Rapport de ZHPDiag v2013.4.14.81 par Nicolas Coolman, Update du 14/04/2013
Run by Thierry at 15/04/2013 20:16:42
State : Version à jour.
WhiteList : Disable
High Elevated Privileges : OK
UAC : Activate by user


---\\ Web Browser
MSIE: Internet Explorer v10.0.9200.16540 (Defaut)
MFIE: Mozilla Firefox 20.0.1 v20.0.1
GCIE: Google Chrome v26.0.1410.64

---\\ Windows Product Information
~ Langage: Français
Windows 8 Home Premium Edition, 64-bit  (Build 9200)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : XWXVT
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Protection
Malwarebytes Anti-Malware version 1.75.0.1300
ESET Online Scanner v3
Ad-Aware Antivirus v10.5.2.4379
Windows Defender W8

---\\ System Optimizer
CCleaner v4.00

---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 17

---\\ System Information
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3909 MB (57% free)
System Restore: Activé (Enable)
System drive C: has 205 GB (72%) free of 282 GB

---\\ Logged in mode
~ Computer Name: CALYBITIGEN
~ User Name: Thierry
~ All Users Names: Thierry, HomeGroupUser$, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Thierry\AppData\Roaming\
~ %Desktop% : C:\Users\Thierry\Desktop\
~ %Favorites% : C:\Users\Thierry\Favorites\
~ %LocalAppData% : C:\Users\Thierry\AppData\Local\
~ %StartMenu% : C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 205 Go of 282 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center:  Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.E13A31D5254C25406A7946BDD9B06364] - (.Microsoft Corporation - Explorateur Windows.) (.11/10/2012 - 08:35:16.) -- C:\Windows\Explorer.exe [2380944]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.753C0848AE7872A3F59663078A517293] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/02/2013 - 11:15:07.) -- C:\Windows\System32\wininet.dll [2240512]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.36D6A3201721558A8AFBCC09C2DA4C2C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.06/11/2012 - 04:53:44.) -- C:\Windows\system32\Drivers\AFD.sys [560640]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.26/07/2012 - 05:57:09.) -- C:\Windows\system32\Drivers\volsnap.sys [332016]
~ Generic Processes:  Scanned in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes Favoris (My Favorites) : 1/13
~ Mes Documents (My Documents) : 1/3025
~ Mon Bureau (My Desktop) : 1/3
~ Menu demarrer (Programs) : 1/31
~ Hidden Files:  Scanned in 00mn 05s



---\\ Processus lancés
[MD5.746D5A686D60B5FF19220D64F43DD21E] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe   [1176688] [PID.9904]
[MD5.A74AC411798DA32CFC655A9A9F2EB74A] - (...) -- C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe   [2569168] [PID.3176]  =>Toolbar.Babylon
[MD5.33594D58BE2E17BD5EFA8BFAB59B10D4] - (.PC Utilities Pro - Optimizer Pro Speed Guard.) -- C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe   [218144] [PID.7912]
[MD5.8C3C61A8365498EDD6140003BCDDDDD8] - (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe   [624192] [PID.7436]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [252848] [PID.7464]
[MD5.EE8DEBD2D159E7052EB0DAA5CA19FAF7] - (.Orbiscom Ltd. All rights reserved. - ECBL Client.) -- C:\Program Files (x86)\e-Carte Bleue La Banque Postale\ecbl-lbp.exe   [278528] [PID.7472]
[MD5.BFFAFB4804DE5F54E236CE6202409AA8] - (.Lavasoft - Ad-Aware Browsing Protection and Anti-Phish.) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe   [542632] [PID.6460]
[MD5.74F3DED90D66A9B0A9158DF9FCE6F2E1] - (.Lavasoft. - Search Protection.) -- C:\ProgramData\Search Protection\SearchProtection.exe   [673192] [PID.6576]
[MD5.C01CD80CF8C572BCE243DDE1B3EB986B] - (.Lavasoft Limited - Ad-Aware Antivirus.) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAware.exe   [18828128] [PID.7916]
[MD5.70FDC77FE9B06FB5E78DD3DDE2E4FB9D] - (.Innovative Apps - Supreme Savings exe.) -- C:\program files (x86)\supreme savings\supreme savings-bg.exe   [1500552] [PID.9148]
[MD5.7AE4D6C70C2D7912AB2B4651DF595575] - (.CyberLink - MediaEspresso DeviceDetector.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe   [990320] [PID.9152]
[MD5.1C1DF0FA3ED8892C42DF7C8962E328BA] - (.Pas de propriétaire - iuEmailOutlookAgent.) -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe   [25232] [PID.11232]
[MD5.804E2D61CDF360A4492C86D6132135CC] - (.Pas de propriétaire - iuBrowserIEAgent.) -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe   [44176] [PID.1488]
[MD5.E4F6125ED5185F8FA37CC4F449B85526] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe   [770608] [PID.9956]
[MD5.BC431F556635C1096B9AAD8A1736C034] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [6750720] [PID.11336]
~ Processes Running:  Scanned in 00mn 04s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com
G0 - GCSP: Preference [User Data\Default] http://www.google.com
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Chrome Web Store v.0.1 ()
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.2 (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.5 (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.19 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.0 (Désactivé)
G2 - GCE: Preference [User Data\Default] [lfffjahnfbocnaooecgijfnbpcfekoik] SecureSearch v.1.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pgafcinpmmpklohkojmllohdhomoefph] BrowserProtect v.1.0 (Désactivé)  =>Toolbar.Babylon
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)
~ Google Browser:  Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\Thierry\AppData\Roaming\Mozilla\Firefox\Profiles\0i58b0oh.default\prefs.js
C:\Users\Thierry\AppData\Roaming\Mozilla\Firefox\Profiles\0i58b0oh.default\user.js
M3 - MFPP: Plugins - [Thierry] -- C:\Users\Thierry\AppData\Roaming\Mozilla\Firefox\Profiles\0i58b0oh.default\searchplugins\delta.xml
M3 - MFPP: Plugins - [Thierry] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\adawaretb.xml
M3 - MFPP: Plugins - [Thierry] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Thierry] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml  =>Toolbar.Babylon
M3 - MFPP: Plugins - [Thierry] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Thierry] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Thierry] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Thierry] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Thierry] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Thierry] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Thierry - 0i58b0oh.default] http://www1.delta-search.com  =>Toolbar.DeltaSearch
M2 - MFEP: prefs.js [Thierry - 0i58b0oh.default\crossriderapp19962@crossrider.com] [] Supreme Savings v (..)  =>PUP.CrossRider
M2 - MFEP: prefs.js [Thierry - 0i58b0oh.default\ffxtlbr@delta.com] [] Delta Toolbar v1.5.0 (..)
M2 - MFEP: prefs.js [Thierry - 0i58b0oh.default\jid1-yZwVFzbsyfMrqQ@jetpack] [] Lavasoft Search Plugin v0.6 (..)
M2 - MFEP: prefs.js [Thierry - 0i58b0oh.default\{87934c42-161d-45bc-8cef-ef18abe2a30c}] [] Ad-Aware Security Add-on v2.5 (..)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll
~ Firefox Browser: 16 Scanned in 00mn 01s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-search.com  =>Toolbar.DeltaSearch
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 11 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0019962 [64Bits] - {11111111-1111-1111-1111-110111991162} . (.Innovative Apps - Supreme Savings BHO.) -- C:\Program Files (x86)\Supreme Savings\Supreme Savings.dll  =>PUP.CrossRider
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Ad-Aware Security Add-on [64Bits] - {6c97a91e-4524-4019-86af-2aa2d567bf5c} . (.Pas de propriétaire - Ad-Aware Security Add-on Link Library.) -- C:\Program Files (x86)\adawaretb\adawareDx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: delta Helper Object [64Bits] - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} . (.Delta-search.com - Pas de description.) -- C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll  =>Toolbar.DeltaSearch
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
~ BHO: 7 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
~ Toolbar:  Scanned in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe 
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe 
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe 
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 
O4 - HKLM\..\Run: [BtPreLoad] . (...) -- C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe 
O4 - HKLM\..\Run: [SBRegRebootCleaner] . (.GFI Software - Registry Cleaner.) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBRC.exe 
O4 - HKCU\..\Run: [Optimizer Pro] . (.PC Utilities Pro - Fix, clean, optimize your PC!.) -- C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe 
O4 - HKLM\..\Wow6432Node\Run: [LManager] Clé orpheline 
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 
O4 - HKLM\..\Wow6432Node\Run: [Ad-Aware Browsing Protection] . (.Lavasoft - Ad-Aware Browsing Protection and Anti-Phish.) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe 
O4 - HKLM\..\Wow6432Node\Run: [SearchProtection] . (...) -- C:\ProgramData\Search Protection\_run.bat 
O4 - HKLM\..\Wow6432Node\Run: [Ad-Aware Antivirus] Clé orpheline 
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe 
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe 
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe 
O4 - HKUS\S-1-5-21-360351707-2276754314-377163639-1001\..\Run: [Optimizer Pro] . (.PC Utilities Pro - Fix, clean, optimize your PC!.) -- C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe 
~ Application:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop: Optimizer Pro.lnk . (...)  -- C:\Program Files (x86)\Optimizer Pro\OptimizerPro.exe (.not file.)
O4 - GS\Desktop: VirtualDJ PRO Full.lnk . (.Atomix Productions - VirtualDJ.)  -- C:\Program Files (x86)\VirtualDJ\virtualdj_pro.exe 
~ Global Startup:  Scanned in 00mn 02s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Clé orpheline
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
~ Winsock: 7 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{56B660E7-9EA0-4D1D-AE88-2DEC7EFC18DA}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B3426BFF-FB98-490B-9B4E-64FA8C044238}: DhcpNameServer = 150.200.3.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B3426BFF-FB98-490B-9B4E-64FA8C044238}: DhcpDomain = WDS01.COM
O17 - HKLM\System\CS1\Services\Tcpip\..\{56B660E7-9EA0-4D1D-AE88-2DEC7EFC18DA}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B3426BFF-FB98-490B-9B4E-64FA8C044238}: DhcpNameServer = 150.200.3.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B3426BFF-FB98-490B-9B4E-64FA8C044238}: DhcpDomain = WDS01.COM
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Ad-Aware Service (Ad-Aware Service) . (.Lavasoft Limited - Ad-Aware Antivirus Service.) - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AtherosSvc (AtherosSvc) . (.Qualcomm Atheros Commnucations - AdminService Application.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) . (.Broadcom Corp. - Broadcom Card Reader Service.) - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: BrowserProtect (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe  =>Toolbar.Babylon
O23 - Service: CCDMonitorService (CCDMonitorService) . (.Acer Incorporated - CCD Monitor Service.) - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Dritek WMI Service (DsiWMIService) . (.Dritek System Inc. - Dritek WMI Service.) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: Elan Service (ETDService) . (.ELAN Microelectronics Corp. - ELAN Windows Service.) - C:\Program Files\Elantech\ETDService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service In (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: NTI IScheduleSvc (NTI IScheduleSvc) . (.NTI Corporation - Backup Manager Module.) - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) . (.Dritek System INC. - RfBtnSvc Application.) - C:\Windows\RfBtnSvc64.exe
O23 - Service: Ad-Aware (SBAMSvc) . (.GFI Software - GFI Software Anti Malware Service.) - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: ZAtheros Wlan Agent (ZAtheros Wlan Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
~ Services: 17 Scanned in 00mn 10s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 1 Scanned in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Adobe Flash Player Updater.job   [1002]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job   [1090]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1094]
[MD5.84B02BB851B4B592400D0DC55D7C189F] [APT] [Ad-Aware Antivirus Scheduled Scan] (.Lavasoft Limited.) -- C:\Program Files (x86)\AD-AWA~1\AdAwareLauncher.exe   [2050416]
[MD5.EA856F4A46320389D1899B2CAA7BF40F] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe   [253656]
[MD5.B1298BDD59EC1F6FA718FE475FA17798] [APT] [ALU] (...) -- C:\Program Files (x86)\Acer\Live Updater\updater.exe   [3331216]
[MD5.BD0BA490E0300E859DB99DA3AB024371] [APT] [ALUAgent] (...) -- C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe   [39568]
[MD5.A9DA5B43CF597F83B1EB441968E24891] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe   [3497240]
[MD5.7AE4D6C70C2D7912AB2B4651DF595575] [APT] [DeviceDetector] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe   [990320]
[MD5.4942FBE3BA93C1536EC775A0104C11E9] [APT] [EgisUpdate] (.Egis Technology Inc..) -- C:\Program Files\EgisTec IPS\EgisUpdate.exe   [202832]
[MD5.65611587D8245CE8DB9E306D239EE22F] [APT] [EPUpdater] (...) -- C:\Users\Thierry\AppData\Roaming\BabSolution\Shared\BabMaint.exe   [9808]  =>Hijacker.BabSolution
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [136176]
