/2013 - 08:43:08 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.VCLibs.110.00_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 26/02/2013 - 08:43:08 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.VCLibs.110_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 26/02/2013 - 08:43:08 ---A- C:\Users\delphine\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 26/02/2013 - 08:43:09 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.WinJS.1.0.RC_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 26/02/2013 - 08:43:09 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.WinJS.1.0_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 26/02/2013 - 08:43:09 ---A- C:\Users\delphine\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\Settings\settings.dat   [262144]
O61 - LFC: 26/02/2013 - 08:43:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\Settings\settings.dat   [262144]
O61 - LFC: 26/02/2013 - 08:43:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\Settings\settings.dat   [262144]
O61 - LFC: 26/02/2013 - 08:43:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 26/02/2013 - 08:43:10 ---A- C:\Users\delphine\AppData\Local\Packages\SymantecCorporation.NortonStudio_v68kp9n051hdp\Settings\settings.dat   [8192]
O61 - LFC: 26/02/2013 - 08:43:11 ---A- C:\Users\delphine\AppData\Local\Packages\WinStore_cw5n1h2txyewy\Settings\settings.dat   [8192]
O61 - LFC: 26/02/2013 - 08:43:11 ---A- C:\Users\delphine\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\Settings\settings.dat   [8192]
O61 - LFC: 26/02/2013 - 09:51:29 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226082450-l.list   [1700]
O61 - LFC: 26/02/2013 - 09:51:29 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226082450-m.list   [0]
O61 - LFC: 26/02/2013 - 12:44:50 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226085535-l.list   [47]
O61 - LFC: 26/02/2013 - 12:44:50 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226085535-m.list   [0]
O61 - LFC: 26/02/2013 - 12:44:50 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226092622-l.list   [2080]
O61 - LFC: 26/02/2013 - 12:44:51 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226092622-m.list   [518]
O61 - LFC: 26/02/2013 - 12:44:51 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226095706-l.list   [3901]
O61 - LFC: 26/02/2013 - 12:44:51 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226095706-m.list   [0]
O61 - LFC: 26/02/2013 - 12:44:51 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226102751-l.list   [2178]
O61 - LFC: 26/02/2013 - 12:44:51 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226102751-m.list   [73]
O61 - LFC: 26/02/2013 - 12:44:51 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226105839-l.list   [3572]
O61 - LFC: 26/02/2013 - 12:44:52 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226105839-m.list   [0]
O61 - LFC: 26/02/2013 - 12:44:52 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226112925-l.list   [1696]
O61 - LFC: 26/02/2013 - 12:44:52 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226112925-m.list   [0]
O61 - LFC: 26/02/2013 - 13:09:53 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226120008-l.list   [448]
O61 - LFC: 26/02/2013 - 13:09:53 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226120008-m.list   [67]
O61 - LFC: 26/02/2013 - 13:34:55 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226123054-l.list   [1709]
O61 - LFC: 26/02/2013 - 13:34:55 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226123054-m.list   [937]
O61 - LFC: 26/02/2013 - 15:00:46 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226130144-l.list   [1093]
O61 - LFC: 26/02/2013 - 15:00:47 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226130144-m.list   [0]
O61 - LFC: 26/02/2013 - 15:00:47 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226133230-l.list   [2098]
O61 - LFC: 26/02/2013 - 15:00:47 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226133230-m.list   [289]
O61 - LFC: 26/02/2013 - 15:25:48 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226140316-l.list   [2485]
O61 - LFC: 26/02/2013 - 15:25:48 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226140316-m.list   [1803]
O61 - LFC: 26/02/2013 - 15:58:17 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226143403-l.list   [0]
O61 - LFC: 26/02/2013 - 15:58:17 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226143403-m.list   [53]
O61 - LFC: 26/02/2013 - 16:58:35 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226150449-l.list   [1751]
O61 - LFC: 26/02/2013 - 16:58:35 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226150449-m.list   [1339]
O61 - LFC: 26/02/2013 - 17:22:28 ---A- C:\Users\delphine\Downloads\ZHPDiag2.exe   [5406463]
O61 - LFC: 26/02/2013 - 17:23:36 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226160613-l.list   [3586]
O61 - LFC: 26/02/2013 - 17:23:36 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226160613-m.list   [26485]
O61 - LFC: 26/02/2013 - 18:49:08 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226170742-l.list   [3867]
O61 - LFC: 26/02/2013 - 18:49:08 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226170742-m.list   [6358]
O61 - LFC: 26/02/2013 - 19:37:43 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226180908-l.list   [18896]
O61 - LFC: 26/02/2013 - 19:37:44 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226180908-m.list   [7401]
O61 - LFC: 26/02/2013 - 20:41:07 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226183952-l.list   [34]
O61 - LFC: 26/02/2013 - 20:41:08 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226183952-m.list   [0]
O61 - LFC: 26/02/2013 - 20:41:08 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226191039-l.list   [6251]
O61 - LFC: 26/02/2013 - 20:41:08 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226191039-m.list   [9628]
O61 - LFC: 26/02/2013 - 21:22:40 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226201209-l.list   [4422]
O61 - LFC: 26/02/2013 - 21:22:40 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226201209-m.list   [7980]
O61 - LFC: 27/02/2013 - 08:24:01 ---A- C:\Users\delphine\Links\Desktop.lnk   [482]
O61 - LFC: 27/02/2013 - 08:24:01 ---A- C:\Users\delphine\Links\Downloads.lnk   [945]
O61 - LFC: 27/02/2013 - 08:24:01 ---A- C:\Users\delphine\Links\RecentPlaces.lnk   [383]