[MD5.804E2D61CDF360A4492C86D6132135CC] [APT] [iuBrowserIEAgent] (...) -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe   [44176]
[MD5.1C1DF0FA3ED8892C42DF7C8962E328BA] [APT] [iuEmailOutlookAgent] (...) -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe   [25232]
[MD5.773C84EA68CF5359A6B4C82D6A96A938] [APT] [PMMUpdate] (.Egis Technology Inc..) -- C:\Program Files\EgisTec IPS\PMMUpdate.exe   [467024]
[MD5.5659ADFFA101D3AC0C62CED889991357] [APT] [Power Management] (.Acer Incorporated.) -- C:\Program Files\Acer\Acer Power Management\ePowerTray.exe   [5294736]
[MD5.4BE294C6D202A4495A48ABA8F5F11599] [APT] [Updater19962.exe] (.Innovative Apps.) -- C:\Users\Thierry\AppData\Local\Updater19962\Updater19962.exe   [210312]
~ Scheduled Task: 19 Scanned in 00mn 11s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver:  (mwlPSDFilter) . (.Egis Technology Inc. - PSD Mini Filter Driver.) - C:\Windows\System32\DRIVERS\mwlPSDFilter.sys
O41 - Driver:  (mwlPSDNServ) . (.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) - C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
O41 - Driver:  (mwlPSDVDisk) . (.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) - C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Drivers: 40 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Acer Backup Manager - (.NTI Corporation.) [HKLM][64Bits] -- InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}
O42 - Logiciel: Acer Device Fast-lane - (.Acer Incorporated.) [HKLM][64Bits] -- {3F62D2FD-13C1-49A2-8B5D-47623D9460D7}
O42 - Logiciel: Acer Instant Update Service - (.Acer Incorporated.) [HKLM][64Bits] -- {8215A318-CC27-435E-B3EA-2E3443C8998C}
O42 - Logiciel: Acer Power Management - (.Acer Incorporated.) [HKLM][64Bits] -- {91F52DE4-B789-42B0-9311-A349F10E5479}
O42 - Logiciel: Acer Recovery Management - (.Acer Incorporated.) [HKLM][64Bits] -- {07F2005A-8CAC-4A4B-83A2-DA98A722CA61}
O42 - Logiciel: AcerCloud - (.Acer Incorporated.) [HKLM][64Bits] -- {A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
O42 - Logiciel: AcerCloud Docs - (.Acer Incorporated.) [HKLM][64Bits] -- {CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}
O42 - Logiciel: Ad-Aware Security Add-on - (.Lavasoft.) [HKLM][64Bits] -- adawaretb
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader XI (11.0.02) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Agatha Christie - Death on the Nile - (.WildTangent.) [HKLM][64Bits] -- WTA-d5ccc6c3-7d54-4835-947f-569dfdfb6529
O42 - Logiciel: Aloha TriPeaks - (.WildTangent.) [HKLM][64Bits] -- WTA-2091c0a9-81ad-4977-8a21-bc1bf4d7f56e
O42 - Logiciel: Backup Manager v4 - (.NTI Corporation.) [HKLM][64Bits] -- {9DDDF20E-9FD1-4434-A43E-E7889DBC9420}
O42 - Logiciel: Bejeweled 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-3013dda2-6263-4eb9-8c20-ae7e13cf994d
O42 - Logiciel: Broadcom Card Reader Driver Installer - (.Broadcom Corporation.) [HKLM][64Bits] -- {F0A7DF2F-0BE0-470F-B137-D7A19F977189}
O42 - Logiciel: BrowserProtect - (.Bit89 Inc.) [HKLM][64Bits] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}  =>Toolbar.Babylon
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: CyberLink MediaEspresso 6.5 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}
O42 - Logiciel: CyberLink MediaEspresso 6.5 - (.CyberLink Corp..) [HKLM][64Bits] -- {E3739848-5329-48E3-8D28-5BBD6E8BE384}
O42 - Logiciel: Delicious: Emily's True Love Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-1a794fbe-ba24-4827-972c-e3d444e6557a
O42 - Logiciel: Delta Chrome Toolbar - (.Delta.) [HKLM][64Bits] -- Delta Chrome Toolbar
O42 - Logiciel: Delta toolbar   - (.Delta.) [HKLM][64Bits] -- delta
O42 - Logiciel: DomaIQ - (.Tuguu SLU.) [HKLM][64Bits] -- DomaIQ Uninstaller
O42 - Logiciel: ESET Online Scanner v3 - (...) [HKLM][64Bits] -- ESET Online Scanner
O42 - Logiciel: ETDWare PS/2-X64 11.6.8.001_WHQL - (.ELAN Microelectronic Corp..) [HKLM][64Bits] -- Elantech
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Governor of Poker 2 Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-a305d6bb-92c4-4561-b308-fe08336ff5e7
O42 - Logiciel: Identity Card - (.Acer Incorporated.) [HKLM][64Bits] -- {3D9CB654-99AD-4301-89C6-0D12A790767C}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
O42 - Logiciel: Island Tribe - (.WildTangent.) [HKLM][64Bits] -- WTA-3a041ff1-3708-444d-b466-0adbfc044c7f
O42 - Logiciel: Java 7 Update 17 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217017FF}
O42 - Logiciel: Jewel Match 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-ef544cbe-1202-4d6d-8076-cc55b961f16f
O42 - Logiciel: John Deere Drive Green - (.WildTangent.) [HKLM][64Bits] -- WTA-63fea76e-bf9d-45f3-8a19-37ec79f119dd
O42 - Logiciel: Launch Manager - (.Acer Inc..) [HKLM][64Bits] -- LManager
O42 - Logiciel: Live Updater - (.Acer Incorporated.) [HKLM][64Bits] -- {EE26E302-876A-48D9-9058-3129E5B99999}
O42 - Logiciel: Magic Academy - (.WildTangent.) [HKLM][64Bits] -- WTA-587307c6-a8b5-4e5a-8556-6f283ac31a72
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Mozilla Firefox 20.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 20.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Mp3tag v2.54 - (.Florian Heidenreich.) [HKLM][64Bits] -- Mp3tag
O42 - Logiciel: MyWinLocker - (.Egis Technology Inc..) [HKLM][64Bits] -- {0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}
O42 - Logiciel: MyWinLocker 4 - (.Egis Technology Inc..) [HKLM][64Bits] -- {39F15B50-A977-4CA6-B1C3-6A8724CDA025}
O42 - Logiciel: MyWinLocker Suite - (.Egis Technology Inc..) [HKLM][64Bits] -- InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}
O42 - Logiciel: MyWinLocker Suite - (.Egis Technology Inc..) [HKLM][64Bits] -- {17DF9714-60C9-43C9-A9C2-32BCAED44CBE}
O42 - Logiciel: Office Addin - (.Acer.) [HKLM][64Bits] -- {6D2BBE1D-E600-4695-BA37-0B0E605542CC}
O42 - Logiciel: Optimizer Pro v3.0 - (.PC Utilities Pro.) [HKLM][64Bits] -- Optimizer Pro_is1
O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM][64Bits] -- WTA-e29c133e-0316-432b-a219-f1fdc23ec943
O42 - Logiciel: Plants vs. Zombies - Game of the Year - (.WildTangent.) [HKLM][64Bits] -- WTA-a78cfd04-3b37-417e-935e-165b34e76ab4
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WTA-f9ff9f79-0b6b-480a-9d4c-d64d3f50d44e
O42 - Logiciel: Qualcomm Atheros Bluetooth Suite (64) - (.Nom de votre société.) [HKLM][64Bits] -- {A84A4FB1-D703-48DB-89E0-68B6499D2801}
O42 - Logiciel: Qualcomm Atheros WiFi Driver Installation - (.Qualcomm Atheros.) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054}
O42 - Logiciel: Shredder - (.Egis Technology Inc..) [HKLM][64Bits] -- {C2695E83-CF1D-43D1-84FE-B3BEC561012A}
O42 - Logiciel: Spotify - (.Spotify AB.) [HKLM][64Bits] -- Spotify
O42 - Logiciel: Supreme Savings - (.Innovative Apps.) [HKLM][64Bits] -- Supreme Savings
O42 - Logiciel: Tales of Lagoona - (.WildTangent.) [HKLM][64Bits] -- WTA-4728479b-c8c2-453b-acf6-ba343fb01218
O42 - Logiciel: Tuto Openoffice1.0.0.0 - (.PCTuto.) [HKLM][64Bits] -- Tuto Openoffice_is1
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
O42 - Logiciel: VAFPlayer - (.Tuguu SL.) [HKLM][64Bits] -- {EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}
O42 - Logiciel: VirtualDJ PRO Full - (.Atomix Productions.) [HKLM][64Bits] -- {C515E2A3-4878-4C85-A519-52630C7AB08B}
O42 - Logiciel: Visual Studio 2005 Tools pour Office Second Edition Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Visual Studio 2005 Tools for Office Runtime
O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- Visual Studio Tools for the Office system 3.0 Runtime
O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8FB53850-246A-3507-8ADE-0060093FFEA6}
O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949 - (.Microsoft Corporation.) [HKLM][64Bits] -- {8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258
O42 - Logiciel: WildTangent Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent wildgames Master Uninstall
O42 - Logiciel: WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer
O42 - Logiciel: Zuma's Revenge - (.WildTangent.) [HKLM][64Bits] -- WTA-b02e8bbc-5967-43f4-ae92-3113f4917fe8
O42 - Logiciel: clear.fi Media - (.Acer Incorporated.) [HKLM][64Bits] -- {E9AF1707-3F3A-49E2-8345-4F2D629D0876}
O42 - Logiciel: clear.fi Photo - (.Acer Incorporated.) [HKLM][64Bits] -- {B5AD89F2-03D3-4206-8487-018298007DD0}
O42 - Logiciel: clear.fi SDK - Video 2 - (.CyberLink Corp..) [HKLM][64Bits] -- {EBA33CAD-E071-48d5-A168-FBA4EEB42E93}
O42 - Logiciel: clear.fi SDK- Movie 2 - (.CyberLink Corp..) [HKLM][64Bits] -- {35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}
O42 - Logiciel: e-Carte Bleue La Banque Postale - (...) [HKLM][64Bits] -- {11B0F8D4-FD80-4800-ABA8-50D28FF769AF}
O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM][64Bits] -- {A694AF57-9891-4D62-824C-7E55A1361A14}
O42 - Logiciel: pctuto - (.PCTuto.) [HKLM][64Bits] -- pctuto_is1
~ Logic: 150 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\5ded9dab73ae410]
[HKCU\Software\Ad-Aware Search Protection]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\LastScanTime]
[HKCU\Software\AppDataLow\Software\Crossrider]  =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Supreme Savings]
[HKCU\Software\AppDataLow\Software\adawarebp]
[HKCU\Software\AppDataLow\Software\adawaretb]
[HKCU\Software\AppDataLow]
[HKCU\Software\Atheros]
[HKCU\Software\BabylonToolbar]  =>Toolbar.Babylon
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Cr_Installer]
[HKCU\Software\DataMngr]  =>PUP.Datamngr
[HKCU\Software\Delta]
[HKCU\Software\Dritek]
[HKCU\Software\ESET]
[HKCU\Software\Elantech]
[HKCU\Software\Google]
[HKCU\Software\InstalledBrowserExtensions]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\OEM]
[HKCU\Software\Optimizer Pro]
[HKCU\Software\PCTuto]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SYNCJM]
[HKCU\Software\Trolltech]
[HKCU\Software\Tuguu SL]
[HKCU\Software\TutoTag]
[HKCU\Software\Tutorials]
[HKCU\Software\VirtualDJ]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Atheros]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cyberlink]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\DomaIQ]
[HKLM\Software\EgisTec IPS]
[HKLM\Software\EgisTec Shredder]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Qualcomm Atheros Fast Reconnect]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SonicFocus]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\5ded9dab73ae410]
[HKLM\Software\Wow6432Node\ATHEROS]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\Babylon]  =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DataMngr]  =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Delta]
[HKLM\Software\Wow6432Node\Dritek]
[HKLM\Software\Wow6432Node\EgisTec IPS]
[HKLM\Software\Wow6432Node\EgisTec MyWinLockerSuite]
[HKLM\Software\Wow6432Node\EgisTec MyWinLocker]
[HKLM\Software\Wow6432Node\EgisTec Shredder]
[HKLM\Software\Wow6432Node\Eset]
[HKLM\Software\Wow6432Node\Florian Heidenreich]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lavasoft]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\NewTech Infosystems]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\PCTuto]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Qualcomm Atheros WiFi Driver Installation]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\SBAMSvc]
[HKLM\Software\Wow6432Node\VirtualDJ]
[HKLM\Software\Wow6432Node\VirualDiskRedist]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\e-Carte Bleue La Banque Postale]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Key Software: 193 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 26/09/2012 - 08:35:14 - [359,092] ----D C:\Program Files (x86)\Acer
O43 - CFD: 14/04/2013 - 16:56:45 - [210,566] ----D C:\Program Files (x86)\Ad-Aware Antivirus
O43 - CFD: 14/04/2013 - 16:31:28 - [3,582] ----D C:\Program Files (x86)\adawaretb
O43 - CFD: 11/04/2013 - 13:38:17 - [119,658] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 26/09/2012 - 08:04:31 - [82,057] ----D C:\Program Files (x86)\Bluetooth Suite
O43 - CFD: 11/04/2013 - 13:38:17 - [302,364] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 03/09/2012 - 16:40:34 - [159,133] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 14/04/2013 - 21:22:28 - [2,786] ----D C:\Program Files (x86)\Delta
O43 - CFD: 09/02/2013 - 02:51:13 - [0,475] ----D C:\Program Files (x86)\e-Carte Bleue La Banque Postale
O43 - CFD: 03/09/2012 - 16:38:13 - [3,465] ----D C:\Program Files (x86)\EgisTec IPS
O43 - CFD: 03/09/2012 - 16:38:24 - [19,856] ----D C:\Program Files (x86)\EgisTec MyWinLocker
O43 - CFD: 03/09/2012 - 16:37:27 - [2,277] ----D C:\Program Files (x86)\EgisTec MyWinLockerSuite
O43 - CFD: 03/09/2012 - 16:38:50 - [5,335] ----D C:\Program Files (x86)\EgisTec Shredder
O43 - CFD: 15/04/2013 - 08:24:07 - [170,960] ----D C:\Program Files (x86)\ESET
O43 - CFD: 14/04/2013 - 22:37:22 - [293,916] ----D C:\Program Files (x86)\Google
O43 - CFD: 09/02/2013 - 02:51:12 - [165,706] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 26/09/2012 - 07:59:06 - [139,644] ----D C:\Program Files (x86)\Intel
O43 - CFD: 12/04/2013 - 20:01:37 - [4,621] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 11/04/2013 - 07:59:24 - [121,972] ----D C:\Program Files (x86)\Java
O43 - CFD: 26/09/2012 - 08:00:43 - [27,941] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 11/04/2013 - 08:22:45 - [13,336] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 07/02/2013 - 15:33:28 - [532,248] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 07/02/2013 - 15:33:25 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 07/02/2013 - 15:29:30 - [1,323] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 07/02/2013 - 15:33:41 - [3,032] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 07/02/2013 - 15:33:11 - [7,797] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 12/04/2013 - 09:36:32 - [46,198] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/04/2013 - 07:15:14 - [0,212] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 08/02/2013 - 09:44:40 - [8,382] ----D C:\Program Files (x86)\Mp3tag
O43 - CFD: 07/02/2013 - 15:33:33 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 03/09/2012 - 16:33:22 - [167,417] ----D C:\Program Files (x86)\NTI
O43 - CFD: 29/12/2012 - 03:16:29 - [0,105] ----D C:\Program Files (x86)\OEM
O43 - CFD: 15/04/2013 - 11:01:22 - [2,223] ----D C:\Program Files (x86)\Optimizer Pro
O43 - CFD: 15/04/2013 - 11:01:24 - [9,606] ----D C:\Program Files (x86)\pctuto
O43 - CFD: 26/09/2012 - 08:09:49 - [7,935] ----D C:\Program Files (x86)\Qualcomm Atheros
O43 - CFD: 26/09/2012 - 07:56:31 - [3,219] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 03/09/2012 - 16:19:16 - [36,536] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 26/09/2012 - 08:13:31 - [42,601] ----D C:\Program Files (x86)\Spotify
O43 - CFD: 14/04/2013 - 21:23:01 - [5,763] ----D C:\Program Files (x86)\Supreme Savings
O43 - CFD: 26/09/2012 - 07:57:04 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 14/04/2013 - 16:31:18 - [0,722] ----D C:\Program Files (x86)\Toolbar Cleaner
O43 - CFD: 14/04/2013 - 21:24:11 - [17,541] ----D C:\Program Files (x86)\Tuguu SL
O43 - CFD: 06/02/2013 - 14:16:28 - [30,427] ----D C:\Program Files (x86)\VirtualDJ
O43 - CFD: 03/09/2012 - 16:30:44 - [538,682] ----D C:\Program Files (x86)\WildGames
O43 - CFD: 03/09/2012 - 16:31:16 - [14,814] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 12/04/2013 - 20:01:12 - [0,951] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 26/09/2012 - 17:40:18 - [5,466] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 07/02/2013 - 15:43:36 - [3,494] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 26/07/2012 - 10:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 26/07/2012 - 10:12:59 - [7,243] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 26/09/2012 - 17:40:18 - [5,226] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 26/07/2012 - 10:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/07/2012 - 10:12:59 - [1,291] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 15/04/2013 - 20:16:59 - [16,168] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 11/04/2013 - 13:38:30 - [6,274] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 26/09/2012 - 08:04:51 - [0,084] ----D C:\Program Files (x86)\Common Files\Atheros
O43 - CFD: 07/02/2013 - 15:33:25 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 03/09/2012 - 16:38:11 - [0,166] ----D C:\Program Files (x86)\Common Files\EgisTec
O43 - CFD: 26/09/2012 - 07:56:26 - [2,009] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 26/09/2012 - 07:49:06 - [13,438] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 07/02/2013 - 14:35:03 - [1,184] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 07/02/2013 - 15:33:39 - [236,508] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 26/09/2012 - 07:57:39 - [0,185] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 26/09/2012 - 08:05:40 - [0,724] ----D C:\Program Files (x86)\Common Files\QCA_Bluetooth
O43 - CFD: 26/07/2012 - 10:13:01 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 07/02/2013 - 15:29:20 - [41,702] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 26/09/2012 - 08:31:34 - [0,015] ----D C:\ProgramData\Acer
O43 - CFD: 14/04/2013 - 16:35:05 - [0,038] ----D C:\ProgramData\Ad-Aware Antivirus
O43 - CFD: 14/04/2013 - 16:31:27 - [1,231] ----D C:\ProgramData\Ad-Aware Browsing Protection
O43 - CFD: 14/04/2013 - 16:31:28 - [0,008] ----D C:\ProgramData\adawaretb
O43 - CFD: 11/04/2013 - 13:42:02 - [147,185] ----D C:\ProgramData\Adobe
O43 - CFD: 26/07/2012 - 09:22:08 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 29/12/2012 - 03:25:01 - [0,000] ----D C:\ProgramData\Atheros
O43 - CFD: 14/04/2013 - 21:22:20 - [0] ----D C:\ProgramData\Babylon  =>Toolbar.Babylon
O43 - CFD: 03/09/2012 - 16:33:50 - [0,081] ----D C:\ProgramData\BackupManager
O43 - CFD: 14/04/2013 - 16:31:28 - [0,000] ----D C:\ProgramData\blekko toolbars
O43 - CFD: 14/04/2013 - 21:22:49 - [7,662] ----D C:\ProgramData\BrowserProtect  =>Toolbar.Babylon
O43 - CFD: 29/12/2012 - 03:04:19 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 29/12/2012 - 03:20:46 - [58,596] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 26/09/2012 - 08:27:32 - [0,000] ----D C:\ProgramData\CLSK
O43 - CFD: 26/09/2012 - 08:28:01 - [0,001] ----D C:\ProgramData\CyberLink
O43 - CFD: 26/07/2012 - 09:22:08 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 26/07/2012 - 09:22:08 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 14/04/2013 - 16:31:43 - [19,107] ----D C:\ProgramData\Downloaded Installations
O43 - CFD: 26/09/2012 - 08:20:55 - [0] ----D C:\ProgramData\EgisTec
O43 - CFD: 29/12/2012 - 03:24:11 - [0,268] ----D C:\ProgramData\EgisTec IPS
O43 - CFD: 14/04/2013 - 22:36:51 - [0,012] ----D C:\ProgramData\Google
O43 - CFD: 29/12/2012 - 23:25:05 - [123,771] ----D C:\ProgramData\INSTALLER
O43 - CFD: 26/09/2012 - 08:27:37 - [0,114] ----D C:\ProgramData\install_clap
O43 - CFD: 26/09/2012 - 07:59:07 - [0,035] ----D C:\ProgramData\Intel
O43 - CFD: 14/04/2013 - 16:31:55 - [2,157] ----D C:\ProgramData\Lavasoft
O43 - CFD: 11/04/2013 - 08:22:35 - [6,089] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 10/04/2013 - 21:42:57 - [0,000] ----D C:\ProgramData\McAfee
O43 - CFD: 29/12/2012 - 03:04:19 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 07/02/2013 - 15:33:11 - [1964,657] -S--D C:\ProgramData\Microsoft
O43 - CFD: 07/02/2013 - 15:36:31 - [0,062] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 29/12/2012 - 03:04:19 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 08/02/2013 - 08:54:11 - [0,007] ----D C:\ProgramData\Mozilla
O43 - CFD: 29/12/2012 - 03:16:00 - [0,001] ----D C:\ProgramData\OEM
O43 - CFD: 02/01/2013 - 20:42:40 - [0,038] ----D C:\ProgramData\PRICache
O43 - CFD: 26/09/2012 - 08:09:42 - [0,021] ----D C:\ProgramData\Qualcomm Atheros
O43 - CFD: 26/07/2012 - 09:52:44 - [0,001] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 14/04/2013 - 16:31:43 - [0,643] ----D C:\ProgramData\Search Protection
O43 - CFD: 26/07/2012 - 09:22:08 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 07/02/2013 - 14:35:04 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 15/04/2013 - 08:50:36 - [1,037] ---AD C:\ProgramData\Temp
O43 - CFD: 26/07/2012 - 09:22:08 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 03/09/2012 - 16:31:16 - [1749,959] ----D C:\ProgramData\WildTangent
O43 - CFD: 29/12/2012 - 07:03:08 - [0,000] ----D C:\Users\Thierry\AppData\Roaming\(BC-3B-AF-6E-33-6E)
O43 - CFD: 14/04/2013 - 22:29:12 - [0,013] ----D C:\Users\Thierry\AppData\Roaming\Ad-Aware Antivirus
O43 - CFD: 11/04/2013 - 13:41:04 - [2,153] ----D C:\Users\Thierry\AppData\Roaming\Adobe
O43 - CFD: 29/12/2012 - 03:17:27 - [0] ----D C:\Users\Thierry\AppData\Roaming\Atheros
O43 - CFD: 14/04/2013 - 21:22:35 - [1,949] ----D C:\Users\Thierry\AppData\Roaming\BabSolution  =>Hijacker.BabSolution
O43 - CFD: 14/04/2013 - 21:22:19 - [0,006] ----D C:\Users\Thierry\AppData\Roaming\Babylon  =>Toolbar.Babylon
O43 - CFD: 14/04/2013 - 16:29:52 - [0,001] ----D C:\Users\Thierry\AppData\Roaming\LavasoftStatistics
O43 - CFD: 29/12/2012 - 03:15:58 - [0,073] ----D C:\Users\Thierry\AppData\Roaming\lm
O43 - CFD: 29/12/2012 - 03:15:36 - [0,001] ----D C:\Users\Thierry\AppData\Roaming\Macromedia
O43 - CFD: 11/04/2013 - 08:23:13 - [0,002] ----D C:\Users\Thierry\AppData\Roaming\Malwarebytes
O43 - CFD: 10/04/2013 - 12:27:52 - [1,273] -S--D C:\Users\Thierry\AppData\Roaming\Microsoft
O43 - CFD: 08/02/2013 - 08:57:56 - [17,156] ----D C:\Users\Thierry\AppData\Roaming\Mozilla
O43 - CFD: 14/04/2013 - 21:22:58 - [0] ----D C:\Users\Thierry\AppData\Roaming\Optimizer Pro
O43 - CFD: 14/04/2013 - 21:24:14 - [0,285] ----D C:\Users\Thierry\AppData\Roaming\player
O43 - CFD: 14/04/2013 - 16:33:32 - [0,911] ----D C:\Users\Thierry\AppData\Local\adawarebp
O43 - CFD: 11/04/2013 - 13:41:04 - [17,247] ----D C:\Users\Thierry\AppData\Local\Adobe
O43 - CFD: 29/12/2012 - 03:13:50 - [0] ----D C:\Users\Thierry\AppData\Local\Application Data
O43 - CFD: 07/02/2013 - 15:49:36 - [0] ----D C:\Users\Thierry\AppData\Local\Apps
O43 - CFD: 07/02/2013 - 15:49:43 - [0,068] ----D C:\Users\Thierry\AppData\Local\assembly
O43 - CFD: 29/12/2012 - 03:25:01 - [0] ----D C:\Users\Thierry\AppData\Local\BMExplorer
O43 - CFD: 10/04/2013 - 11:53:36 - [0,174] ----D C:\Users\Thierry\AppData\Local\clear.fi
O43 - CFD: 14/04/2013 - 22:54:09 - [0] ----D C:\Users\Thierry\AppData\Local\CrashDumps
O43 - CFD: 12/04/2013 - 18:21:47 - [0] ----D C:\Users\Thierry\AppData\Local\Deployment
O43 - CFD: 10/04/2013 - 21:48:24 - [1,031] ----D C:\Users\Thierry\AppData\Local\Diagnostics
O43 - CFD: 29/12/2012 - 03:24:11 - [0,000] ----D C:\Users\Thierry\AppData\Local\EgisTec IPS
O43 - CFD: 14/04/2013 - 22:41:29 - [13,759] ----D C:\Users\Thierry\AppData\Local\Google
O43 - CFD: 29/12/2012 - 03:13:50 - [0] ----D C:\Users\Thierry\AppData\Local\Historique
O43 - CFD: 08/02/2013 - 09:51:54 - [0] ----D C:\Users\Thierry\AppData\Local\Macromedia
O43 - CFD: 08/02/2013 - 09:51:54 - [206,073] ----D C:\Users\Thierry\AppData\Local\Microsoft
O43 - CFD: 07/02/2013 - 15:29:11 - [0] ----D C:\Users\Thierry\AppData\Local\Microsoft Help
O43 - CFD: 08/02/2013 - 08:57:25 - [5,850] ----D C:\Users\Thierry\AppData\Local\Mozilla
O43 - CFD: 02/01/2013 - 20:42:42 - [97,211] ----D C:\Users\Thierry\AppData\Local\Packages
O43 - CFD: 15/04/2013 - 11:01:25 - [0,002] ----D C:\Users\Thierry\AppData\Local\pctuto
O43 - CFD: 29/12/2012 - 08:21:23 - [0] ----D C:\Users\Thierry\AppData\Local\Programs
O43 - CFD: 14/04/2013 - 21:23:01 - [0,010] ----D C:\Users\Thierry\AppData\Local\Supreme Savings
O43 - CFD: 15/04/2013 - 20:12:12 - [183,155] ----D C:\Users\Thierry\AppData\Local\Temp
O43 - CFD: 29/12/2012 - 03:13:50 - [0] ----D C:\Users\Thierry\AppData\Local\Temporary Internet Files
O43 - CFD: 14/04/2013 - 21:22:49 - [0,201] ----D C:\Users\Thierry\AppData\Local\Updater19962
O43 - CFD: 29/12/2012 - 03:14:29 - [0] ----D C:\Users\Thierry\AppData\Local\VirtualStore
O43 - CFD: 26/07/2012 - 10:13:00 - [0,004] R---D C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/07/2012 - 10:13:00 - [0,001] R---D C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 29/12/2012 - 23:28:41 - [0,001] ----D C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acer
O43 - CFD: 14/04/2013 - 16:20:23 - [0,000] R---D C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/04/2013 - 21:22:56 - [0,001] ----D C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect  =>Toolbar.Babylon
O43 - CFD: 26/07/2012 - 10:13:00 - [0,000] ----D C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 14/04/2013 - 16:20:23 - [0,000] R---D C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/07/2012 - 10:13:00 - [0,005] R---D C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 06/02/2013 - 14:16:36 - [0,008] ----D C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
~ Program Folder: 156 Scanned in 00mn 14s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.B5A0361825FE2B216FB60329B00DF926] - 15/04/2013 - 19:14:50 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [358083]
O44 - LFC:[MD5.9645084D1B86A9F1C1A7FE5BDDCEFE62] - 15/04/2013 - 18:58:36 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.F1C59DAF0B958C6DBED434DEF9374926] - 14/04/2013 - 21:33:52 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI   [1793362]
O44 - LFC:[MD5.B7B9BE0E093DB6212C09FD31B2028E2B] - 14/04/2013 - 21:33:52 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat   [132614]
O44 - LFC:[MD5.ABC8123FF141AE26EA1B05F145B3C54C] - 14/04/2013 - 21:33:52 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat   [155650]
O44 - LFC:[MD5.1D178A6EA3291AA0F3121276E4F5F1F6] - 14/04/2013 - 21:33:52 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat   [710244]
O44 - LFC:[MD5.D9C5431C12142069EB5518E76D056F66] - 14/04/2013 - 21:33:52 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat   [800978]
O44 - LFC:[MD5.F1C59DAF0B958C6DBED434DEF9374926] - 14/04/2013 - 21:33:52 RSHAD . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1793362]
O44 - LFC:[MD5.B7B9BE0E093DB6212C09FD31B2028E2B] - 14/04/2013 - 21:33:52 RSHAD . (...) -- C:\Windows\System32\perfc009.dat   [132614]
O44 - LFC:[MD5.ABC8123FF141AE26EA1B05F145B3C54C] - 14/04/2013 - 21:33:52 RSHAD . (...) -- C:\Windows\System32\perfc00C.dat   [155650]
O44 - LFC:[MD5.1D178A6EA3291AA0F3121276E4F5F1F6] - 14/04/2013 - 21:33:52 RSHAD . (...) -- C:\Windows\System32\perfh009.dat   [710244]
O44 - LFC:[MD5.D9C5431C12142069EB5518E76D056F66] - 14/04/2013 - 21:33:52 RSHAD . (...) -- C:\Windows\System32\perfh00C.dat   [800978]
O44 - LFC:[MD5.BA5996C46AF098047A0337A540180B71] - 14/04/2013 - 15:56:46 RSHAD . (.GFI Software - gfiark64.sys.) -- C:\Windows\System32\Drivers\gfiark.sys   [38456]
O44 - LFC:[MD5.14908F4F9005C29DE8F5587E271390EE] - 14/04/2013 - 15:29:59 RSHAD . (.GFI Software - GFI Boot Time Operations Driver.) -- C:\Windows\System32\Drivers\gfibto.sys   [14456]
O44 - LFC:[MD5.D95CD9B1BB27B748864DC4914B1ACF05] - 14/04/2013 - 15:27:09 ---A- . (.GFI Software - Boot Delete Utility.) -- C:\Windows\SysNative\sbbd.exe   [47496]
O44 - LFC:[MD5.D95CD9B1BB27B748864DC4914B1ACF05] - 14/04/2013 - 15:27:09 ---A- . (.GFI Software - Boot Delete Utility.) -- C:\Windows\System32\sbbd.exe   [47496]