O61 - LFC: 27/02/2013 - 08:24:28 ---A- C:\Users\delphine\AppData\Local\Temp\915dfca5-507b-4dcc-9957-fafa17ff415b.xml   [5958]
O61 - LFC: 27/02/2013 - 08:26:30 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226211336-l.list   [7885]
O61 - LFC: 27/02/2013 - 08:26:30 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226211336-m.list   [3562]
O61 - LFC: 27/02/2013 - 08:26:30 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226221458-l.list   [6407]
O61 - LFC: 27/02/2013 - 08:26:31 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226221458-m.list   [5416]
O61 - LFC: 27/02/2013 - 08:26:31 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226231622-l.list   [3198]
O61 - LFC: 27/02/2013 - 08:26:31 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130226231622-m.list   [5110]
O61 - LFC: 27/02/2013 - 08:26:31 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227001749-l.list   [4540]
O61 - LFC: 27/02/2013 - 08:26:31 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227001749-m.list   [7508]
O61 - LFC: 27/02/2013 - 08:26:31 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227011919-l.list   [3442]
O61 - LFC: 27/02/2013 - 08:26:32 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227011919-m.list   [3989]
O61 - LFC: 27/02/2013 - 08:26:32 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227022049-l.list   [1604]
O61 - LFC: 27/02/2013 - 08:26:32 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227022049-m.list   [0]
O61 - LFC: 27/02/2013 - 08:26:32 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227032213-l.list   [2545]
O61 - LFC: 27/02/2013 - 08:26:32 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227032213-m.list   [474]
O61 - LFC: 27/02/2013 - 08:26:32 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227035302-l.list   [0]
O61 - LFC: 27/02/2013 - 08:26:33 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227035302-m.list   [68]
O61 - LFC: 27/02/2013 - 08:26:33 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227042352-l.list   [2981]
O61 - LFC: 27/02/2013 - 08:26:33 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227042352-m.list   [1847]
O61 - LFC: 27/02/2013 - 08:26:33 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227052525-l.list   [2449]
O61 - LFC: 27/02/2013 - 08:26:33 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227052525-m.list   [1102]
O61 - LFC: 27/02/2013 - 08:26:34 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227062646-l.list   [4283]
O61 - LFC: 27/02/2013 - 08:26:34 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227062646-m.list   [394]
O61 - LFC: 27/02/2013 - 08:53:16 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227072933-l.list   [2583]
O61 - LFC: 27/02/2013 - 08:53:16 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227072933-m.list   [0]
O61 - LFC: 27/02/2013 - 12:35:19 ---A- C:\Users\delphine\AppData\Local\Temp\4eccbc54-2fbe-41e5-ac68-5320659d9fe8.xml   [5958]
O61 - LFC: 27/02/2013 - 12:37:11 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227083050-l.list   [3286]
O61 - LFC: 27/02/2013 - 12:37:12 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227083050-m.list   [2046]
O61 - LFC: 27/02/2013 - 12:37:12 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227093210-l.list   [8000]
O61 - LFC: 27/02/2013 - 12:37:12 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227093210-m.list   [1859]
O61 - LFC: 27/02/2013 - 12:37:12 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227100251-l.list   [1488]
O61 - LFC: 27/02/2013 - 12:37:12 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227100251-m.list   [462]
O61 - LFC: 27/02/2013 - 12:37:12 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227103337-l.list   [115]
O61 - LFC: 27/02/2013 - 12:37:13 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227103337-m.list   [0]
O61 - LFC: 27/02/2013 - 12:37:13 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227110420-l.list   [1973]
O61 - LFC: 27/02/2013 - 12:37:13 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227110420-m.list   [0]
O61 - LFC: 27/02/2013 - 16:02:36 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227113502-l.list   [549]
O61 - LFC: 27/02/2013 - 16:02:36 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227113502-m.list   [122]
O61 - LFC: 27/02/2013 - 16:02:36 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227120545-l.list   [1714]
O61 - LFC: 27/02/2013 - 16:02:36 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227120545-m.list   [0]
O61 - LFC: 27/02/2013 - 16:02:36 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227123628-l.list   [1301]
O61 - LFC: 27/02/2013 - 16:02:36 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227123628-m.list   [150]
O61 - LFC: 27/02/2013 - 16:02:37 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227130711-l.list   [896]
O61 - LFC: 27/02/2013 - 16:02:37 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227130711-m.list   [1250]
O61 - LFC: 27/02/2013 - 16:02:37 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227133756-l.list   [1561]
O61 - LFC: 27/02/2013 - 16:02:37 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227133756-m.list   [0]
O61 - LFC: 27/02/2013 - 16:02:37 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227140840-l.list   [1517]
O61 - LFC: 27/02/2013 - 16:02:37 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227140840-m.list   [119]
O61 - LFC: 27/02/2013 - 16:02:38 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227143925-l.list   [4386]
O61 - LFC: 27/02/2013 - 16:02:38 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227143925-m.list   [13351]
O61 - LFC: 27/02/2013 - 16:43:50 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227151015-l.list   [2010]
O61 - LFC: 27/02/2013 - 16:43:50 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227151015-m.list   [2590]
O61 - LFC: 27/02/2013 - 16:49:53 ---A- C:\Users\delphine\AppData\Local\Temp\adawaretb_Uninstall_Log.txt   [1461]
O61 - LFC: 27/02/2013 - 17:00:30 ---A- C:\Users\delphine\AppData\Local\Temp\40ad9ea4-c1ec-4815-8ff3-4755106f849a.xml   [5958]
O61 - LFC: 27/02/2013 - 17:01:50 ---A- C:\Users\delphine\AppData\Local\Temp\MSI25941.LOG   [21952]
O61 - LFC: 27/02/2013 - 17:02:28 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227154103-l.list   [1789]
O61 - LFC: 27/02/2013 - 17:02:28 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227154103-m.list   [62]