O44 - LFC:[MD5.952D021D919E8C4A99DC2C807F194352] - 14/04/2013 - 15:10:38 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT   [428552]
O44 - LFC:[MD5.952D021D919E8C4A99DC2C807F194352] - 14/04/2013 - 15:10:38 RSHAD . (...) -- C:\Windows\System32\FNTCACHE.DAT   [428552]
O44 - LFC:[MD5.79F95469604B77296346DE7DB463EA2A] - 14/04/2013 - 06:37:22 ---A- . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\SysNative\wuaueng.dll   [3240448]
O44 - LFC:[MD5.79F95469604B77296346DE7DB463EA2A] - 14/04/2013 - 06:37:22 RSHAD . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll   [3240448]
O44 - LFC:[MD5.F162757540A3307AF777C056544AE871] - 14/04/2013 - 06:37:21 ---A- . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\SysNative\shell32.dll   [19748864]
O44 - LFC:[MD5.F162757540A3307AF777C056544AE871] - 14/04/2013 - 06:37:21 ---A- . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll   [19748864]
O44 - LFC:[MD5.3D1E4E187270B03BA28F8CF0C7C66C22] - 14/04/2013 - 06:37:20 ---A- . (.Microsoft Corporation - TWINUI.) -- C:\Windows\SysNative\twinui.dll   [10116608]
O44 - LFC:[MD5.3D1E4E187270B03BA28F8CF0C7C66C22] - 14/04/2013 - 06:37:20 ---A- . (.Microsoft Corporation - TWINUI.) -- C:\Windows\System32\twinui.dll   [10116608]
O44 - LFC:[MD5.5DF7FCCCCC71E230883DC30AF3FE0203] - 14/04/2013 - 06:37:18 ---A- . (.Microsoft Corporation - Software Protection Platform Plugins.) -- C:\Windows\SysNative\sppobjs.dll   [1161728]
O44 - LFC:[MD5.5DF7FCCCCC71E230883DC30AF3FE0203] - 14/04/2013 - 06:37:18 RSHAD . (.Microsoft Corporation - Software Protection Platform Plugins.) -- C:\Windows\System32\sppobjs.dll   [1161728]
O44 - LFC:[MD5.6587EB86E32C49AC726817220390CFFE] - 14/04/2013 - 06:37:14 ---A- . (.Microsoft Corporation - Microsoft Windows Codecs Library.) -- C:\Windows\SysNative\WindowsCodecs.dll   [1627648]
O44 - LFC:[MD5.6587EB86E32C49AC726817220390CFFE] - 14/04/2013 - 06:37:14 ---A- . (.Microsoft Corporation - Microsoft Windows Codecs Library.) -- C:\Windows\System32\WindowsCodecs.dll   [1627648]
O44 - LFC:[MD5.B6D52E2C38B49A156E58FF5B9C6CA8BE] - 14/04/2013 - 06:37:14 RSHAD . (.Microsoft Corporation - Pilote TCP/IP.) -- C:\Windows\System32\Drivers\tcpip.sys   [2231528]
O44 - LFC:[MD5.0E8924B51839B0CC8AB4B9C456220683] - 14/04/2013 - 06:37:10 ---A- . (.Microsoft Corporation - Media Foundation ASF Source and Sink DLL.) -- C:\Windows\SysNative\mfasfsrcsnk.dll   [1048576]
O44 - LFC:[MD5.0E8924B51839B0CC8AB4B9C456220683] - 14/04/2013 - 06:37:10 ---A- . (.Microsoft Corporation - Media Foundation ASF Source and Sink DLL.) -- C:\Windows\System32\mfasfsrcsnk.dll   [1048576]
O44 - LFC:[MD5.01344DD46C95BC2A478B52AF07336F4A] - 14/04/2013 - 06:37:09 ---A- . (.Microsoft Corporation - Client ActiveX des services Bureau à distan.) -- C:\Windows\SysNative\mstscax.dll   [5978624]
O44 - LFC:[MD5.01344DD46C95BC2A478B52AF07336F4A] - 14/04/2013 - 06:37:09 ---A- . (.Microsoft Corporation - Client ActiveX des services Bureau à distan.) -- C:\Windows\System32\mstscax.dll   [5978624]
O44 - LFC:[MD5.C911D9E6BDE318D513D9168F947E1800] - 14/04/2013 - 06:37:09 ---A- . (.Microsoft Corporation - DLL du Gestionnaire de processus d’arrière-.) -- C:\Windows\SysNative\ubpm.dll   [328192]
O44 - LFC:[MD5.C911D9E6BDE318D513D9168F947E1800] - 14/04/2013 - 06:37:09 ---A- . (.Microsoft Corporation - DLL du Gestionnaire de processus d’arrière-.) -- C:\Windows\System32\ubpm.dll   [328192]
O44 - LFC:[MD5.C7E0C8B888B034D1A66840A5E34D61FC] - 14/04/2013 - 06:37:08 ---A- . (.Microsoft Corporation - BCP47 Language Classes.) -- C:\Windows\SysNative\BCP47Langs.dll   [389120]
O44 - LFC:[MD5.C7E0C8B888B034D1A66840A5E34D61FC] - 14/04/2013 - 06:37:08 ---A- . (.Microsoft Corporation - BCP47 Language Classes.) -- C:\Windows\System32\BCP47Langs.dll   [389120]
O44 - LFC:[MD5.110B70302AC6EC29FE013C5BB99BA559] - 14/04/2013 - 06:37:08 ---A- . (.Microsoft Corporation - WMPMDE DLL.) -- C:\Windows\SysNative\wmpmde.dll   [1101824]
O44 - LFC:[MD5.9531E7D938912F315F8161B5DA5DAD13] - 14/04/2013 - 06:37:08 RSHAD . (.Microsoft Corporation - SCSI Class System Dll.) -- C:\Windows\System32\Drivers\Classpnp.sys   [327912]
O44 - LFC:[MD5.110B70302AC6EC29FE013C5BB99BA559] - 14/04/2013 - 06:37:08 RSHAD . (.Microsoft Corporation - WMPMDE DLL.) -- C:\Windows\System32\wmpmde.dll   [1101824]
O44 - LFC:[MD5.D608E0955BF3623B54CFA1A90FCA59FD] - 14/04/2013 - 06:37:07 ---A- . (.Microsoft Corporation - WinMDE DLL.) -- C:\Windows\SysNative\winmde.dll   [1149952]
O44 - LFC:[MD5.D608E0955BF3623B54CFA1A90FCA59FD] - 14/04/2013 - 06:37:07 ---A- . (.Microsoft Corporation - WinMDE DLL.) -- C:\Windows\System32\winmde.dll   [1149952]
O44 - LFC:[MD5.76E6465F3153FCA20F07928BBA62D7B8] - 14/04/2013 - 06:37:07 ---A- . (.Microsoft Corporation - Windows Globalization.) -- C:\Windows\SysNative\Windows.Globalization.dll   [951808]
O44 - LFC:[MD5.76E6465F3153FCA20F07928BBA62D7B8] - 14/04/2013 - 06:37:07 ---A- . (.Microsoft Corporation - Windows Globalization.) -- C:\Windows\System32\Windows.Globalization.dll   [951808]
O44 - LFC:[MD5.C15FF2B4C82792230CD9742253C68CF1] - 14/04/2013 - 06:37:06 ---A- . (.Microsoft Corporation - API du client Windows Update.) -- C:\Windows\SysNative\wuapi.dll   [760320]
O44 - LFC:[MD5.C15FF2B4C82792230CD9742253C68CF1] - 14/04/2013 - 06:37:06 ---A- . (.Microsoft Corporation - API du client Windows Update.) -- C:\Windows\System32\wuapi.dll   [760320]
O44 - LFC:[MD5.D10587D957CFED8CC3B9B3D017C69003] - 14/04/2013 - 06:37:06 ---A- . (.Microsoft Corporation - Windows Runtime OnlineId Authentication DLL.) -- C:\Windows\SysNative\Windows.Security.Authentication.OnlineId.dll   [645120]
O44 - LFC:[MD5.D10587D957CFED8CC3B9B3D017C69003] - 14/04/2013 - 06:37:06 ---A- . (.Microsoft Corporation - Windows Runtime OnlineId Authentication DLL.) -- C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll   [645120]
O44 - LFC:[MD5.F8E1CA7D41BC44662D7F8936A9588201] - 14/04/2013 - 06:37:05 ---A- . (.Microsoft Corporation - Interface utilisateur d’authentification Wi.) -- C:\Windows\SysNative\authui.dll   [2302464]
O44 - LFC:[MD5.F8E1CA7D41BC44662D7F8936A9588201] - 14/04/2013 - 06:37:05 ---A- . (.Microsoft Corporation - Interface utilisateur d’authentification Wi.) -- C:\Windows\System32\authui.dll   [2302464]
O44 - LFC:[MD5.6FB88606C4A71E1BFAF97D63A676C673] - 14/04/2013 - 06:37:05 ---A- . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll   [180224]
O44 - LFC:[MD5.6FB88606C4A71E1BFAF97D63A676C673] - 14/04/2013 - 06:37:05 RSHAD . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll   [180224]
O44 - LFC:[MD5.4515B9E4140F04FB3907692DF89FCA87] - 14/04/2013 - 06:37:04 ---A- . (.Microsoft Corporation - Service Broker pour les événements horaires.) -- C:\Windows\SysNative\TimeBrokerServer.dll   [171008]
O44 - LFC:[MD5.36E2B5A5AC7688FFB3270F57103507D2] - 14/04/2013 - 06:37:04 RSHAD . (.Microsoft Corporation - FWP/IPsec Kernel-Mode API.) -- C:\Windows\System32\Drivers\FWPKCLNT.SYS   [411880]
O44 - LFC:[MD5.091607B272C5E7BE2DCEF2D5463A407B] - 14/04/2013 - 06:37:04 RSHAD . (.Microsoft Corporation - Microsoft Storage Port Driver.) -- C:\Windows\System32\Drivers\storport.sys   [332520]
O44 - LFC:[MD5.4515B9E4140F04FB3907692DF89FCA87] - 14/04/2013 - 06:37:04 RSHAD . (.Microsoft Corporation - Service Broker pour les événements horaires.) -- C:\Windows\System32\TimeBrokerServer.dll   [171008]
O44 - LFC:[MD5.13795CAA34239D97A7211E7F9D96E012] - 14/04/2013 - 06:37:03 RSHAD . (.Microsoft Corporation - Pilote de bus Bluetooth.) -- C:\Windows\System32\Drivers\bthport.sys   [1175040]
O44 - LFC:[MD5.BE611E28DD9AF75A6B904B55F5D6E6C3] - 14/04/2013 - 06:37:02 ---A- . (.Microsoft Corporation - DLL du moniteur de port d’impression dynami.) -- C:\Windows\SysNative\usbmon.dll   [245248]
O44 - LFC:[MD5.D3CD3034E2292DBECCD3161DC29D8E07] - 14/04/2013 - 06:37:02 ---A- . (.Microsoft Corporation - Objets de configuration du réseau.) -- C:\Windows\SysNative\netcfgx.dll   [455168]
O44 - LFC:[MD5.D3CD3034E2292DBECCD3161DC29D8E07] - 14/04/2013 - 06:37:02 ---A- . (.Microsoft Corporation - Objets de configuration du réseau.) -- C:\Windows\System32\netcfgx.dll   [455168]
O44 - LFC:[MD5.116FBD7F3F98CB90680BCB5E5CBD0715] - 14/04/2013 - 06:37:02 ---A- . (.Microsoft Corporation - Synchronisation des paramètres.) -- C:\Windows\SysNative\SettingSync.dll   [448512]
O44 - LFC:[MD5.116FBD7F3F98CB90680BCB5E5CBD0715] - 14/04/2013 - 06:37:02 ---A- . (.Microsoft Corporation - Synchronisation des paramètres.) -- C:\Windows\System32\SettingSync.dll   [448512]
O44 - LFC:[MD5.3013658A4D327854BEEC4A08D9655194] - 14/04/2013 - 06:37:02 ---A- . (.Microsoft Corporation - Énumérateur d’appareil mobile.) -- C:\Windows\SysNative\wpdbusenum.dll   [103936]
O44 - LFC:[MD5.BE611E28DD9AF75A6B904B55F5D6E6C3] - 14/04/2013 - 06:37:02 RSHAD . (.Microsoft Corporation - DLL du moniteur de port d’impression dynami.) -- C:\Windows\System32\usbmon.dll   [245248]
O44 - LFC:[MD5.3013658A4D327854BEEC4A08D9655194] - 14/04/2013 - 06:37:02 RSHAD . (.Microsoft Corporation - Énumérateur d’appareil mobile.) -- C:\Windows\System32\wpdbusenum.dll   [103936]
O44 - LFC:[MD5.5EE6D3195E6470DB22F480CCF5F5FF4A] - 14/04/2013 - 06:37:00 ---A- . (.Microsoft Corporation - ActiveX Interface Marshaling Library.) -- C:\Windows\SysNative\actxprxy.dll   [2146304]
O44 - LFC:[MD5.5EE6D3195E6470DB22F480CCF5F5FF4A] - 14/04/2013 - 06:37:00 ---A- . (.Microsoft Corporation - ActiveX Interface Marshaling Library.) -- C:\Windows\System32\actxprxy.dll   [2146304]
O44 - LFC:[MD5.500BE6B2E49883720D0AE8BB859ED7A3] - 14/04/2013 - 06:37:00 RSHAD . (.Microsoft Corporation - VHD Miniport Driver.) -- C:\Windows\System32\Drivers\vhdmp.sys   [495336]
O44 - LFC:[MD5.A6B742C6B8CF9A37E0EF470DF890F74B] - 14/04/2013 - 06:36:59 ---A- . (.Microsoft Corporation - Driver Store API.) -- C:\Windows\SysNative\drvstore.dll   [703488]
O44 - LFC:[MD5.A6B742C6B8CF9A37E0EF470DF890F74B] - 14/04/2013 - 06:36:59 ---A- . (.Microsoft Corporation - Driver Store API.) -- C:\Windows\System32\drvstore.dll   [703488]
O44 - LFC:[MD5.69A7C97D2FF3252039F18EB36B4AF76B] - 14/04/2013 - 06:36:59 ---A- . (.Microsoft Corporation - Windows Update client proxy stub.) -- C:\Windows\SysNative\wups.dll   [43520]
O44 - LFC:[MD5.69A7C97D2FF3252039F18EB36B4AF76B] - 14/04/2013 - 06:36:59 ---A- . (.Microsoft Corporation - Windows Update client proxy stub.) -- C:\Windows\System32\wups.dll   [43520]
O44 - LFC:[MD5.ED84544A18C02EE2DF436A94436168BA] - 14/04/2013 - 06:36:58 ---A- . (.Microsoft Corporation - Expérience utilisateur du client Windows Up.) -- C:\Windows\SysNative\wucltux.dll   [1619968]
O44 - LFC:[MD5.3426BE7D0ED8888ACFE04BA6BB9AF83B] - 14/04/2013 - 06:36:58 ---A- . (.Microsoft Corporation - Processus hôte pour Tâches Windows.) -- C:\Windows\SysNative\taskhost.exe   [77824]
O44 - LFC:[MD5.821D79C4602C5BF6C8183630D301638A] - 14/04/2013 - 06:36:58 ---A- . (.Microsoft Corporation - Tâche d’analyse de l’intégrité des données.) -- C:\Windows\SysNative\discan.dll   [150016]
O44 - LFC:[MD5.CCBFCABDFE2BC22F0645CEAADDB36004] - 14/04/2013 - 06:36:58 RSHAD . (.Microsoft Corporation - Bluetooth RFCOMM Driver.) -- C:\Windows\System32\Drivers\rfcomm.sys   [156672]
O44 - LFC:[MD5.ED84544A18C02EE2DF436A94436168BA] - 14/04/2013 - 06:36:58 RSHAD . (.Microsoft Corporation - Expérience utilisateur du client Windows Up.) -- C:\Windows\System32\wucltux.dll   [1619968]
O44 - LFC:[MD5.3426BE7D0ED8888ACFE04BA6BB9AF83B] - 14/04/2013 - 06:36:58 RSHAD . (.Microsoft Corporation - Processus hôte pour Tâches Windows.) -- C:\Windows\System32\taskhost.exe   [77824]
O44 - LFC:[MD5.7D0570A2C678116523BB4932A6D71020] - 14/04/2013 - 06:36:58 RSHAD . (.Microsoft Corporation - SD Crashdump Port Driver.) -- C:\Windows\System32\Drivers\dumpsd.sys   [125160]
O44 - LFC:[MD5.739A739DCC5D02FE30EDEADEBD7B9898] - 14/04/2013 - 06:36:58 RSHAD . (.Microsoft Corporation - Storage Spaces Driver.) -- C:\Windows\System32\Drivers\spaceport.sys   [283880]
O44 - LFC:[MD5.821D79C4602C5BF6C8183630D301638A] - 14/04/2013 - 06:36:58 RSHAD . (.Microsoft Corporation - Tâche d’analyse de l’intégrité des données.) -- C:\Windows\System32\discan.dll   [150016]
O44 - LFC:[MD5.11C0CF143D246E2F0E9BDBF17A0CC70B] - 14/04/2013 - 06:36:58 RSHAD . (.Microsoft Corporation - USB XHCI Driver.) -- C:\Windows\System32\Drivers\USBXHCI.SYS   [337128]
O44 - LFC:[MD5.25FD6AB608C7CFDEAAC24BA882AC4052] - 14/04/2013 - 06:36:57 ---A- . (.Microsoft Corporation - Ndis IM Platform MUX Notify Object.) -- C:\Windows\SysNative\NdisImPlatform.dll   [117248]
O44 - LFC:[MD5.F5BB165DD4C8B784E06E3F0324150E0F] - 14/04/2013 - 06:36:57 ---A- . (.Microsoft Corporation - Panneau de configuration - Gestion de l’ali.) -- C:\Windows\SysNative\powercfg.cpl   [156160]
O44 - LFC:[MD5.F5BB165DD4C8B784E06E3F0324150E0F] - 14/04/2013 - 06:36:57 ---A- . (.Microsoft Corporation - Panneau de configuration - Gestion de l’ali.) -- C:\Windows\System32\powercfg.cpl   [156160]
O44 - LFC:[MD5.3C39BF7BBD73C3D862F5266D316D88D0] - 14/04/2013 - 06:36:57 ---A- . (.Microsoft Corporation - Windows Update.) -- C:\Windows\SysNative\wuauclt.exe   [58288]
O44 - LFC:[MD5.B240874B2CA0CD02E8CD11E140B14C57] - 14/04/2013 - 06:36:57 RSHAD . (.Microsoft Corporation - MS AHCI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\storahci.sys   [77544]
O44 - LFC:[MD5.25FD6AB608C7CFDEAAC24BA882AC4052] - 14/04/2013 - 06:36:57 RSHAD . (.Microsoft Corporation - Ndis IM Platform MUX Notify Object.) -- C:\Windows\System32\NdisImPlatform.dll   [117248]
O44 - LFC:[MD5.6F0BFF80EE2A5BC841286A51F893CBAD] - 14/04/2013 - 06:36:57 RSHAD . (.Microsoft Corporation - Pilote de périphérique TPM.) -- C:\Windows\System32\Drivers\tpm.sys   [148712]