O61 - LFC: 27/02/2013 - 17:09:03 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\LocalState\MRU\{3E083145-3BA8-48E3-8900-909B6F874B83}\Thumbnail   [20227]
O61 - LFC: 27/02/2013 - 17:27:33 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227161147-l.list   [1011]
O61 - LFC: 27/02/2013 - 17:27:33 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227161147-m.list   [2508]
O61 - LFC: 27/02/2013 - 17:52:35 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227164235-l.list   [1226]
O61 - LFC: 27/02/2013 - 17:52:35 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227164235-m.list   [1274]
O61 - LFC: 27/02/2013 - 18:33:02 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227171317-l.list   [886]
O61 - LFC: 27/02/2013 - 18:33:02 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227171317-m.list   [8216]
O61 - LFC: 27/02/2013 - 18:58:05 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227174353-l.list   [2436]
O61 - LFC: 27/02/2013 - 18:58:05 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227174353-m.list   [0]
O61 - LFC: 27/02/2013 - 20:07:54 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227181433-l.list   [1026]
O61 - LFC: 27/02/2013 - 20:07:54 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227181433-m.list   [4061]
O61 - LFC: 27/02/2013 - 20:07:54 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227184509-l.list   [8888]
O61 - LFC: 27/02/2013 - 20:07:55 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227184509-m.list   [770]
O61 - LFC: 27/02/2013 - 20:32:58 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227191546-l.list   [1436]
O61 - LFC: 27/02/2013 - 20:32:58 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227191546-m.list   [8684]
O61 - LFC: 27/02/2013 - 21:22:26 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227194624-l.list   [1101]
O61 - LFC: 27/02/2013 - 21:22:26 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227194624-m.list   [1202]
O61 - LFC: 27/02/2013 - 22:32:12 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227201707-l.list   [2160]
O61 - LFC: 27/02/2013 - 22:32:14 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227201707-m.list   [30390]
O61 - LFC: 27/02/2013 - 22:32:14 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227204756-l.list   [2745]
O61 - LFC: 27/02/2013 - 22:32:15 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227204756-m.list   [249]
O61 - LFC: 27/02/2013 - 22:32:15 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227211848-l.list   [1263]
O61 - LFC: 27/02/2013 - 22:32:15 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227211848-m.list   [2959]
O61 - LFC: 27/02/2013 - 22:34:33 ---A- C:\Users\delphine\Downloads\RogueKiller.exe   [816640]
O61 - LFC: 27/02/2013 - 22:47:23 ---A- C:\Users\delphine\AppData\Local\Temp\dump.dat   [2052096]
O61 - LFC: 27/02/2013 - 22:57:17 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227214937-l.list   [2811]
O61 - LFC: 27/02/2013 - 22:57:17 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227214937-m.list   [1390]
O61 - LFC: 27/02/2013 - 23:12:01 ---A- C:\Users\delphine\AppData\Local\Temp\MSI25942.LOG   [114666]
O61 - LFC: 27/02/2013 - 23:47:20 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227222023-l.list   [1705]
O61 - LFC: 27/02/2013 - 23:47:20 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227222023-m.list   [3066]
O61 - LFC: 28/02/2013 - 00:12:29 ---A- C:\Users\delphine\AppData\Local\Packages\SymantecCorporation.NortonStudio_v68kp9n051hdp\LocalState\distrptrInfo.dat   [3072]
O61 - LFC: 28/02/2013 - 00:12:43 ---A- C:\Users\delphine\AppData\Local\Packages\SymantecCorporation.NortonStudio_v68kp9n051hdp\LocalState\distrptr.dat   [2048]
O61 - LFC: 28/02/2013 - 07:22:22 ---A- C:\Users\delphine\AppData\Local\adawarebp\catalog.list   [28093]
O61 - LFC: 28/02/2013 - 07:22:22 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227225115-l.list   [5680]
O61 - LFC: 28/02/2013 - 07:22:22 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227225115-m.list   [35]
O61 - LFC: 28/02/2013 - 07:22:23 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227232205-l.list   [1682]
O61 - LFC: 28/02/2013 - 07:22:23 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227232205-m.list   [5403]
O61 - LFC: 28/02/2013 - 07:22:23 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227235252-l.list   [1615]
O61 - LFC: 28/02/2013 - 07:22:23 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130227235252-m.list   [858]
O61 - LFC: 28/02/2013 - 07:22:23 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228002339-l.list   [2698]
O61 - LFC: 28/02/2013 - 07:22:23 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228002339-m.list   [1827]
O61 - LFC: 28/02/2013 - 07:22:24 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228005425-l.list   [744]
O61 - LFC: 28/02/2013 - 07:22:24 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228005425-m.list   [906]
O61 - LFC: 28/02/2013 - 07:22:24 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228012510-l.list   [2704]
O61 - LFC: 28/02/2013 - 07:22:24 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228012510-m.list   [1051]
O61 - LFC: 28/02/2013 - 07:22:24 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228015558-l.list   [1868]
O61 - LFC: 28/02/2013 - 07:22:24 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228015558-m.list   [49]
O61 - LFC: 28/02/2013 - 07:22:25 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228022646-l.list   [2124]
O61 - LFC: 28/02/2013 - 07:22:25 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228022646-m.list   [632]
O61 - LFC: 28/02/2013 - 07:22:25 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228025734-l.list   [138]
O61 - LFC: 28/02/2013 - 07:22:25 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228025734-m.list   [865]
O61 - LFC: 28/02/2013 - 07:22:26 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228032823-l.list   [2130]
O61 - LFC: 28/02/2013 - 07:22:26 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228032823-m.list   [1926]
O61 - LFC: 28/02/2013 - 07:22:26 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228035915-l.list   [741]
O61 - LFC: 28/02/2013 - 07:22:26 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228035915-m.list   [843]
O61 - LFC: 28/02/2013 - 07:22:26 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228043005-l.list   [1027]
O61 - LFC: 28/02/2013 - 07:22:26 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228043005-m.list   [1381]
O61 - LFC: 28/02/2013 - 07:22:27 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228050054-l.list   [6666]
O61 - LFC: 28/02/2013 - 07:22:27 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228050054-m.list   [681]
O61 - LFC: 28/02/2013 - 07:22:27 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228053138-l.list   [1010]
O61 - LFC: 28/02/2013 - 07:22:27 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228053138-m.list   [81]
O61 - LFC: 28/02/2013 - 07:22:27 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228060223-l.list   [259]
O61 - LFC: 28/02/2013 - 07:22:27 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\130228060223-m.list   [0]
O61 - LFC: 28/02/2013 - 07:22:27 ---A- C:\Users\delphine\AppData\Local\adawarebp\data\temp.zip   [164]
O61 - LFC: 28/02/2013 - 07:26:58 ---A- C:\Users\delphine\Downloads\mbam-setup-1.70.0.1100.exe   [10156344]
O61 - LFC: 28/02/2013 - 07:31:41 ---A- C:\Users\delphine\Downloads\mbam-setup-1.70.0.1100(1).exe   [10156344]
O61 - LFC: 28/02/2013 - 07:35:03 ---A- C:\Users\delphine\Downloads\malwarebytes-anti-malware_malwarebytes_anti-malware_1.70.0.1100_francais_215092.exe   [10156344]
O61 - LFC: 28/02/2013 - 07:41:04 ---A- C:\Users\delphine\AppData\Local\Temp\4569c333-7371-42db-ad91-8e16c4d2e772.xml   [5958]
O61 - LFC: 28/02/2013 - 08:58:15 ---A- C:\Users\delphine\AppData\Local\Temp\58a0d4bb-9c20-4967-a257-603e11ea11bb.xml   [5958]
O61 - LFC: 28/02/2013 - 16:57:45 ---A- C:\Users\delphine\AppData\Local\Temp\a90705db-b9dd-4484-83f4-9e353f0d1554.xml   [5958]
O61 - LFC: 28/02/2013 - 18:40:52 ---A- C:\Users\delphine\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2013-02-28 (17-35-47).txt   [2460]
O61 - LFC: 28/02/2013 - 18:40:52 ---A- C:\Users\delphine\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\1979964467.data   [735]
O61 - LFC: 28/02/2013 - 18:40:52 ---A- C:\Users\delphine\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\1979964467.quar   [3662]
O61 - LFC: 28/02/2013 - 18:40:52 ---A- C:\Users\delphine\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\6380025068.data   [720]
O61 - LFC: 28/02/2013 - 22:15:42 ---A- C:\Users\delphine\Documents\ZHPDiag 28.02   [166896]
O61 - LFC: 28/02/2013 - 22:16:44 ---A- C:\Users\delphine\Documents\ZHPDiag.Txt   [166896]
O61 - LFC: 28/02/2013 - 23:37:49 ---A- C:\Users\delphine\AppData\Roaming\Hewlett-Packard\HP Support Framework\cee\964398682.cee   [1706]
O61 - LFC: 28/02/2013 - 23:39:04 -SHA- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\container.dat   [0]
O61 - LFC: 28/02/2013 - 23:39:04 -SHA- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCookies\container.dat   [0]
O61 - LFC: 28/02/2013 - 23:39:09 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\Q2D6MC0V\Log[1].json   [131]
O61 - LFC: 28/02/2013 - 23:39:09 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\Q2D6MC0V\mapconfiguration[1].json   [76]
O61 - LFC: 28/02/2013 - 23:39:09 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\General\1XwarVDvfk4   [131]
O61 - LFC: 28/02/2013 - 23:39:09 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\General\XVKY3ftusPd   [76]
O61 - LFC: 28/02/2013 - 23:39:09 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\index.2   [145]
O61 - LFC: 28/02/2013 - 23:39:09 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\index.ext   [1]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\9WCA0KGN\03130[1].jpg   [671]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\9WCA0KGN\03132[1].jpg   [671]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\9WCA0KGN\03133[1].jpg   [9987]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\9WCA0KGN\r0[1].jpg   [8247]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\9WCA0KGN\r1[1].jpg   [7632]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\9WCA0KGN\r2[1].jpg   [4451]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\AZ3LCTXD\03310[1].jpg   [2317]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\AZ3LCTXD\gen[1].txt   [4]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\G6LMYR5K\03131[1].jpg   [14742]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\G6LMYR5K\12020[1].jpg   [17893]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\G6LMYR5K\12022[1].jpg   [17992]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\G6LMYR5K\12200[1].jpg   [7482]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\G6LMYR5K\a0[1].jpg   [12242]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\G6LMYR5K\a1[1].jpg   [12280]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\G6LMYR5K\a2[1].jpg   [6818]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\G6LMYR5K\a3[1].jpg   [7314]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\G6LMYR5K\r3[1].jpg   [4042]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\Windows\1036\StructuredQuerySchema.bin   [361866]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\General\-YnD8eIab1b   [7314]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\General\6VHyt9cvm17   [8247]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\General\72bPE4mSYfa   [4]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\General\EVALCJJoXL7   [12280]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\General\dUkGksj4Bz2   [4042]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\General\j5-OD0Y7Acc   [7632]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\General\ptU2R6ou4Ob   [6818]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\General\rxVp1M2c9Ze   [12242]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\General\wa5aJrwYjhd   [4451]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\g\d\c.1   [671]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\g\d\d.1   [14742]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\g\d\e.1   [671]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\g\d\f.1   [9987]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\h\8\a.1   [17992]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\h\a\0.1   [7482]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Tiles\h0.tile   [12242]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Tiles\h1.tile   [12280]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Tiles\h2.tile   [6818]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Tiles\h3.tile   [7314]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Tiles\r0.tile   [8247]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Tiles\r1.tile   [7632]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Tiles\r2.tile   [4451]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Tiles\r3.tile   [4042]