O44 - LFC:[MD5.047315E75392CEA447ACC86257824C16] - 14/04/2013 - 06:36:57 RSHAD . (.Microsoft Corporation - Pilote du bus numérique sécurisé (SD).) -- C:\Windows\System32\Drivers\sdbus.sys   [194792]
O44 - LFC:[MD5.0698DEDEAD6A00AD0D468C687D830FBF] - 14/04/2013 - 06:36:57 RSHAD . (.Microsoft Corporation - Power Dependency Coordinator Driver.) -- C:\Windows\System32\Drivers\pdc.sys   [69864]
O44 - LFC:[MD5.3C39BF7BBD73C3D862F5266D316D88D0] - 14/04/2013 - 06:36:57 RSHAD . (.Microsoft Corporation - Windows Update.) -- C:\Windows\System32\wuauclt.exe   [58288]
O44 - LFC:[MD5.50361572A98348A6E780FFE231B55D49] - 14/04/2013 - 06:36:56 ---A- . (.Microsoft Corporation - DeviceItem inproc devquery subsystem.) -- C:\Windows\SysNative\DevDispItemProvider.dll   [49152]
O44 - LFC:[MD5.50361572A98348A6E780FFE231B55D49] - 14/04/2013 - 06:36:56 ---A- . (.Microsoft Corporation - DeviceItem inproc devquery subsystem.) -- C:\Windows\System32\DevDispItemProvider.dll   [49152]
O44 - LFC:[MD5.3A014B98C45AA8C0E4ABF2AB764F9AAC] - 14/04/2013 - 06:36:56 ---A- . (.Microsoft Corporation - Function Discovery Printer Proxy Dll.) -- C:\Windows\SysNative\WSDPrintProxy.DLL   [71168]
O44 - LFC:[MD5.1F11A9A178E063B2A04C2903C4346B7F] - 14/04/2013 - 06:36:56 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\Windows\SysNative\fsquirt.exe   [240640]
O44 - LFC:[MD5.0899BF12B2142213630D49E645B8A507] - 14/04/2013 - 06:36:56 ---A- . (.Microsoft Corporation - Processus hôte pour Tâches Windows.) -- C:\Windows\SysNative\taskhostex.exe   [72192]
O44 - LFC:[MD5.EF9A6AA4956FCD2D0EECD48ECC54B303] - 14/04/2013 - 06:36:56 ---A- . (.Microsoft Corporation - Windows Update Modern WuApp.) -- C:\Windows\SysNative\WUSettingsProvider.dll   [251904]
O44 - LFC:[MD5.3A014B98C45AA8C0E4ABF2AB764F9AAC] - 14/04/2013 - 06:36:56 RSHAD . (.Microsoft Corporation - Function Discovery Printer Proxy Dll.) -- C:\Windows\System32\WSDPrintProxy.DLL   [71168]
O44 - LFC:[MD5.1F11A9A178E063B2A04C2903C4346B7F] - 14/04/2013 - 06:36:56 RSHAD . (.Microsoft Corporation - Pas de description.) -- C:\Windows\System32\fsquirt.exe   [240640]
O44 - LFC:[MD5.0899BF12B2142213630D49E645B8A507] - 14/04/2013 - 06:36:56 RSHAD . (.Microsoft Corporation - Processus hôte pour Tâches Windows.) -- C:\Windows\System32\taskhostex.exe   [72192]
O44 - LFC:[MD5.EF9A6AA4956FCD2D0EECD48ECC54B303] - 14/04/2013 - 06:36:56 RSHAD . (.Microsoft Corporation - Windows Update Modern WuApp.) -- C:\Windows\System32\WUSettingsProvider.dll   [251904]
O44 - LFC:[MD5.79CE97524CEC063C9A2750CCFE253847] - 14/04/2013 - 06:36:55 ---A- . (.Microsoft Corporation - Authentication Provider.) -- C:\Windows\SysNative\storewuauth.dll   [173568]
O44 - LFC:[MD5.3AF11BF2AA45E222D5923E59596AC984] - 14/04/2013 - 06:36:55 ---A- . (.Microsoft Corporation - Setting Synchronization Information.) -- C:\Windows\SysNative\SettingSyncInfo.dll   [128512]
O44 - LFC:[MD5.3AF11BF2AA45E222D5923E59596AC984] - 14/04/2013 - 06:36:55 ---A- . (.Microsoft Corporation - Setting Synchronization Information.) -- C:\Windows\System32\SettingSyncInfo.dll   [128512]
O44 - LFC:[MD5.05677EEFA7E6AAF414F4C31FD9EBF2C0] - 14/04/2013 - 06:36:55 ---A- . (.Microsoft Corporation - Windows Update Vista Web Control.) -- C:\Windows\SysNative\wuwebv.dll   [141824]
O44 - LFC:[MD5.05677EEFA7E6AAF414F4C31FD9EBF2C0] - 14/04/2013 - 06:36:55 ---A- . (.Microsoft Corporation - Windows Update Vista Web Control.) -- C:\Windows\System32\wuwebv.dll   [141824]
O44 - LFC:[MD5.E781EB5E43013C358B9A335103C2B9AE] - 14/04/2013 - 06:36:55 ---A- . (.Microsoft Corporation - Windows Update WUDriver Stub.) -- C:\Windows\SysNative\wudriver.dll   [98304]
O44 - LFC:[MD5.E781EB5E43013C358B9A335103C2B9AE] - 14/04/2013 - 06:36:55 ---A- . (.Microsoft Corporation - Windows Update WUDriver Stub.) -- C:\Windows\System32\wudriver.dll   [98304]
O44 - LFC:[MD5.79CE97524CEC063C9A2750CCFE253847] - 14/04/2013 - 06:36:55 RSHAD . (.Microsoft Corporation - Authentication Provider.) -- C:\Windows\System32\storewuauth.dll   [173568]
O44 - LFC:[MD5.C0ADEBED913295803B579ED288936CBB] - 14/04/2013 - 06:36:55 RSHAD . (.Microsoft Corporation - Pilote de filtre souris HID.) -- C:\Windows\System32\Drivers\mouhid.sys   [26112]
O44 - LFC:[MD5.750082FFD280AD15DA524379CD863721] - 14/04/2013 - 06:36:53 ---A- . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\SysNative\wuapp.exe   [39424]
O44 - LFC:[MD5.750082FFD280AD15DA524379CD863721] - 14/04/2013 - 06:36:53 ---A- . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\System32\wuapp.exe   [39424]
O44 - LFC:[MD5.EA8EAD3F5B762F889CC7F3966625B48B] - 14/04/2013 - 06:36:53 RSHAD . (.Microsoft Corporation - Monitor Driver.) -- C:\Windows\System32\Drivers\monitor.sys   [30720]
O44 - LFC:[MD5.A8B20D852B07AE19A13B5D47EC4E4C3B] - 14/04/2013 - 06:36:52 RSHAD . (.Microsoft Corporation - Extension de bus Bluetooth.) -- C:\Windows\System32\Drivers\bthenum.sys   [51712]
O44 - LFC:[MD5.1F715957F5236D30B6020A19A4271F6A] - 14/04/2013 - 06:36:52 RSHAD . (.Microsoft Corporation - Pilote de Miniport Bluetooth.) -- C:\Windows\System32\Drivers\BTHUSB.SYS   [74752]
O44 - LFC:[MD5.394ECD933CD66BADF97EA85A183B9E1E] - 10/04/2013 - 20:11:43 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysNative\mshtml.dll   [19230208]
O44 - LFC:[MD5.394ECD933CD66BADF97EA85A183B9E1E] - 10/04/2013 - 20:11:43 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll   [19230208]
O44 - LFC:[MD5.D744D5B8145C2303B19A288AF695E9AD] - 10/04/2013 - 20:11:17 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\SysNative\ieframe.dll   [15404544]
O44 - LFC:[MD5.D744D5B8145C2303B19A288AF695E9AD] - 10/04/2013 - 20:11:17 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll   [15404544]
O44 - LFC:[MD5.DE3C3B1B4FA5FBF1F17BCD3B3AE1ED15] - 10/04/2013 - 20:11:16 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\SysNative\jscript9.dll   [3958784]
O44 - LFC:[MD5.DE3C3B1B4FA5FBF1F17BCD3B3AE1ED15] - 10/04/2013 - 20:11:16 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll   [3958784]
O44 - LFC:[MD5.85F1FE2D5EDBFD26066F5ABB9504A69C] - 10/04/2013 - 20:11:11 ---A- . (.Microsoft Corporation - Utilitaire à l’exécution pour Internet Expl.) -- C:\Windows\SysNative\iertutil.dll   [2647040]
O44 - LFC:[MD5.85F1FE2D5EDBFD26066F5ABB9504A69C] - 10/04/2013 - 20:11:11 ---A- . (.Microsoft Corporation - Utilitaire à l’exécution pour Internet Expl.) -- C:\Windows\System32\iertutil.dll   [2647040]
O44 - LFC:[MD5.753C0848AE7872A3F59663078A517293] - 10/04/2013 - 20:11:10 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\SysNative\wininet.dll   [2240512]
O44 - LFC:[MD5.753C0848AE7872A3F59663078A517293] - 10/04/2013 - 20:11:10 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll   [2240512]
O44 - LFC:[MD5.11B62706B48F8D8F624F39C4F6E98B5C] - 10/04/2013 - 20:11:08 ---A- . (.Microsoft Corporation - Bibliothèque de thèmes Ux Microsoft.) -- C:\Windows\SysNative\uxtheme.dll   [915968]
O44 - LFC:[MD5.11B62706B48F8D8F624F39C4F6E98B5C] - 10/04/2013 - 20:11:08 ---A- . (.Microsoft Corporation - Bibliothèque de thèmes Ux Microsoft.) -- C:\Windows\System32\uxtheme.dll   [915968]
O44 - LFC:[MD5.29812E9971077BE3F8B9DC225CF9D454] - 10/04/2013 - 20:11:08 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysNative\urlmon.dll   [1365504]
O44 - LFC:[MD5.29812E9971077BE3F8B9DC225CF9D454] - 10/04/2013 - 20:11:08 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll   [1365504]
O44 - LFC:[MD5.8C1EFE99D4C9462EF2E10E7140B44D4A] - 10/04/2013 - 20:11:07 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\SysNative\jscript.dll   [855552]
O44 - LFC:[MD5.8C1EFE99D4C9462EF2E10E7140B44D4A] - 10/04/2013 - 20:11:07 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll   [855552]
O44 - LFC:[MD5.268E23EAEDF3FAF87A7A87F0257C9E87] - 10/04/2013 - 20:11:06 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\SysNative\msfeeds.dll   [603136]
O44 - LFC:[MD5.268E23EAEDF3FAF87A7A87F0257C9E87] - 10/04/2013 - 20:11:06 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll   [603136]
O44 - LFC:[MD5.A89103864B67CE1ED3BB5D48569D3D94] - 10/04/2013 - 20:11:05 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\SysNative\ie4uinit.exe   [51712]
O44 - LFC:[MD5.A89103864B67CE1ED3BB5D48569D3D94] - 10/04/2013 - 20:11:05 RSHAD . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe   [51712]
O44 - LFC:[MD5.38BEBBC4CF9FE6566262F0037DF843BF] - 10/04/2013 - 20:11:03 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\SysNative\iesysprep.dll   [136704]
O44 - LFC:[MD5.38BEBBC4CF9FE6566262F0037DF843BF] - 10/04/2013 - 20:11:03 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\System32\iesysprep.dll   [136704]
O44 - LFC:[MD5.194125E7839D4902F2490A70049E8F78] - 10/04/2013 - 20:11:03 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\SysNative\jsproxy.dll   [53248]
O44 - LFC:[MD5.194125E7839D4902F2490A70049E8F78] - 10/04/2013 - 20:11:03 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll   [53248]
O44 - LFC:[MD5.3E56860C3490630B2C9FD5398C10D2E8] - 10/04/2013 - 20:11:02 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\SysNative\mshtml.tlb   [2706432]
O44 - LFC:[MD5.3E56860C3490630B2C9FD5398C10D2E8] - 10/04/2013 - 20:11:02 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb   [2706432]
O44 - LFC:[MD5.73BC115720CB5D6F2FF0F7B4A9C58DF1] - 10/04/2013 - 20:11:02 ---A- . (.Microsoft Corporation - Windows User Experience Session Initializat.) -- C:\Windows\SysNative\UXInit.dll   [53760]
O44 - LFC:[MD5.73BC115720CB5D6F2FF0F7B4A9C58DF1] - 10/04/2013 - 20:11:02 ---A- . (.Microsoft Corporation - Windows User Experience Session Initializat.) -- C:\Windows\System32\UXInit.dll   [53760]
O44 - LFC:[MD5.299F354F0808017F6927B35C8FB6EFCD] - 10/04/2013 - 20:10:41 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\SysNative\ntoskrnl.exe   [6991592]
O44 - LFC:[MD5.299F354F0808017F6927B35C8FB6EFCD] - 10/04/2013 - 20:10:41 RSHAD . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe   [6991592]
O44 - LFC:[MD5.6BF1792C79273D725C09CAEFD05073BB] - 10/04/2013 - 20:10:37 ---A- . (.Microsoft Corporation - DLL de l’agent de récupération Microsoft Wi.) -- C:\Windows\SysNative\ReAgent.dll   [443392]
O44 - LFC:[MD5.6BF1792C79273D725C09CAEFD05073BB] - 10/04/2013 - 20:10:37 ---A- . (.Microsoft Corporation - DLL de l’agent de récupération Microsoft Wi.) -- C:\Windows\System32\ReAgent.dll   [443392]
O44 - LFC:[MD5.79CAB096514C381152F4306BC87A7B29] - 10/04/2013 - 20:10:37 ---A- . (.Microsoft Corporation - Moteur de réinitialisation Microsoft Window.) -- C:\Windows\SysNative\reseteng.dll   [1011200]
O44 - LFC:[MD5.79CAB096514C381152F4306BC87A7B29] - 10/04/2013 - 20:10:37 RSHAD . (.Microsoft Corporation - Moteur de réinitialisation Microsoft Window.) -- C:\Windows\System32\reseteng.dll   [1011200]
O44 - LFC:[MD5.99D404A9A0AFC4734E014EBEBAC13F8F] - 10/04/2013 - 20:10:17 RSHAD . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) -- C:\Windows\System32\Drivers\WdFilter.sys   [230904]
O44 - LFC:[MD5.6F4B5DDDC3B86091E94BC47347A78AF7] - 10/04/2013 - 20:10:14 RSHAD . (.Microsoft Corporation - Microsoft antimalware boot driver.) -- C:\Windows\System32\Drivers\WdBoot.sys   [35232]
O44 - LFC:[MD5.FFBF318B7912CECFADCCB0F2B3FE351E] - 10/04/2013 - 09:15:16 ---A- . (.Microsoft Corporation - Windows.UI.Xaml dll.) -- C:\Windows\SysNative\Windows.UI.Xaml.dll   [13643264]
O44 - LFC:[MD5.FFBF318B7912CECFADCCB0F2B3FE351E] - 10/04/2013 - 09:15:16 ---A- . (.Microsoft Corporation - Windows.UI.Xaml dll.) -- C:\Windows\System32\Windows.UI.Xaml.dll   [13643264]
O44 - LFC:[MD5.910C8964A4F5212C50601BE31607A138] - 10/04/2013 - 09:15:08 ---A- . (.Microsoft Corporation - Extension de synchronisation d’itinérance W.) -- C:\Windows\SysNative\wlroamextension.dll   [543232]
O44 - LFC:[MD5.910C8964A4F5212C50601BE31607A138] - 10/04/2013 - 09:15:08 ---A- . (.Microsoft Corporation - Extension de synchronisation d’itinérance W.) -- C:\Windows\System32\wlroamextension.dll   [543232]
O44 - LFC:[MD5.0E0A4CDB1258FF435D96BA51AB329B7A] - 10/04/2013 - 09:15:08 ---A- . (.Microsoft Corporation - Windows DirectUser Engine.) -- C:\Windows\SysNative\duser.dll   [729600]
O44 - LFC:[MD5.0E0A4CDB1258FF435D96BA51AB329B7A] - 10/04/2013 - 09:15:08 ---A- . (.Microsoft Corporation - Windows DirectUser Engine.) -- C:\Windows\System32\duser.dll   [729600]
O44 - LFC:[MD5.03CFE4108D1DE16D6C59455B5C73319C] - 10/04/2013 - 09:15:06 RSHAD . (.Microsoft Corporation - Pilote NDIS 6.30.) -- C:\Windows\System32\Drivers\ndis.sys   [993512]
O44 - LFC:[MD5.76929F4A69E425911A63B407E26C2589] - 10/04/2013 - 09:15:06 RSHAD . (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\Drivers\ntfs.sys   [1933544]
O44 - LFC:[MD5.5FF52E13C72838D87DAF228EC9E92C89] - 10/04/2013 - 09:15:05 ---A- . (.Microsoft Corporation - Gestionnaire de listes de réseaux.) -- C:\Windows\SysNative\netprofmsvc.dll   [467456]
O44 - LFC:[MD5.6B48734D5856F32A8CACE40CD1AD9B33] - 10/04/2013 - 09:15:05 ---A- . (.Microsoft Corporation - Indicateur d’état de la connectivité réseau.) -- C:\Windows\SysNative\ncsi.dll   [385024]
O44 - LFC:[MD5.1E833CECF75535A4229363C6EB051576] - 10/04/2013 - 09:15:05 ---A- . (.Microsoft Corporation - Mbnapi.) -- C:\Windows\SysNative\WWanAPI.dll   [475136]
O44 - LFC:[MD5.1E833CECF75535A4229363C6EB051576] - 10/04/2013 - 09:15:05 ---A- . (.Microsoft Corporation - Mbnapi.) -- C:\Windows\System32\WWanAPI.dll   [475136]
O44 - LFC:[MD5.1BAF176DEB4E51E3304B21E96C92C2EE] - 10/04/2013 - 09:15:05 ---A- . (.Microsoft Corporation - Windows Networking Connectivity Runtime DLL.) -- C:\Windows\SysNative\Windows.Networking.Connectivity.dll   [293376]
O44 - LFC:[MD5.1BAF176DEB4E51E3304B21E96C92C2EE] - 10/04/2013 - 09:15:05 ---A- . (.Microsoft Corporation - Windows Networking Connectivity Runtime DLL.) -- C:\Windows\System32\Windows.Networking.Connectivity.dll   [293376]