O61 - LFC: 28/02/2013 - 23:39:10 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\mapcontrol.settings   [2697]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\AZ3LCTXD\03103[1].jpg   [671]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\AZ3LCTXD\12012[1].jpg   [18406]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\AZ3LCTXD\12030[1].jpg   [17296]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\AZ3LCTXD\32[1].xml   [1057]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\G6LMYR5K\03311[1].jpg   [15632]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\G6LMYR5K\12032[1].jpg   [19141]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\Q2D6MC0V\03112[1].jpg   [671]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\Q2D6MC0V\03113[1].jpg   [5357]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\Q2D6MC0V\03121[1].jpg   [2299]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\Q2D6MC0V\03123[1].jpg   [671]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\Q2D6MC0V\03301[1].jpg   [2435]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\Q2D6MC0V\12002[1].jpg   [11586]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\Q2D6MC0V\12003[1].jpg   [17232]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\Q2D6MC0V\12021[1].jpg   [20258]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\Q2D6MC0V\12023[1].jpg   [23910]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\Q2D6MC0V\12201[1].jpg   [10167]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\Q2D6MC0V\12210[1].jpg   [13237]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\General\A2mmKQ3UoF4   [1057]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\g\d\3.1   [671]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\g\d\6.1   [671]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\g\d\7.1   [5357]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\g\d\9.1   [2299]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\g\d\b.1   [671]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\g\f\1.1   [2435]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\g\f\4.1   [2317]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\g\f\5.1   [15632]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\h\8\2.1   [11586]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\h\8\3.1   [17232]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\h\8\6.1   [18406]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\h\8\8.1   [17893]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\h\8\9.1   [20258]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\h\8\b.1   [23910]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\h\8\c.1   [17296]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\h\8\e.1   [19141]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\h\a\1.1   [10167]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\h\a\4.1   [13237]
O61 - LFC: 28/02/2013 - 23:39:11 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Cache\cacheConfigurationCache\16a4372e-a3b2-4cf8-bf1b-ad4113118cf6   [7681]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\9WCA0KGN\00[1].jpg   [6565]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\9WCA0KGN\10[1].jpg   [4635]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\9WCA0KGN\11[1].jpg   [3503]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\9WCA0KGN\20[1].jpg   [2272]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\9WCA0KGN\31[1].jpg   [5005]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\AZ3LCTXD\02[1].jpg   [6259]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\AZ3LCTXD\03[1].jpg   [8357]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\AZ3LCTXD\12[1].jpg   [13338]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\AZ3LCTXD\13[1].jpg   [7759]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\AZ3LCTXD\21[1].jpg   [6360]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\AZ3LCTXD\30[1].jpg   [4463]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\G6LMYR5K\01[1].jpg   [8254]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache\G6LMYR5K\logging[1].gif   [42]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\General\0h53gtL4w84   [42]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\0.1   [6565]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\1.1   [8254]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\2.1   [6259]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\3.1   [8357]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\4.1   [4635]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\5.1   [3503]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\6.1   [13338]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\7.1   [7759]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\8.1   [2272]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\9.1   [6360]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\c.1   [4463]
O61 - LFC: 28/02/2013 - 23:39:12 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Bing.Maps\Cache\QuadKey\d.1   [5005]
O61 - LFC: 28/02/2013 - 23:39:17 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\Cache\cacheConfigurationCache\_CacheMetadata.bin   [463]
O61 - LFC: 28/02/2013 - 23:39:17 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\LocalState\InstrumentationData.xml   [1567]
O61 - LFC: 28/02/2013 - 23:39:17 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 28/02/2013 - 23:39:39 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\AppCache\7LVI4E0G\1\appcache[1].man   [212]
O61 - LFC: 28/02/2013 - 23:39:39 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\AntiPhishing\F71AC160-5697-488E-9316-577764070735.dat   [151000]
O61 - LFC: 28/02/2013 - 23:39:39 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\DJBQ0JUM\ig[1].htm   [77]
O61 - LFC: 28/02/2013 - 23:39:39 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\E9OYEF4P\l[1].gif   [42]
O61 - LFC: 28/02/2013 - 23:39:39 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\LJ51MOS1\HPImageArchive[1].xml   [17494]
O61 - LFC: 28/02/2013 - 23:39:39 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\LJ51MOS1\w8v8[1].png   [7201]