O44 - LFC:[MD5.5FF52E13C72838D87DAF228EC9E92C89] - 10/04/2013 - 09:15:05 RSHAD . (.Microsoft Corporation - Gestionnaire de listes de réseaux.) -- C:\Windows\System32\netprofmsvc.dll   [467456]
O44 - LFC:[MD5.6B48734D5856F32A8CACE40CD1AD9B33] - 10/04/2013 - 09:15:05 RSHAD . (.Microsoft Corporation - Indicateur d’état de la connectivité réseau.) -- C:\Windows\System32\ncsi.dll   [385024]
O44 - LFC:[MD5.65486CEEC02392414ABBB0840D6C3551] - 10/04/2013 - 09:15:04 ---A- . (.Microsoft Corporation - Authentification de zone d’accès sans fil M.) -- C:\Windows\SysNative\hotspotauth.dll   [260096]
O44 - LFC:[MD5.65486CEEC02392414ABBB0840D6C3551] - 10/04/2013 - 09:15:04 RSHAD . (.Microsoft Corporation - Authentification de zone d’accès sans fil M.) -- C:\Windows\System32\hotspotauth.dll   [260096]
O44 - LFC:[MD5.ADBF89B8E0BB372FEFE2E4B84E1E20AE] - 10/04/2013 - 09:15:04 RSHAD . (.Microsoft Corporation - Default Hub Driver for USB.) -- C:\Windows\System32\Drivers\usbhub.sys   [496872]
O44 - LFC:[MD5.29BCBB222ED7AE4B7F57AFF19A107BE5] - 10/04/2013 - 09:15:03 ---A- . (.Microsoft Corporation - XPS Rasterization Service Component.) -- C:\Windows\SysNative\XpsRasterService.dll   [228352]
O44 - LFC:[MD5.29BCBB222ED7AE4B7F57AFF19A107BE5] - 10/04/2013 - 09:15:03 ---A- . (.Microsoft Corporation - XPS Rasterization Service Component.) -- C:\Windows\System32\XpsRasterService.dll   [228352]
O44 - LFC:[MD5.F17DEEAC7D51D44CF1BFF8DD4F0A2B6D] - 10/04/2013 - 09:15:03 RSHAD . (.Microsoft Corporation - HID de contrôle à distance audio/vidéo Blue.) -- C:\Windows\System32\Drivers\BthAvrcpTg.sys   [37632]
O44 - LFC:[MD5.36C27EA76685391BC5CAA1FA25E29FBF] - 10/04/2013 - 09:15:03 RSHAD . (.Microsoft Corporation - Kernel CSA Library.) -- C:\Windows\System32\Drivers\ks.sys   [297984]
O44 - LFC:[MD5.C5986337DE3BF63ABD9ED4D834D34B89] - 10/04/2013 - 09:15:03 RSHAD . (.Microsoft Corporation - USB3 HUB Driver.) -- C:\Windows\System32\Drivers\USBHUB3.SYS   [446184]
O44 - LFC:[MD5.796BF29C0A610B182E3C832969506764] - 10/04/2013 - 09:15:02 ---A- . (.Microsoft Corporation - Fournisseur d’impression de rendu côté clie.) -- C:\Windows\SysNative\win32spl.dll   [731648]
O44 - LFC:[MD5.18EE8CBF1E7138A5D0B826678597B423] - 10/04/2013 - 09:15:02 ---A- . (.Microsoft Corporation - Terminer les processus.) -- C:\Windows\SysNative\taskkill.exe   [107520]
O44 - LFC:[MD5.18EE8CBF1E7138A5D0B826678597B423] - 10/04/2013 - 09:15:02 ---A- . (.Microsoft Corporation - Terminer les processus.) -- C:\Windows\System32\taskkill.exe   [107520]
O44 - LFC:[MD5.796BF29C0A610B182E3C832969506764] - 10/04/2013 - 09:15:02 RSHAD . (.Microsoft Corporation - Fournisseur d’impression de rendu côté clie.) -- C:\Windows\System32\win32spl.dll   [731648]
O44 - LFC:[MD5.D43C6EBB5CD9373D4E463BCD77A4CCF0] - 10/04/2013 - 09:15:01 ---A- . (.Microsoft Corporation - Liste les tâches en cours d’exécution.) -- C:\Windows\SysNative\tasklist.exe   [102400]
O44 - LFC:[MD5.D43C6EBB5CD9373D4E463BCD77A4CCF0] - 10/04/2013 - 09:15:01 ---A- . (.Microsoft Corporation - Liste les tâches en cours d’exécution.) -- C:\Windows\System32\tasklist.exe   [102400]
O44 - LFC:[MD5.91106E9FFD5A2F1D23266962C84BD00D] - 10/04/2013 - 09:15:01 ---A- . (.Microsoft Corporation - Microsoft Windows Mobile Broadband SMS API.) -- C:\Windows\SysNative\mbsmsapi.dll   [225280]
O44 - LFC:[MD5.91106E9FFD5A2F1D23266962C84BD00D] - 10/04/2013 - 09:15:01 ---A- . (.Microsoft Corporation - Microsoft Windows Mobile Broadband SMS API.) -- C:\Windows\System32\mbsmsapi.dll   [225280]
O44 - LFC:[MD5.4205D34C3332FCE30C2BC88A2F5A6AF4] - 10/04/2013 - 09:14:59 ---A- . (.Microsoft Corporation - Programme d’installation de la classe de co.) -- C:\Windows\SysNative\wpd_ci.dll   [611840]
O44 - LFC:[MD5.6B7979E7C1FFDCF917DD749EBCB2BD59] - 10/04/2013 - 09:14:59 RSHAD . (.Microsoft Corporation - Crash Dump Driver.) -- C:\Windows\System32\Drivers\crashdmp.sys   [61672]
O44 - LFC:[MD5.4205D34C3332FCE30C2BC88A2F5A6AF4] - 10/04/2013 - 09:14:59 RSHAD . (.Microsoft Corporation - Programme d’installation de la classe de co.) -- C:\Windows\System32\wpd_ci.dll   [611840]
O44 - LFC:[MD5.5F70EBFC1F75B487DE79501E3CCBDB54] - 10/04/2013 - 09:14:58 ---A- . (.Microsoft Corporation - Service de rapport d’erreurs Windows.) -- C:\Windows\SysNative\wersvc.dll   [87552]
O44 - LFC:[MD5.D1BC8FDE18E9CD81912CFDA2CCFC5531] - 10/04/2013 - 09:14:58 RSHAD . (.Microsoft Corporation - Hid Class Library.) -- C:\Windows\System32\Drivers\hidclass.sys   [82944]
O44 - LFC:[MD5.5F70EBFC1F75B487DE79501E3CCBDB54] - 10/04/2013 - 09:14:58 RSHAD . (.Microsoft Corporation - Service de rapport d’erreurs Windows.) -- C:\Windows\System32\wersvc.dll   [87552]
O44 - LFC:[MD5.56B47E621B2F06F20FBE7511E7B65096] - 10/04/2013 - 09:14:57 ---A- . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\SysNative\schannel.dll   [416256]
O44 - LFC:[MD5.56B47E621B2F06F20FBE7511E7B65096] - 10/04/2013 - 09:14:57 ---A- . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll   [416256]
O44 - LFC:[MD5.173FCB500DEC33373FA6DBA6EA8A11DA] - 10/04/2013 - 09:14:09 ---A- . (.Microsoft Corporation - Microsoft Management Console.) -- C:\Windows\SysNative\mmc.exe   [2094592]
O44 - LFC:[MD5.173FCB500DEC33373FA6DBA6EA8A11DA] - 10/04/2013 - 09:14:09 ---A- . (.Microsoft Corporation - Microsoft Management Console.) -- C:\Windows\System32\mmc.exe   [2094592]
O44 - LFC:[MD5.B330CE47FB74A6BE9A3FFFF4B3F64D9B] - 10/04/2013 - 09:14:09 ---A- . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\SysNative\wlidsvc.dll   [1964544]
O44 - LFC:[MD5.B330CE47FB74A6BE9A3FFFF4B3F64D9B] - 10/04/2013 - 09:14:09 RSHAD . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll   [1964544]
O44 - LFC:[MD5.ED120AA770A78B5079F8C7BB5AF8A035] - 10/04/2013 - 09:14:04 RSHAD . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys   [1448168]
O44 - LFC:[MD5.F9D9FAA0E2460EDA807C32391E5B6DAE] - 10/04/2013 - 09:14:00 ---A- . (.Microsoft Corporation - DLL de MSCTF Server.) -- C:\Windows\SysNative\msctf.dll   [1120768]
O44 - LFC:[MD5.F9D9FAA0E2460EDA807C32391E5B6DAE] - 10/04/2013 - 09:14:00 ---A- . (.Microsoft Corporation - DLL de MSCTF Server.) -- C:\Windows\System32\msctf.dll   [1120768]
O44 - LFC:[MD5.7653DB77F0DB2A50392F015321E42E37] - 10/04/2013 - 09:13:58 ---A- . (.Microsoft Corporation - Installation de L’API Windows.) -- C:\Windows\SysNative\setupapi.dll   [1886208]
O44 - LFC:[MD5.7653DB77F0DB2A50392F015321E42E37] - 10/04/2013 - 09:13:58 ---A- . (.Microsoft Corporation - Installation de L’API Windows.) -- C:\Windows\System32\setupapi.dll   [1886208]
O44 - LFC:[MD5.60CAB7E74DCE70EE38B810E36756360D] - 10/04/2013 - 09:13:58 ---A- . (.Microsoft Corporation - Windows Media Runtime DLL.) -- C:\Windows\SysNative\Windows.Media.dll   [406016]
O44 - LFC:[MD5.60CAB7E74DCE70EE38B810E36756360D] - 10/04/2013 - 09:13:58 ---A- . (.Microsoft Corporation - Windows Media Runtime DLL.) -- C:\Windows\System32\Windows.Media.dll   [406016]
O44 - LFC:[MD5.A57BA284F5996FFD32DCDBC41A4657DB] - 10/04/2013 - 09:13:57 ---A- . (.Microsoft Corporation - Service du gestionnaire de session locale.) -- C:\Windows\SysNative\lsm.dll   [438272]
O44 - LFC:[MD5.A57BA284F5996FFD32DCDBC41A4657DB] - 10/04/2013 - 09:13:57 RSHAD . (.Microsoft Corporation - Service du gestionnaire de session locale.) -- C:\Windows\System32\lsm.dll   [438272]
O44 - LFC:[MD5.C2504AA983B5D411F7D31402E8B57725] - 10/04/2013 - 09:13:56 RSHAD . (.Microsoft Corporation - High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\HdAudio.sys   [341504]
O44 - LFC:[MD5.C32A7A39B960A42BA9D4FBE47213CA03] - 10/04/2013 - 09:13:52 RSHAD . (.Microsoft Corporation - GPIO Button Driver.) -- C:\Windows\System32\Drivers\msgpiowin32.sys   [28904]
O44 - LFC:[MD5.2ADC985B85A71BD7D99712EC0C24358B] - 10/04/2013 - 09:13:48 RSHAD . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) -- C:\Windows\System32\Drivers\Wdf01000.sys   [785504]
O44 - LFC:[MD5.C217B8D2E58C57A319B16125C3D4B69C] - 10/04/2013 - 09:13:44 ---A- . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\SysNative\iphlpsvc.dll   [894464]
O44 - LFC:[MD5.D6ACCF9F2EEEEA711C14EFD976E573F3] - 10/04/2013 - 09:13:44 RSHAD . (.Microsoft Corporation - Partition Management Driver.) -- C:\Windows\System32\Drivers\partmgr.sys   [91880]
O44 - LFC:[MD5.C217B8D2E58C57A319B16125C3D4B69C] - 10/04/2013 - 09:13:44 RSHAD . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll   [894464]
O44 - LFC:[MD5.28619B6E5A37F71AE1145643949CFA60] - 10/04/2013 - 09:13:40 RSHAD . (.Microsoft Corporation - DirectX Graphics MMS.) -- C:\Windows\System32\Drivers\dxgmms1.sys   [303848]
O44 - LFC:[MD5.A9183C3BA3759453F4DEF922F9500078] - 10/04/2013 - 09:13:39 ---A- . (.Microsoft Corporation - DLL Windows.Networking.) -- C:\Windows\SysNative\Windows.Networking.dll   [594944]
O44 - LFC:[MD5.A9183C3BA3759453F4DEF922F9500078] - 10/04/2013 - 09:13:39 ---A- . (.Microsoft Corporation - DLL Windows.Networking.) -- C:\Windows\System32\Windows.Networking.dll   [594944]
O44 - LFC:[MD5.644F1A561B82F670A7A9A613FA8C462B] - 10/04/2013 - 09:13:39 ---A- . (.Microsoft Corporation - DLL du service d’impression Internet.) -- C:\Windows\SysNative\inetpp.dll   [159232]
O44 - LFC:[MD5.644F1A561B82F670A7A9A613FA8C462B] - 10/04/2013 - 09:13:39 RSHAD . (.Microsoft Corporation - DLL du service d’impression Internet.) -- C:\Windows\System32\inetpp.dll   [159232]
O44 - LFC:[MD5.E57756F3A0B90E665FCE4527104C2D1D] - 10/04/2013 - 09:13:38 ---A- . (.Microsoft Corporation - Windows Media MPEG-4 S Video Decoder.) -- C:\Windows\SysNative\MP4SDECD.DLL   [666112]
O44 - LFC:[MD5.E57756F3A0B90E665FCE4527104C2D1D] - 10/04/2013 - 09:13:38 ---A- . (.Microsoft Corporation - Windows Media MPEG-4 S Video Decoder.) -- C:\Windows\System32\MP4SDECD.DLL   [666112]
O44 - LFC:[MD5.79FE8418CD57C9E2BDDC2FB0CC2BFB05] - 10/04/2013 - 09:13:37 ---A- . (.Microsoft Corporation - DLL Serveur SAM.) -- C:\Windows\SysNative\samsrv.dll   [728064]
O44 - LFC:[MD5.79FE8418CD57C9E2BDDC2FB0CC2BFB05] - 10/04/2013 - 09:13:37 RSHAD . (.Microsoft Corporation - DLL Serveur SAM.) -- C:\Windows\System32\samsrv.dll   [728064]
O44 - LFC:[MD5.6927AFA68FBD3047A29C9B324272A783] - 10/04/2013 - 09:13:36 ---A- . (.Microsoft Corporation - Assistant Acquisition de photographies Wind.) -- C:\Windows\SysNative\wiaacmgr.exe   [95232]
O44 - LFC:[MD5.6927AFA68FBD3047A29C9B324272A783] - 10/04/2013 - 09:13:36 ---A- . (.Microsoft Corporation - Assistant Acquisition de photographies Wind.) -- C:\Windows\System32\wiaacmgr.exe   [95232]
O44 - LFC:[MD5.B852BB8E1D0902064346A09A7B32FC17] - 10/04/2013 - 09:13:36 ---A- . (.Microsoft Corporation - Moniteur de port d’imprimante WSD.) -- C:\Windows\SysNative\WSDMon.dll   [256000]
O44 - LFC:[MD5.B852BB8E1D0902064346A09A7B32FC17] - 10/04/2013 - 09:13:36 RSHAD . (.Microsoft Corporation - Moniteur de port d’imprimante WSD.) -- C:\Windows\System32\WSDMon.dll   [256000]
O44 - LFC:[MD5.8BD33FC2A78607E00D012D550C0E2E69] - 10/04/2013 - 09:13:35 ---A- . (.Microsoft Corporation - Service Broker pour les connexions réseau.) -- C:\Windows\SysNative\ncbservice.dll   [171520]
O44 - LFC:[MD5.8BD33FC2A78607E00D012D550C0E2E69] - 10/04/2013 - 09:13:35 RSHAD . (.Microsoft Corporation - Service Broker pour les connexions réseau.) -- C:\Windows\System32\ncbservice.dll   [171520]
O44 - LFC:[MD5.104BA949E64659ED6B8D23BA08299F55] - 10/04/2013 - 09:13:34 ---A- . (.Microsoft Corporation - Proxy Manager.) -- C:\Windows\SysNative\httpprxm.dll   [107520]
O44 - LFC:[MD5.104BA949E64659ED6B8D23BA08299F55] - 10/04/2013 - 09:13:34 RSHAD . (.Microsoft Corporation - Proxy Manager.) -- C:\Windows\System32\httpprxm.dll   [107520]
O44 - LFC:[MD5.0E2BB2E43DCCE4ED986BF3B8641DFC08] - 10/04/2013 - 09:13:33 ---A- . (.Microsoft Corporation - AD Harvest Sites and Subnets Service.) -- C:\Windows\SysNative\adhsvc.dll   [62464]
O44 - LFC:[MD5.0E2BB2E43DCCE4ED986BF3B8641DFC08] - 10/04/2013 - 09:13:33 RSHAD . (.Microsoft Corporation - AD Harvest Sites and Subnets Service.) -- C:\Windows\System32\adhsvc.dll   [62464]
O44 - LFC:[MD5.D87775F050DD29AADDF479F5C17E4200] - 10/04/2013 - 09:13:29 ---A- . (.Microsoft Corporation - AD harvest sites and subnets API.) -- C:\Windows\SysNative\adhapi.dll   [22528]
O44 - LFC:[MD5.D87775F050DD29AADDF479F5C17E4200] - 10/04/2013 - 09:13:29 RSHAD . (.Microsoft Corporation - AD harvest sites and subnets API.) -- C:\Windows\System32\adhapi.dll   [22528]
O44 - LFC:[MD5.722AD253B1F2697D9D5D0E5347952375] - 10/04/2013 - 09:13:23 ---A- . (.Microsoft Corporation - Keep alive provider API.) -- C:\Windows\SysNative\keepaliveprovider.dll   [15872]
O44 - LFC:[MD5.722AD253B1F2697D9D5D0E5347952375] - 10/04/2013 - 09:13:23 RSHAD . (.Microsoft Corporation - Keep alive provider API.) -- C:\Windows\System32\keepaliveprovider.dll   [15872]
O44 - LFC:[MD5.5AACB04BA3A0DB236EA8D510A66F5E26] - 10/04/2013 - 09:13:22 ---A- . (.Microsoft Corporation - Proxy Manager Provider RPC interface.) -- C:\Windows\SysNative\httpprxp.dll   [17920]
O44 - LFC:[MD5.5AACB04BA3A0DB236EA8D510A66F5E26] - 10/04/2013 - 09:13:22 RSHAD . (.Microsoft Corporation - Proxy Manager Provider RPC interface.) -- C:\Windows\System32\httpprxp.dll   [17920]
O44 - LFC:[MD5.F0D21E5961BAD38E26DA19D34EC7234B] - 10/04/2013 - 09:10:45 ---A- . (.Microsoft Corporation - Media Foundation Media Engine DLL.) -- C:\Windows\SysNative\MFMediaEngine.dll   [468992]
O44 - LFC:[MD5.F0D21E5961BAD38E26DA19D34EC7234B] - 10/04/2013 - 09:10:45 ---A- . (.Microsoft Corporation - Media Foundation Media Engine DLL.) -- C:\Windows\System32\MFMediaEngine.dll   [468992]
O44 - LFC:[MD5.93179D48066918323628CB016D8C94DC] - 10/04/2013 - 09:10:30 RSHAD . (.Microsoft Corporation - Minirdr SMB Windows NT.) -- C:\Windows\System32\Drivers\mrxsmb.sys   [370688]
O44 - LFC:[MD5.5C7DD2E5759FFCCD2C7341C1B90F2B26] - 10/04/2013 - 09:10:29 RSHAD . (.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) -- C:\Windows\System32\Drivers\mrxsmb20.sys   [215552]
O44 - LFC:[MD5.9912FDF63EC78E1977083E20DEAE4889] - 10/04/2013 - 09:10:29 RSHAD . (.Microsoft Corporation - Pilote de serveur SMB 2.0.) -- C:\Windows\System32\Drivers\srv2.sys   [622080]
O44 - LFC:[MD5.FD8B4F201B681C555A4AF41922C52557] - 10/04/2013 - 09:10:29 RSHAD . (.Microsoft Corporation - Server Network driver.) -- C:\Windows\System32\Drivers\srvnet.sys   [247808]
O44 - LFC:[MD5.8542BEA78795403D705A21B83ABD589F] - 10/04/2013 - 09:10:11 ---A- . (.Microsoft Corporation - Microsoft GDI+.) -- C:\Windows\SysNative\GdiPlus.dll   [1690624]
O44 - LFC:[MD5.8542BEA78795403D705A21B83ABD589F] - 10/04/2013 - 09:10:11 ---A- . (.Microsoft Corporation - Microsoft GDI+.) -- C:\Windows\System32\GdiPlus.dll   [1690624]
O44 - LFC:[MD5.BDE6B6048E943717D0B5EED35A821150] - 10/04/2013 - 09:09:30 RSHAD . (.Microsoft Corporation - Remote NDIS USB Driver.) -- C:\Windows\System32\Drivers\usb8023.sys   [20992]
O44 - LFC:[MD5.0BB97D43299910CBFBA59C461B99B910] - 04/04/2013 - 13:50:32 RSHAD . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys   [25928]
O44 - LFC:[MD5.418DEAE7CF8D44CF0496029C283C91A4] - 03/04/2013 - 18:34:21 ---A- . (.CANON INC. - IJ Language Monitor.) -- C:\Windows\SysNative\CNMLMBC.DLL   [389120]
O44 - LFC:[MD5.418DEAE7CF8D44CF0496029C283C91A4] - 03/04/2013 - 18:34:21 RSHAD . (.CANON INC. - IJ Language Monitor.) -- C:\Windows\System32\CNMLMBC.DLL   [389120]
O44 - LFC:[MD5.ED1320FB0C578E1F7AC4FE836CCA0824] - 02/04/2013 - 11:34:28 ----- . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\Windows\SysNative\MpSigStub.exe   [282744]
O44 - LFC:[MD5.ED1320FB0C578E1F7AC4FE836CCA0824] - 02/04/2013 - 11:34:28 RSHAD . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\Windows\System32\MpSigStub.exe   [282744]
O44 - LFC:[MD5.D5B800C7E730BDAFF36FE6FC64EB34A1] - 01/04/2013 - 18:58:38 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\SysNative\MRT.exe   [72702784]
O44 - LFC:[MD5.D5B800C7E730BDAFF36FE6FC64EB34A1] - 01/04/2013 - 18:58:38 RSHAD . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe   [72702784]
O44 - LFC:[MD5.9E93469F299BBCB4ECD1378403C9B8CD] - 19/03/2013 - 23:19:24 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\SysNative\win32k.sys   [4041728]
O44 - LFC:[MD5.9E93469F299BBCB4ECD1378403C9B8CD] - 19/03/2013 - 23:19:24 RSHAD . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys   [4041728]
O44 - LFC:[MD5.4FD2E5BDBBBAB094B65E76908F9FADB3] - 21/02/2013 - 00:08:17 ---A- . (...) -- C:\Windows\SysNative\ApnDatabase.xml   [387867]
O44 - LFC:[MD5.4FD2E5BDBBBAB094B65E76908F9FADB3] - 21/02/2013 - 00:08:17 RSHAD . (...) -- C:\Windows\System32\ApnDatabase.xml   [387867]
~ Files: 256 Scanned in 00mn 33s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.46E95CB05721D9D0D7F8351781B0D9ED] - 03/04/2013 - 18:31:36 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-9BEFD070.pf
O45 - LFCP:[MD5.8B3244BDA2F81588EDCD06FD5FC86607] - 03/04/2013 - 18:35:14 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-B0D35A7E.pf
O45 - LFCP:[MD5.6A245FF2AE787FE466700E78F753F324] - 03/04/2013 - 18:38:23 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-CE368481.pf
O45 - LFCP:[MD5.F0D637D2BA524391CA1A09DEB5683E58] - 10/04/2013 - 09:11:58 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-5ECC1B9F.pf
O45 - LFCP:[MD5.A1D0B56B5596BAAF8E76800C8B508E3E] - 10/04/2013 - 09:13:10 ---A- - C:\Windows\Prefetch\MCOCROLLBACK.EXE-48449529.pf
O45 - LFCP:[MD5.5071CF94F57E9AD2556C69986763A50B] - 10/04/2013 - 10:53:55 ---A- - C:\Windows\Prefetch\ACERCLOUD DOCS.EXE-BD9B7EA4.pf
O45 - LFCP:[MD5.BE40486B4F2E9FCAA05B9E2D29EEFF1A] - 10/04/2013 - 11:41:10 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-44194444.pf
O45 - LFCP:[MD5.E286F7659BD8A4155555966A6381FB70] - 10/04/2013 - 11:45:24 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-F7FB8768.pf
O45 - LFCP:[MD5.BA473BC1183950470DBCBF8CFB86C9A5] - 10/04/2013 - 13:01:45 ---A- - C:\Windows\Prefetch\SETUP_WM.EXE-5D2609E7.pf
O45 - LFCP:[MD5.4BA0C5B92AD3CF0D81DD8609607DABAB] - 10/04/2013 - 13:55:16 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-917C29EF.pf
O45 - LFCP:[MD5.D4D07EBAF67434F0668ED671C1DC254A] - 10/04/2013 - 17:24:06 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-08E78623.pf
O45 - LFCP:[MD5.8B41D7A612B1C83A8DDEE3BDE9353734] - 10/04/2013 - 17:36:37 ---A- - C:\Windows\Prefetch\WMPLAYER.EXE-B0AD61F0.pf
O45 - LFCP:[MD5.B7ECBA7600B2FA72EDF7FA3163F38752] - 10/04/2013 - 20:32:55 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-2D7D5944.pf
O45 - LFCP:[MD5.D59109153BF40C802875FF79C5B4E713] - 10/04/2013 - 20:38:24 ---A- - C:\Windows\Prefetch\MCUIHOST.EXE-AE5E0AD4.pf
O45 - LFCP:[MD5.31C924EB2E29A3813AE5E9B4C7812070] - 10/04/2013 - 20:39:18 ---A- - C:\Windows\Prefetch\MCINSTRU.EXE-F710CFF1.pf
O45 - LFCP:[MD5.5F2C86A6819B8041AB9F26548D682FAE] - 10/04/2013 - 20:39:31 ---A- - C:\Windows\Prefetch\SC.EXE-443D0E78.pf
O45 - LFCP:[MD5.2B21008A38DB7F9D109ED0070B95EFC5] - 10/04/2013 - 20:41:21 ---A- - C:\Windows\Prefetch\SAUI.EXE-E1257AE8.pf
O45 - LFCP:[MD5.7B59800FB00B947749CD4F0871F5ED08] - 10/04/2013 - 20:46:12 ---A- - C:\Windows\Prefetch\BACKUPMANAGERTRAY.EXE-4372E317.pf
O45 - LFCP:[MD5.F24A4D3C9400CE118A980F76E68389D8] - 10/04/2013 - 20:47:04 ---A- - C:\Windows\Prefetch\MSDT.EXE-A16F1692.pf
O45 - LFCP:[MD5.47C85E11DBF244425B89DF5A79A8F8FD] - 11/04/2013 - 06:52:31 ---A- - C:\Windows\Prefetch\ECBL-LBP.EXE-2976D4F3.pf
O45 - LFCP:[MD5.14043C3949C7438004EA8E7BDDFFE1E7] - 11/04/2013 - 06:57:59 ---A- - C:\Windows\Prefetch\JUCHECK.EXE-3F4853CB.pf
O45 - LFCP:[MD5.E73C4D3C1363BCF527525F7409289415] - 11/04/2013 - 06:58:14 ---A- - C:\Windows\Prefetch\JRE-7U17-WINDOWS-I586-IFTW.EX-F35DFBD8.pf
O45 - LFCP:[MD5.B1474EBDBE7FBC80922178CF1382674E] - 11/04/2013 - 07:22:06 ---A- - C:\Windows\Prefetch\MBAM-SETUP-1.75.0.1300.TMP-E90E4E09.pf
O45 - LFCP:[MD5.07E1DE47865E3627DB9AEA8C5A4DF2E0] - 11/04/2013 - 07:23:48 ---A- - C:\Windows\Prefetch\MBAM.EXE-125A28F9.pf
O45 - LFCP:[MD5.5C635206123B098181F11F901D6CF7C8] - 11/04/2013 - 07:28:02 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-B28CC291.pf
O45 - LFCP:[MD5.8D8DC15013C4B89F20BC80AA4F799BCA] - 11/04/2013 - 08:10:59 ---A- - C:\Windows\Prefetch\FIREFOX SETUP 20.0.EXE-4A14D418.pf
O45 - LFCP:[MD5.2826BC33AFA64DD3441DB3C9D7014C63] - 11/04/2013 - 08:11:23 ---A- - C:\Windows\Prefetch\SETUP.EXE-14540DE0.pf
O45 - LFCP:[MD5.7D5E43BFEFBA28ED2621D0E0D2357A38] - 11/04/2013 - 11:16:20 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-92AE8069.pf
O45 - LFCP:[MD5.095672D06D3498658438EB3046974C26] - 11/04/2013 - 12:22:29 ---A- - C:\Windows\Prefetch\GLCND.EXE-DD45F588.pf
O45 - LFCP:[MD5.F4C489C22785CFB9468046B6C57F3E8E] - 11/04/2013 - 12:36:35 ---A- - C:\Windows\Prefetch\INSTALL_READER11_FR_GTBD_CHRD-835BBA9A.pf
O45 - LFCP:[MD5.84A53D562A4E8E141675D6C742605FA0] - 11/04/2013 - 12:38:10 ---A- - C:\Windows\Prefetch\SETUP.EXE-8A9CE894.pf
O45 - LFCP:[MD5.64320BD61953A04BE557B12DDEA4D248] - 11/04/2013 - 12:41:22 ---A- - C:\Windows\Prefetch\EULA.EXE-0C63FE43.pf
O45 - LFCP:[MD5.83E74F84C15513B0478B7733CB51EF0E] - 11/04/2013 - 14:21:26 ---A- - C:\Windows\Prefetch\DSMUSERTASK.EXE-D4A83970.pf
O45 - LFCP:[MD5.FE4461E25800BDE8691A8A57F011D8D3] - 11/04/2013 - 18:32:12 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-28A962DF.pf
O45 - LFCP:[MD5.3FF308536E7AC09F014E95531D7B4EA8] - 11/04/2013 - 18:41:20 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-29741569.pf
O45 - LFCP:[MD5.EDB53A793D03EB58D681297A21CF15C4] - 12/04/2013 - 08:20:18 ---A- - C:\Windows\Prefetch\AgCx_SC2.db
O45 - LFCP:[MD5.0F89CF634B30512770527F5E30660E31] - 12/04/2013 - 08:25:08 ---A- - C:\Windows\Prefetch\EXCEL.EXE-A8B924E9.pf
O45 - LFCP:[MD5.C37F3766881474807AE011DBC0C65B95] - 12/04/2013 - 08:40:10 ---A- - C:\Windows\Prefetch\UPDATER.EXE-F778FE6A.pf
O45 - LFCP:[MD5.994DF7DB644279E4987417CEC5F78093] - 12/04/2013 - 08:40:19 ---A- - C:\Windows\Prefetch\MAINTENANCESERVICE_INSTALLER.-A809585F.pf
O45 - LFCP:[MD5.6AD38B4A4C3313C90CC185C2FC2FF8BE] - 12/04/2013 - 14:14:25 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-07C949FF.pf
O45 - LFCP:[MD5.981D0F11EF0BA2CE21CC1079E5AE5E06] - 12/04/2013 - 17:21:56 ---A- - C:\Windows\Prefetch\WINWORD.EXE-4C6BDD9E.pf
O45 - LFCP:[MD5.095F886DE5607494171D834BC0C6293B] - 14/04/2013 - 06:57:12 ---A- - C:\Windows\Prefetch\dynreservedpri.db
O45 - LFCP:[MD5.643437FA3A7210CF012ED41DDF54FEBB] - 14/04/2013 - 09:04:11 ---A- - C:\Windows\Prefetch\SPLWOW64.EXE-853292E2.pf
O45 - LFCP:[MD5.B4F359A5B1CD893092BEC4254DDA78DA] - 14/04/2013 - 09:04:27 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-ADA02D4A.pf
O45 - LFCP:[MD5.F9C84EB1FD530896D375BC6A991A547F] - 14/04/2013 - 15:21:25 ---A- - C:\Windows\Prefetch\AgCx_SC4.db
O45 - LFCP:[MD5.CFEE32D3D7A0393DDEA5C96CC2DDD606] - 14/04/2013 - 15:30:08 ---A- - C:\Windows\Prefetch\ADAWARE_INSTALLER.EXE-48F49081.pf
O45 - LFCP:[MD5.7E28F47CDEC5868C2345DF37082E3D27] - 14/04/2013 - 15:31:11 ---A- - C:\Windows\Prefetch\8E07AC32-6229-4A8D-B1A9-2F2D9-151AF6A5.pf
O45 - LFCP:[MD5.2881551907E3002C226D44F1B14E476F] - 14/04/2013 - 15:31:19 ---A- - C:\Windows\Prefetch\TOOLBARCLEANERSETUP.EXE-33651060.pf
O45 - LFCP:[MD5.FABE35C89ACB2D2130F578FA81CDDBDC] - 14/04/2013 - 15:31:27 ---A- - C:\Windows\Prefetch\ADAWAREBROWSINGPROTECTION_SET-42D4BD15.pf
O45 - LFCP:[MD5.C8524D42336E8ACFF24E9F5F6A2E8BA3] - 14/04/2013 - 15:52:05 ---A- - C:\Windows\Prefetch\HELPPANE.EXE-5A92E3D5.pf
O45 - LFCP:[MD5.5B2277AE83826309CDE50D45550F8673] - 14/04/2013 - 15:54:11 ---A- - C:\Windows\Prefetch\SBSETUPDRIVERS.EXE-3E707297.pf
O45 - LFCP:[MD5.CBB18009121590671DCDD958A8D17AFC] - 14/04/2013 - 15:58:31 ---A- - C:\Windows\Prefetch\Op-EXPLORER.EXE-03C49D11-000000F5.pf
O45 - LFCP:[MD5.82873CFCE81D02E0F064DC2391DBC4BA] - 14/04/2013 - 16:00:56 ---A- - C:\Windows\Prefetch\MSASCUI.EXE-4ED47FD9.pf
O45 - LFCP:[MD5.FB233439D7C9E44063CB0DDCE5990C8C] - 14/04/2013 - 16:13:19 ---A- - C:\Windows\Prefetch\OPTIONALFEATURES.EXE-C0AF40DB.pf
O45 - LFCP:[MD5.EB6BC0776FA60D5A5C3F2126A4AC311B] - 14/04/2013 - 16:14:29 ---A- - C:\Windows\Prefetch\USERACCOUNTCONTROLSETTINGS.EX-550E3008.pf
O45 - LFCP:[MD5.C0D46F25ABEA871166905D32BAD3646E] - 14/04/2013 - 16:14:30 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-E9A1C1E9.pf
O45 - LFCP:[MD5.4CA48D876803EB105C4ECB9E05F9F06D] - 14/04/2013 - 18:42:44 ---A- - C:\Windows\Prefetch\ACRORD32.EXE-4E288B88.pf
O45 - LFCP:[MD5.45F1E5A61C3E2B382EB1C6D08BAD7843] - 14/04/2013 - 20:08:53 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-4492B02F.pf
O45 - LFCP:[MD5.49CE93F9E1B859869C5241F270850D26] - 14/04/2013 - 20:19:32 ---A- - C:\Windows\Prefetch\FLASHPLAYER_V.69164577A.EXE-DD6AC868.pf
O45 - LFCP:[MD5.4EDCE3670CEF527A9BC8D7C59DF8954A] - 14/04/2013 - 20:19:42 ---A- - C:\Windows\Prefetch\DOMAIQ10.EXE-FFAC6EFD.pf
O45 - LFCP:[MD5.0F4E64AB8CFEA277B2E8E620C2FBC9DE] - 14/04/2013 - 20:22:20 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-22483255.pf
O45 - LFCP:[MD5.A4AE49AF361E61EA7AD1AE73B4FBF9BB] - 14/04/2013 - 20:22:26 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-05A897EF.pf
O45 - LFCP:[MD5.531299629C6EFE957471B67D913152CB] - 14/04/2013 - 20:22:28 ---A- - C:\Windows\Prefetch\DELTASRV.EXE-A19C1FBD.pf
O45 - LFCP:[MD5.AADDE0B090C71D18EFA570462569697D] - 14/04/2013 - 20:22:29 ---A- - C:\Windows\Prefetch\DELTA BABYLON.EXE-A406C1B1.pf  =>Toolbar.Babylon
O45 - LFCP:[MD5.3BF87FD57468F07B386C7E046F61CFD6] - 14/04/2013 - 20:22:29 ---A- - C:\Windows\Prefetch\DELTA4IE.EXE-32061FB7.pf
O45 - LFCP:[MD5.D3382AADCB0837D482FDD0B8DE2160D5] - 14/04/2013 - 20:22:29 ---A- - C:\Windows\Prefetch\SETUP.EXE-EF8085A3.pf
O45 - LFCP:[MD5.699A3FFFA55CF51BF4F79BDE3A6EAF66] - 14/04/2013 - 20:22:30 ---A- - C:\Windows\Prefetch\DELTA4FFX.EXE-E4087675.pf
O45 - LFCP:[MD5.EEA514CAF227C9755A89F9D024AB962E] - 14/04/2013 - 20:22:30 ---A- - C:\Windows\Prefetch\IELOWUTIL.EXE-4CD7A8CB.pf
O45 - LFCP:[MD5.56838E76F8ECA306C52E5D0AA959A3CB] - 14/04/2013 - 20:22:35 ---A- - C:\Windows\Prefetch\MYBABYLONTB.EXE-EEAF13BD.pf  =>Toolbar.Babylon
O45 - LFCP:[MD5.C4D864AEAF6BFD02BC8F53CF48C87F02] - 14/04/2013 - 20:22:40 ---A- - C:\Windows\Prefetch\INSTALLER_UTIL.EXE-DE100AA8.pf
O45 - LFCP:[MD5.C129A2A00E368111D9F5A115A3F6BCB6] - 14/04/2013 - 20:22:41 ---A- - C:\Windows\Prefetch\SUPREME SAVINGS-INTL.EXE-682263EC.pf
O45 - LFCP:[MD5.057CF8B8C57EF098775F1DF654A4C67D] - 14/04/2013 - 20:22:43 ---A- - C:\Windows\Prefetch\CCP.EXE-5081A514.pf
O45 - LFCP:[MD5.EB5B8796CEF3407CBE9B6811811111DA] - 14/04/2013 - 20:22:46 ---A- - C:\Windows\Prefetch\FEMIRJENJM.EXE-CCD0463A.pf
O45 - LFCP:[MD5.A569954903905FBC1D3E5EB6B1BC51A5] - 14/04/2013 - 20:22:49 ---A- - C:\Windows\Prefetch\MIXER.EXE-C3F4EE8A.pf
O45 - LFCP:[MD5.0B0EF45FD357BE3A47DC53546482CFF0] - 14/04/2013 - 20:22:56 ---A- - C:\Windows\Prefetch\BPROTECT.EXE-E7CCC226.pf
O45 - LFCP:[MD5.3EEF80EB3330E9479A34687EB41464CB] - 14/04/2013 - 20:22:56 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.EXE-22BA7B30.pf
O45 - LFCP:[MD5.C910FC5F4EEB38C1CD905BD391BD235A] - 14/04/2013 - 20:22:56 ---A- - C:\Windows\Prefetch\OPTIMIZER_PRO.EXE-4C1451C5.pf
O45 - LFCP:[MD5.96A7DA1426315E65BCC7140D5B102F41] - 14/04/2013 - 20:22:56 ---A- - C:\Windows\Prefetch\OPTIMIZER_PRO.TMP-726B3AE4.pf
O45 - LFCP:[MD5.E5E0105A3E2FF08D33C08E74B3825A9D] - 14/04/2013 - 20:23:00 ---A- - C:\Windows\Prefetch\UPDATER19962.EXE-3B7C0E28.pf
O45 - LFCP:[MD5.FE1388C0167F19540DA89B804384CAEE] - 14/04/2013 - 20:23:56 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EE2FB4D9.pf