O61 - LFC: 28/02/2013 - 23:39:39 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\THEVV54X\SearchBar[1].htm   [53191]
O61 - LFC: 28/02/2013 - 23:39:39 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\THEVV54X\proxy[1].htm   [7086]
O61 - LFC: 28/02/2013 - 23:39:39 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCookies\0PCKBK9J.txt   [223]
O61 - LFC: 28/02/2013 - 23:39:39 -SHA- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\AppCache\7LVI4E0G\1\container.dat   [0]
O61 - LFC: 28/02/2013 - 23:39:40 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\AppCache\7LVI4E0G\1\SearchBar[1].htm   [53191]
O61 - LFC: 28/02/2013 - 23:39:40 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\AppCache\7LVI4E0G\1\w8v8[1].png   [7201]
O61 - LFC: 28/02/2013 - 23:39:40 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\DJBQ0JUM\MasaiMaraElephants_FR-FR8326253697_1366x768[1].jpg   [84443]
O61 - LFC: 28/02/2013 - 23:39:40 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\DJBQ0JUM\MasaiMaraElephants_FR-FR8326253697_768x1366[1].jpg   [71781]
O61 - LFC: 28/02/2013 - 23:39:40 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\E9OYEF4P\config[1].json   [183]
O61 - LFC: 28/02/2013 - 23:39:40 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\THEVV54X\manifest[1]   [212]
O61 - LFC: 28/02/2013 - 23:39:40 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\LocalState\landscape0.jpg   [84443]
O61 - LFC: 28/02/2013 - 23:39:40 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\LocalState\portrait0.jpg   [71781]
O61 - LFC: 28/02/2013 - 23:39:41 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\E9OYEF4P\AcadiaNP_FR-FR8450803240_1366x768[1].jpg   [173158]
O61 - LFC: 28/02/2013 - 23:39:41 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\E9OYEF4P\AcadiaNP_FR-FR8450803240_768x1366[1].jpg   [166051]
O61 - LFC: 28/02/2013 - 23:39:41 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\E9OYEF4P\GLinkPing[1].gif   [42]
O61 - LFC: 28/02/2013 - 23:39:41 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\LJ51MOS1\MentonParvis_FR-FR6926589558_1366x768[1].jpg   [190857]
O61 - LFC: 28/02/2013 - 23:39:41 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\LJ51MOS1\MentonParvis_FR-FR6926589558_768x1366[1].jpg   [202684]
O61 - LFC: 28/02/2013 - 23:39:41 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCookies\8SVL5K26.txt   [73]
O61 - LFC: 28/02/2013 - 23:39:41 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCookies\B5I524UA.txt   [210]
O61 - LFC: 28/02/2013 - 23:39:41 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCookies\ELUAF40O.txt   [124]
O61 - LFC: 28/02/2013 - 23:39:41 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCookies\EQE26UOO.txt   [102]
O61 - LFC: 28/02/2013 - 23:39:41 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCookies\T6ID8M15.txt   [310]
O61 - LFC: 28/02/2013 - 23:39:41 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\LocalState\landscape1.jpg   [190857]
O61 - LFC: 28/02/2013 - 23:39:41 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\LocalState\landscape2.jpg   [173158]
O61 - LFC: 28/02/2013 - 23:39:41 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\LocalState\portrait1.jpg   [202684]
O61 - LFC: 28/02/2013 - 23:39:41 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\LocalState\portrait2.jpg   [166051]
O61 - LFC: 28/02/2013 - 23:39:42 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\THEVV54X\EgretsFishing_FR-FR9638582712_1366x768[1].jpg   [146038]
O61 - LFC: 28/02/2013 - 23:39:42 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\THEVV54X\EgretsFishing_FR-FR9638582712_768x1366[1].jpg   [112394]
O61 - LFC: 28/02/2013 - 23:39:42 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\LocalState\landscape3.jpg   [146038]
O61 - LFC: 28/02/2013 - 23:39:42 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\LocalState\portrait3.jpg   [112394]
O61 - LFC: 28/02/2013 - 23:39:43 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\DJBQ0JUM\HuangshanMountains_FR-FR5905484191_1366x768[1].jpg   [212220]
O61 - LFC: 28/02/2013 - 23:39:43 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\DJBQ0JUM\HuangshanMountains_FR-FR5905484191_768x1366[1].jpg   [182209]
O61 - LFC: 28/02/2013 - 23:39:43 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\LJ51MOS1\PolarBearCA_FR-FR8224160861_1366x768[1].jpg   [107039]
O61 - LFC: 28/02/2013 - 23:39:43 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\LJ51MOS1\PolarBearCA_FR-FR8224160861_768x1366[1].jpg   [128063]
O61 - LFC: 28/02/2013 - 23:39:43 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\LocalState\landscape4.jpg   [212220]
O61 - LFC: 28/02/2013 - 23:39:43 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\LocalState\landscape5.jpg   [107039]
O61 - LFC: 28/02/2013 - 23:39:43 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\LocalState\portrait4.jpg   [182209]
O61 - LFC: 28/02/2013 - 23:39:43 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\LocalState\portrait5.jpg   [128063]
O61 - LFC: 28/02/2013 - 23:39:44 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\THEVV54X\QuesillocochaLake_FR-FR9226795655_1366x768[1].jpg   [193536]
O61 - LFC: 28/02/2013 - 23:39:44 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\AC\INetCache\THEVV54X\QuesillocochaLake_FR-FR9226795655_768x1366[1].jpg   [185239]
O61 - LFC: 28/02/2013 - 23:39:44 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\LocalState\hpsettings.js   [11070]
O61 - LFC: 28/02/2013 - 23:39:44 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\LocalState\landscape6.jpg   [193536]
O61 - LFC: 28/02/2013 - 23:39:44 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\LocalState\portrait6.jpg   [185239]
O61 - LFC: 28/02/2013 - 23:40:09 ---A- C:\Users\delphine\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\Settings\settings.dat   [8192]
~ Scan Files in 00mn 02s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.3.5 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {03A490E3-13BC-4FAD-8CFD-56B606A1E09F} - (Propositions de recherche Amazon.fr) - http://www.amazon.fr
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {b7fca997-d0fb-4fe0-8afd-255e89cf9671} - (Yahoo) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {D944BB61-2E34-4DBF-A683-47E505C587DC} - (eBay) - http://rover.ebay.com
~ Scan Keys in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [190976]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [149504]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [149504]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [309248]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [1366016]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [1071104]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [99840]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll   [358400]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [107520]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [62976]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [438784]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [305664]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [3345920]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [826368]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [565760]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [894464]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [69632]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [151552]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [105472]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [1282560]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [219648]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [80896]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [209920]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [291328]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [190976]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll   [1964544]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [47104]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll   [207872]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll   [161792]
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll   [178176]
~ Scan Services in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.702BF5138F248D8529F5A6EFCE998AE3] [SPRF][24/02/2013] (.Lavasoft - Ad-Aware Security Add-on Installer.) -- C:\Users\delphine\AppData\Local\Temp\2f6ff1cf-dd0b-4c52-8eea-7a20001a5716.exe   [3134432]
[MD5.CE7284B8D5802BC5447E1EE68092216B] [SPRF][27/02/2013] (...) -- C:\Users\delphine\AppData\Local\Temp\dump.dat   [2052096]
[MD5.171F1BB73D0238A7A56126D3459ECDCD] [SPRF][15/10/2008] (...) -- C:\Users\delphine\AppData\Local\Temp\Extract.exe   [50432]
[MD5.D87BD083E7EDED4AE19E5C6DB43CF23E] [SPRF][24/02/2013] (.Lavasoft Limited - AdAware Installer.) -- C:\Users\delphine\AppData\Local\Temp\f1590cc6-776a-4463-9291-7d67d046d45f.exe   [5554312]
[MD5.800B950064D029EB49E8C6809FD8DB79] [SPRF][02/02/2013] (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller 11.5 r502.) -- C:\Users\delphine\AppData\Local\Temp\fp_pl_pfs_installer.exe   [16369160]
[MD5.E5151D14349EB491A03EB57688315476] [SPRF][03/02/2013] (.Hewlett-Packard - HP UEFI Support Environment.) -- C:\Users\delphine\AppData\Local\Temp\SP58404.exe   [2744224]
[MD5.21E9A7AC58C5426C9EF4589054662B40] [SPRF][02/02/2013] (.Hewlett-Packard - Pas de description.) -- C:\Users\delphine\AppData\Local\Temp\SP58423.exe   [9961952]
[MD5.4F4CCBC7A75A65C46CEDD7DE66C5570D] [SPRF][02/02/2013] (.Hewlett-Packard Company - HP Software Framework provides a common set of software inte.) -- C:\Users\delphine\AppData\Local\Temp\SP59202.exe   [7406272]
[MD5.FF2D9C7E322809BCAA0A20E26DC8F5B8] [SPRF][02/02/2013] (.Hewlett-Packard - Pas de description.) -- C:\Users\delphine\AppData\Local\Temp\SP59835.exe   [2803704]
[MD5.FBAD50C44E3D8F08006086AE20F2F6C7] [SPRF][10/02/2013] (.Hewlett-Packard - HP UEFI Support Environment.) -- C:\Users\delphine\AppData\Local\Temp\SP60202.exe   [3265488]
~ Scan Files in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-In-TCP" |In - None - P6 - TRUE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "MCX-In-TCP" |In - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Prov-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcx2prov.exe (.not file.)
O87 - FAEL: "MCX-McrMgr-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcrmgr.exe (.not file.)
O87 - FAEL: "{40ABA0F2-6715-4CFD-BF0B-FF2D6A9762C2}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{4B995F66-2ACC-4503-A6E3-C785A7A5251A}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{1A7E79E4-354D-42E5-A4D4-8EF6618D1395}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{397421A1-B096-412E-8A1E-05267BA712F0}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{B56F8BCC-99B5-471B-9BB8-E88C5D933FDB}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDVD 10.0.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.exe
O87 - FAEL: "{812A4A68-16C4-4005-8797-91309C9ED406}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDirector 10.) -- C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exe
O87 - FAEL: "{BE65717B-4E87-41FF-B83E-BB85B6194C30}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{6AC9A71E-5EEE-4E00-8376-18DBFA27804B}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{D2D73852-8B36-4EC9-8C70-CF4C9A7FFE24}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{F885AE39-6E7C-42A7-9DDE-F851709206EB}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{70A61780-2A5A-477C-BD29-D586A2835F2D}" | In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\Veetle\Player\VeetleNet.exe
~ Scan Firewall in 00mn 00s



---\\ Scan Additionnel (O88)
Database Version : v2.10977 - (26/02/2013)
Clés trouvées (Keys found) : 6
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 1
Fichiers trouvés  (Files found) : 0

[HKCU\Software\delta LTD]   =>Toolbar.DeltaSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7E685771E24E83F4381D1DB5A45F7B41]   =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{29633E53-BF13-41B5-9E10-19D7843BD9C3}]   =>Hijacker.Proxy
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]   =>Toolbar.Bing
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]   =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]   =>Toolbar.Bing
C:\Users\delphine\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde   =>Toolbar.DeltaSearch
~ Scan Additionnel in 00mn 07s



---\\ Recherche détournement de DNS routeur (O89) (None)

---\\ Product Upgrade Codes (O90)
O90 - PUC: "00004159070000000000000000F01FEC" . (.Microsoft Office.) -- C:\windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe
O90 - PUC: "0694AF70830BBE9498B1F95939A05A44" . (.HP Customer Experience Enhancements.) -- C:\windows\Installer\{07FA4960-B038-49EB-891B-9F95930AA544}\ARPPRODUCTICON.exe
O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico
O90 - PUC: "08E34A98C6CA8AD489004F3BE05D770C" . (.Olympus ib.) -- C:\Windows\Installer\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\ARPPRODUCTICON.exe
O90 - PUC: "0E280CA1D940C5C4E9FC4937DAA549D9" . (.HP Documentation.) -- C:\Windows\Installer\{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}\NotebookDocs.exe
O90 - PUC: "1ADB7B61769BD2D4B8721E72722C3805" . (.HP CoolSense.) -- C:\windows\Installer\{16B7BDA1-B967-4D2D-8B27-E12727C28350}\_853F67D554F05449430E7E.exe
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon
O90 - PUC: "22EB878D072390941B1E198CFED82343" . (.HP 3D DriveGuard.) -- C:\Windows\Installer\{D878BE22-3270-4909-B1E1-91C8EF8D3234}\controlPanelIcon.exe
O90 - PUC: "2B0163E6D0340BE4183EB2758E9BEDD8" . (.Bonjour.) -- C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\Bonjour.ico
O90 - PUC: "2D6F4B0BEA2FA1544969F6F2A698B723" . (.PowerDirector.) -- C:\Windows\Installer\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\ARPPRODUCTICON.exe
O90 - PUC: "2FCC6D4EFAA0C9B4D95E98E3CDB9B4AA" . (.HP Registration Service.) -- C:\Windows\Installer\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}\ARPPRODUCTICON.exe
O90 - PUC: "42C6FBF1Df1C10144AB2C065F4E9E897" . (.Media Suite.) -- C:\Windows\Installer\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\ARPPRODUCTICON.exe
O90 - PUC: "45B9108BEB9FA0946991D6601FF821F9" . (.HP Support Assistant.) -- C:\windows\Installer\{B8019B54-F9BE-490A-9619-6D06F18F129F}\ARPPRODUCTICON.exe
O90 - PUC: "701043F6AA9F6C745BC43C1AF91155F3" . (.Hewlett-Packard ACLM.NET v1.2.0.0.) -- C:\windows\Installer\{6F340107-F9AA-47C6-B54C-C3A19F11553F}\ARPPRODUCTICON.exe
O90 - PUC: "7C43C21609E58D74B9C5F017D78D7262" . (.swMSM.) -- C:\windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe
O90 - PUC: "8994BF104C33134458DE70E9E3FE7ED5" . (.YouCam.) -- C:\Windows\Installer\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\ARPPRODUCTICON.exe
O90 - PUC: "A4432684C93A7984CA4D1AEB5D61C3A5" . (.PhotoDirector.) -- C:\windows\Installer\{4862344A-A39C-4897-ACD4-A1BED5163C5A}\ARPPRODUCTICON.exe
O90 - PUC: "A78975C0A30A59B43A902DF3874F60AC" . (.HP Utility Center.) -- C:\Windows\Installer\{0C57987A-A03A-4B95-A309-D23F78F406CA}\ARPPRODUCTICON.exe
O90 - PUC: "AF5A5D893AA1EBC42BC67A732EF0A8D6" . (.HP Software Framework.) -- C:\Windows\Installer\{98D5A5FA-1AA3-4CBE-B26C-A737E20F8A6D}\app_1.exe
O90 - PUC: "B18BA825A56D0BA42A6B285BA180D710" . (.HP Recovery Manager.) -- C:\windows\Installer\{528AB81B-D65A-4AB0-A2B6-82B51A087D01}\_853F67D554F05449430E7E.exe
O90 - PUC: "C0507DE423392BF4BA709EF4525AD393" . (.HP Quick Launch.) -- C:\windows\Installer\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}\_853F67D554F05449430E7E.exe
O90 - PUC: "C971C95CD8669A946BAE1012CCCF2134" . (.LabelPrint.) -- C:\Windows\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe
O90 - PUC: "CC599AF0948C55741BB44540CC57CD42" . (.Energy Star.) -- C:\Windows\Installer\{0FA995CC-C849-4755-B14B-5404CC75DC24}\_853F67D554F05449430E7E.exe
O90 - PUC: "D73F4D92A419E8B4BBEC1C182399952F" . (.eDownloader.) -- C:\Windows\Installer\{29D4F37D-914A-4B8E-BBCE-C181329959F2}\softwareinstaller.exe
O90 - PUC: "D84D78A2FDF3df1479DC1A3E07FEFF2E" . (.Power2Go.) -- C:\Windows\Installer\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\ARPPRODUCTICON.exe
O90 - PUC: "D96ED149EEC61714F8F1D3E753A24A89" . (.HP Wireless Button Driver.) -- C:\Windows\Installer\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}\ARPPRODUCTICON.exe
O90 - PUC: "DE532CED4A8571542A874CE1D8EABAB3" . (.PowerDVD.) -- C:\Windows\Installer\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\ARPPRODUCTICON.exe
~ Scan Files in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 01/03/2013 251248 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 30/08/2011 462184 |  (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Auto 16/07/2012 244752 |  (CLKMSVC10_38F51D56) . (.CyberLink.) - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
SS - | Demand 08/08/2012 276288 |  (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 12/10/2010 206072 |  (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SR - | Auto 10/08/2012 85504 |  (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
SR - | Demand 06/09/2012 1001376 |  (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SR - | Auto 23/08/2012 29600 |  (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SR - | Auto 09/07/2012 35232 |  (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
SR - | Auto 14/07/2012 2451456 |  (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 20/04/2012 635104 |  (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 18/07/2012 128896 |  (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 18/07/2012 165760 |  (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 18/07/2012 276864 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 14/12/2012 398184 |  (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 14/12/2012 682344 |  (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 14/07/2012 113120 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 05/12/2012 143928 |  (NIS) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe
SR - | Auto 10/01/2013 53376 |  (Notation) . (.Advernet.) - C:\Program Files (x86)\Notation\Notation.exe
SR - | Auto 10/01/2013 33920 |  (NotationMonitor) . (.Advernet.) - C:\Program Files (x86)\Notation\NotationMonitor.exe
SR - | Auto 13/11/2012 1103392 |  (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
SR - | Auto 13/11/2012 1369624 |  (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
SR - | Auto 13/11/2012 168384 |  (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
SR - | Auto 22/07/2012 321536 |  (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe
SR - | Auto 18/07/2012 364416 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto  0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 00s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by delphine at 01/03/2013 22:51:23

device: opened successfully
user: error reading MBR 

Disk trace:
error: Read  Descripteur non valide
kernel: error reading MBR 
~ Scan MBR in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by delphine at 01/03/2013 22:51:25

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 04s



End of the scan (1728 lines in 01mn 44s)(0)