O45 - LFCP:[MD5.1140BF8941F95DBA1CF1F220C23745FB] - 14/04/2013 - 20:24:09 ---A- - C:\Windows\Prefetch\FLASHPLAYER.EXE-80EC817B.pf
O45 - LFCP:[MD5.D67A11A8F3FCFB51A337D51203C8B4BE] - 14/04/2013 - 20:24:25 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-BAE57A74.pf
O45 - LFCP:[MD5.334935E105C22BB8BABEAE118E602EC7] - 14/04/2013 - 20:24:34 ---A- - C:\Windows\Prefetch\VAFPLAYER.EXE-5624ACD0.pf
O45 - LFCP:[MD5.5F461E189A4770008E21765DE4AE7D23] - 14/04/2013 - 21:26:13 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-A1396DE2.pf
O45 - LFCP:[MD5.E3E063A3954BFEF1F77DFA3503C7ED37] - 14/04/2013 - 21:26:14 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.4AC599D1A7D55EB2758F77B3888EBC2B] - 14/04/2013 - 21:28:01 ---A- - C:\Windows\Prefetch\ADOBEARM.EXE-813E932C.pf
O45 - LFCP:[MD5.B31745A5EFD698394606A0511165F897] - 14/04/2013 - 21:28:01 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-1B28B747.pf
O45 - LFCP:[MD5.0629E6F9CA15AFE67E3047EA4DD139A5] - 14/04/2013 - 21:28:01 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-EF8503D3.pf
O45 - LFCP:[MD5.AB8CAA824823D3078FF2BB06685F26A6] - 14/04/2013 - 21:28:12 ---A- - C:\Windows\Prefetch\ADAWAREBP.EXE-8FF3D912.pf
O45 - LFCP:[MD5.8917391E85CFB5F1BE8E91D6CA1DFA0B] - 14/04/2013 - 21:28:52 ---A- - C:\Windows\Prefetch\EPOWERSVC.EXE-31C24032.pf
O45 - LFCP:[MD5.E3C6B480FEB9C4445E7B2263F6563465] - 14/04/2013 - 21:28:58 ---A- - C:\Windows\Prefetch\IGFXEXT.EXE-B04096D5.pf
O45 - LFCP:[MD5.824A5DB389EC9B4A1ED5852DE836B8F8] - 14/04/2013 - 21:29:05 ---A- - C:\Windows\Prefetch\MMDX64FX.EXE-4C9473D7.pf
O45 - LFCP:[MD5.416A2EF9AACB59E6C6A9249F0620193B] - 14/04/2013 - 21:29:19 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-94CE7668.pf
O45 - LFCP:[MD5.F075297B8DF62E3113F885352EB407AA] - 14/04/2013 - 21:29:26 ---A- - C:\Windows\Prefetch\LMS.EXE-409EDB07.pf
O45 - LFCP:[MD5.CCA1B562BB4DC882FD484705206A2B3C] - 14/04/2013 - 21:29:29 ---A- - C:\Windows\Prefetch\UNS.EXE-9B1279FB.pf
O45 - LFCP:[MD5.EE7E97177BB0D5C88AEABDE3A7300775] - 14/04/2013 - 21:29:30 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-13D172B9.pf
O45 - LFCP:[MD5.5AD8F3B6036DB51C745EE8CFF3730E3F] - 14/04/2013 - 21:30:28 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-AAB0060C.pf
O45 - LFCP:[MD5.5684C094EF1BD648B2EED0A0C7774EE9] - 14/04/2013 - 21:31:00 ---A- - C:\Windows\Prefetch\JUSCHED.EXE-4B303C70.pf
O45 - LFCP:[MD5.42D5B4846CAD1CBF1D93B63EFD9B3C5E] - 14/04/2013 - 21:31:03 ---A- - C:\Windows\Prefetch\SEARCHPROTECTION.EXE-E9B18DE5.pf
O45 - LFCP:[MD5.FDD5999A125858FB115591C581DAB9ED] - 14/04/2013 - 21:31:04 ---A- - C:\Windows\Prefetch\ADAWARE.EXE-EC222E9B.pf
O45 - LFCP:[MD5.CE50561708EBD92D4AE135EA8B5D835E] - 14/04/2013 - 21:31:48 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-7D63BB4C.pf
O45 - LFCP:[MD5.E72587C09D9191198485FB40846280E6] - 14/04/2013 - 21:33:20 ---A- - C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-E510713D.pf
O45 - LFCP:[MD5.2FF8257BA1DC612766DAAF6C7A35FB03] - 14/04/2013 - 21:33:21 ---A- - C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_6_602_18-54979347.pf
O45 - LFCP:[MD5.08B44EE16D0710C6E26B58057AF5BC3B] - 14/04/2013 - 21:36:06 ---A- - C:\Windows\Prefetch\CCSETUP400.EXE-9519607D.pf
O45 - LFCP:[MD5.ADF598CED8DA75841253A18B9DFA8ACB] - 14/04/2013 - 21:36:31 ---A- - C:\Windows\Prefetch\PING.EXE-CF0A440C.pf
O45 - LFCP:[MD5.827C171B7DD60EE5616C3DC38D4BD765] - 14/04/2013 - 21:36:41 ---A- - C:\Windows\Prefetch\GOOGLEUPDATESETUP_1.3.21.89.E-08120670.pf
O45 - LFCP:[MD5.352562A71FA0E593EA3279A6A1919150] - 14/04/2013 - 21:36:41 ---A- - C:\Windows\Prefetch\PF-TOOLBAR-W78.EXE-24838310.pf
O45 - LFCP:[MD5.F5821F56EFF36004D85ED6194CC41A38] - 14/04/2013 - 21:36:42 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-9E449B8D.pf
O45 - LFCP:[MD5.6708FDA252511B1D4CF9B9C97087072F] - 14/04/2013 - 21:36:49 ---A- - C:\Windows\Prefetch\GOOGLEUPDATERSERVICE_B33FC4DD-5B4F355B.pf
O45 - LFCP:[MD5.57F4C7CC051D06EF4B4E3A5DFC06BEE8] - 14/04/2013 - 21:36:49 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-E1DBB6D8.pf
O45 - LFCP:[MD5.643609F56FCCA13E1C5B4B9BEF53FDC6] - 14/04/2013 - 21:36:50 ---A- - C:\Windows\Prefetch\GOOGLEUPDATERSERVICE.EXE-5B31194A.pf
O45 - LFCP:[MD5.90DBD0964125D78AEC1E82AD61B9EC19] - 14/04/2013 - 21:36:50 ---A- - C:\Windows\Prefetch\SEARCHWITHGOOGLEUPDATE_0BB494-F6EC7FFE.pf
O45 - LFCP:[MD5.F5D8F26CFCBEDA7920214975AECC5834] - 14/04/2013 - 21:36:51 ---A- - C:\Windows\Prefetch\GOOGLETOOLBARINSTALLER_EN64_S-28EE48CC.pf
O45 - LFCP:[MD5.76F747BE1CE28730EF783F3AC856DA08] - 14/04/2013 - 21:36:51 ---A- - C:\Windows\Prefetch\GOOGLETOOLBARMANAGER_94DDE1ED-C77014BD.pf
O45 - LFCP:[MD5.B71BC852ED5C7E27ECB0DA458969AB7A] - 14/04/2013 - 21:36:56 ---A- - C:\Windows\Prefetch\GOOGLETOOLBARNOTIFIER.EXE-B25C45A8.pf
O45 - LFCP:[MD5.4DCA3167C658CCC428BCBEC8FEABCC49] - 14/04/2013 - 21:37:01 ---A- - C:\Windows\Prefetch\GOOGLEUPDATESETUP_LATEST.EXE-01C6E745.pf
O45 - LFCP:[MD5.141F4BB05D01A83F6F9E36E985CB5408] - 14/04/2013 - 21:37:01 ---A- - C:\Windows\Prefetch\PF-CHROME-W78.EXE-66D7B0D7.pf
O45 - LFCP:[MD5.C42A858EEE6FAC69E659844AF368E563] - 14/04/2013 - 21:37:02 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-D3555203.pf
O45 - LFCP:[MD5.D48C7B6F8827EA9BC76522F8B9575062] - 14/04/2013 - 21:37:31 ---A- - C:\Windows\Prefetch\26.0.1410.64_CHROME_INSTALLER-03EB348F.pf
O45 - LFCP:[MD5.4202AC09D203B35586299E3662CC569A] - 14/04/2013 - 21:37:32 ---A- - C:\Windows\Prefetch\SETUP.EXE-77326915.pf
O45 - LFCP:[MD5.D99B6B25105869BF16B441AD0F809D10] - 14/04/2013 - 21:37:45 ---A- - C:\Windows\Prefetch\OPENWITH.EXE-BA0DC300.pf
O45 - LFCP:[MD5.1201F83FFB2243616E07387F00BBE1A8] - 14/04/2013 - 21:41:24 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-56DEEC00.pf
O45 - LFCP:[MD5.0C71C00433E546AA74DDB54868274514] - 14/04/2013 - 21:41:25 ---A- - C:\Windows\Prefetch\GOOGLEUPDATESETUP.EXE-244DBAA6.pf
O45 - LFCP:[MD5.101C1796EA055DA25B663C017B31C333] - 14/04/2013 - 21:41:35 ---A- - C:\Windows\Prefetch\CHRMSTP.EXE-99A9C40B.pf
O45 - LFCP:[MD5.2FCFCD367259B7606EF91EC8F8740AB5] - 14/04/2013 - 21:41:39 ---A- - C:\Windows\Prefetch\CCLEANER64.EXE-1137D9AC.pf
O45 - LFCP:[MD5.F413F7B1D9E3050908CB2800EF2BA1B7] - 14/04/2013 - 22:10:22 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-528BC649.pf
O45 - LFCP:[MD5.59A293F53997D435D4B7EC718ECA450E] - 15/04/2013 - 00:40:46 ---A- - C:\Windows\Prefetch\ADAWARELAUNCHER.EXE-6AD9B041.pf
O45 - LFCP:[MD5.CAE26FE2B93EF688005EC1F5460F8BFA] - 15/04/2013 - 07:07:50 ---A- - C:\Windows\Prefetch\CONHOST.EXE-F98A1078.pf
O45 - LFCP:[MD5.EB11E6974699D05B1AEB250F6ACB073A] - 15/04/2013 - 07:08:00 ---A- - C:\Windows\Prefetch\OPTPROSMARTSCAN.EXE-1060602F.pf
O45 - LFCP:[MD5.2ED51ED144CB3870524B1C09683BBC24] - 15/04/2013 - 07:10:36 ---A- - C:\Windows\Prefetch\UPPCT_FR_2.EXE-8ED294CF.pf
O45 - LFCP:[MD5.3EAEB2999BA897C0B6778B1F1BD8AE93] - 15/04/2013 - 07:16:37 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EA0A52C8.pf
O45 - LFCP:[MD5.2C560F132EB227D43CA2503C0028E440] - 15/04/2013 - 07:16:46 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-3C5D03F7.pf
O45 - LFCP:[MD5.00782383F8BD6CE68578FA947F75C190] - 15/04/2013 - 07:16:48 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-4DB88ADA.pf
O45 - LFCP:[MD5.FD63D2EF2A0E06B4362E45D83EA93875] - 15/04/2013 - 07:16:49 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-CD4E002C.pf
O45 - LFCP:[MD5.848DCD877A0B4500A74BDA1BFFBBE82C] - 15/04/2013 - 07:17:10 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-D593A5D9.pf
O45 - LFCP:[MD5.8EAA425A2DD641AEB3645FA2BA8275EA] - 15/04/2013 - 07:17:12 ---A- - C:\Windows\Prefetch\NGEN.EXE-383F81D5.pf
O45 - LFCP:[MD5.2582ADD7ECDEBFE309077DC3CAACCF71] - 15/04/2013 - 07:17:12 ---A- - C:\Windows\Prefetch\NGEN.EXE-A8DBB043.pf
O45 - LFCP:[MD5.72C2033555020F7D75460B6DA423B5A4] - 15/04/2013 - 07:17:19 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-55FE3087.pf
O45 - LFCP:[MD5.12BD1098820FC319E7FAB609951F3266] - 15/04/2013 - 07:20:05 ---A- - C:\Windows\Prefetch\DELEGATE_EXECUTE.EXE-268E65DD.pf
O45 - LFCP:[MD5.7F673A229A48A62E75EF34A8F52DE41E] - 15/04/2013 - 07:20:15 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3F4.pf
O45 - LFCP:[MD5.4313F08F3217AD9E047FC1D6D8B18FB7] - 15/04/2013 - 07:21:05 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3FB.pf
O45 - LFCP:[MD5.74D1CDB756EB7D797FE144DDC9C13CC1] - 15/04/2013 - 07:21:24 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3F7.pf
O45 - LFCP:[MD5.54203186198F8DBE251738AA34458791] - 15/04/2013 - 07:24:13 ---A- - C:\Windows\Prefetch\ESETSMARTINSTALLER_ENU.EXE-C8209042.pf
O45 - LFCP:[MD5.6A55392FA2F9BBF7ACDA8618ECE36420] - 15/04/2013 - 07:24:13 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-3290E8FC.pf
O45 - LFCP:[MD5.9FF8DE425B4AC8D5CFEE0298854D3194] - 15/04/2013 - 07:24:22 ---A- - C:\Windows\Prefetch\ONLINESCANNERAPP.EXE-E88EB144.pf
O45 - LFCP:[MD5.036A8271FA7AFA7FF4B065A598DED8E0] - 15/04/2013 - 07:44:07 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.EXE-FA03D2EB.pf
O45 - LFCP:[MD5.54A0688C367AE4D859F8C77717BF773C] - 15/04/2013 - 13:09:06 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-985C34E6.pf
O45 - LFCP:[MD5.0ED153D2E4483B502FAF06D4A01881C7] - 15/04/2013 - 15:01:12 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-F2C7AEBC.pf
O45 - LFCP:[MD5.6F9ABA18BC3057AD8C7915FE313C1985] - 15/04/2013 - 15:07:34 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-05B3EDF6.pf
O45 - LFCP:[MD5.31053557D0065E60025ED5312C93DC64] - 15/04/2013 - 16:48:05 ---A- - C:\Windows\Prefetch\SMSS.EXE-81AD91F0.pf
O45 - LFCP:[MD5.5E20F99891C938BEBFB2FDD1DCE970AB] - 15/04/2013 - 16:48:08 ---A- - C:\Windows\Prefetch\BROWSERPROTECT.EXE-894E35AD.pf  =>Toolbar.Babylon
O45 - LFCP:[MD5.3C721AFC2ED8E74AE10A7344D967357D] - 15/04/2013 - 16:48:16 ---A- - C:\Windows\Prefetch\CSRSS.EXE-A7A2B218.pf
O45 - LFCP:[MD5.9D64472454ECF9B03B191BC8E4C55E4A] - 15/04/2013 - 16:48:16 ---A- - C:\Windows\Prefetch\DWM.EXE-F29FE9E2.pf
O45 - LFCP:[MD5.0EF430DDF8CD8FF0939ABF8820FCECC7] - 15/04/2013 - 16:48:16 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-E35F76FB.pf
O45 - LFCP:[MD5.7A1DCD6481A3871CB3475F53245BD915] - 15/04/2013 - 16:48:16 ---A- - C:\Windows\Prefetch\WINLOGON.EXE-0D9AB72B.pf
O45 - LFCP:[MD5.C44AB1D1B48240D44C6363820A7EAF4F] - 15/04/2013 - 16:49:02 ---A- - C:\Windows\Prefetch\DKRUN32.EXE-8583E6AC.pf
O45 - LFCP:[MD5.CA5E1177E3381BD5069AE7785FACA855] - 15/04/2013 - 16:49:11 ---A- - C:\Windows\Prefetch\ETDCTRL.EXE-91BAE8DE.pf
O45 - LFCP:[MD5.D88CD3CB8F6B074E342B81D982B63927] - 15/04/2013 - 16:49:11 ---A- - C:\Windows\Prefetch\LMUTILPS32.EXE-9827F12C.pf
O45 - LFCP:[MD5.A17FA38A4BAFD75FF24166FE846C7015] - 15/04/2013 - 16:49:11 ---A- - C:\Windows\Prefetch\TASKHOSTEX.EXE-7356AAC0.pf
O45 - LFCP:[MD5.655F659C0B22DA5E9EE035CEE8392F5D] - 15/04/2013 - 16:49:12 ---A- - C:\Windows\Prefetch\ETDCTRLHELPER.EXE-6A174316.pf
O45 - LFCP:[MD5.B58257045D730A2AB6D0E9EF44D328D4] - 15/04/2013 - 16:49:12 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf
O45 - LFCP:[MD5.AC7F078105499AFD70E786D79DDAA4F1] - 15/04/2013 - 16:49:12 ---A- - C:\Windows\Prefetch\USERINIT.EXE-7FD17ED1.pf
O45 - LFCP:[MD5.662CAA3CBE453D24A4DADDB6A7D7AED8] - 15/04/2013 - 16:49:15 ---A- - C:\Windows\Prefetch\LMANAGER.EXE-49876884.pf
O45 - LFCP:[MD5.CCB4648B3DCB0D6DE74D475DAB0AB5CC] - 15/04/2013 - 16:49:15 ---A- - C:\Windows\Prefetch\RUNTIMEBROKER.EXE-17E2786F.pf
O45 - LFCP:[MD5.C29AA59AA7C3DB006D486A47E10C1866] - 15/04/2013 - 16:49:18 ---A- - C:\Windows\Prefetch\OPTPROLAUNCHER.EXE-215AE735.pf
O45 - LFCP:[MD5.73192DB25048BADB3B2F7B20DE335A32] - 15/04/2013 - 16:49:18 ---A- - C:\Windows\Prefetch\SBRC.EXE-2F219448.pf
O45 - LFCP:[MD5.B7009A6081028392CB05382D43BBCCC1] - 15/04/2013 - 16:49:21 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-E874B0D0.pf
O45 - LFCP:[MD5.499EB4C9F3C5DF67990DD1EB77355B78] - 15/04/2013 - 16:49:25 ---A- - C:\Windows\Prefetch\IGFXTRAY.EXE-21BDFE68.pf
O45 - LFCP:[MD5.D65028050B9142FF3098CB6F576002AB] - 15/04/2013 - 16:49:25 ---A- - C:\Windows\Prefetch\SBAMSVC.EXE-086AC591.pf
O45 - LFCP:[MD5.7614650D3BF7615590674AB2584A81B2] - 15/04/2013 - 16:49:26 ---A- - C:\Windows\Prefetch\HKCMD.EXE-15DC91D5.pf
O45 - LFCP:[MD5.03D4A2BC5B0E8ACB3F2947EC3377CD7D] - 15/04/2013 - 16:49:26 ---A- - C:\Windows\Prefetch\IGFXPERS.EXE-82C794F2.pf
O45 - LFCP:[MD5.C92EC7BECD670E013CE1BC204128C598] - 15/04/2013 - 16:49:27 ---A- - C:\Windows\Prefetch\BTPRELOAD.EXE-C2648C44.pf
O45 - LFCP:[MD5.71287FECAE724D91141C7E2FBF0B3BCC] - 15/04/2013 - 16:49:27 ---A- - C:\Windows\Prefetch\RAVCPL64.EXE-C0BB540D.pf
O45 - LFCP:[MD5.0BF43705736E6C0BDCB1C17886863959] - 15/04/2013 - 16:49:28 ---A- - C:\Windows\Prefetch\OPTPROREMINDER.EXE-EBA8C8D1.pf
O45 - LFCP:[MD5.B55248668BE14A82E941AB8EBFEF0B91] - 15/04/2013 - 16:49:29 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-38926D07.pf
O45 - LFCP:[MD5.C5C498E13E37CC95D84511F4BD7EC6FF] - 15/04/2013 - 16:49:30 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-6520183E.pf
O45 - LFCP:[MD5.6BD13C046B64063F6F3D01592CF58DCD] - 15/04/2013 - 16:49:30 ---A- - C:\Windows\Prefetch\SBAMTRAY.EXE-9CE70B45.pf
O45 - LFCP:[MD5.156ABF5FB13EE83E44F46FA4C5311C78] - 15/04/2013 - 16:49:36 ---A- - C:\Windows\Prefetch\SETAPM.EXE-D2C574DE.pf
O45 - LFCP:[MD5.B76C0552E5169DCFB0EB960AED680361] - 15/04/2013 - 16:49:39 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6AA5D6C5.pf
O45 - LFCP:[MD5.DBB7456EA2CE8BC222B3440FA152469A] - 15/04/2013 - 16:49:43 ---A- - C:\Windows\Prefetch\THUMBNAILEXTRACTIONHOST.EXE-C3FB8861.pf
O45 - LFCP:[MD5.6A2DCE199357A39A5F37EA36B5C064D1] - 15/04/2013 - 16:49:45 ---A- - C:\Windows\Prefetch\IGFXSRVC.EXE-F41E6E8E.pf
O45 - LFCP:[MD5.85D49E5C28551D5844C24CAB83EAB9BE] - 15/04/2013 - 16:49:45 ---A- - C:\Windows\Prefetch\UNSECAPP.EXE-454AB5C0.pf
O45 - LFCP:[MD5.4A3877FCAAC741147F874FD261AF44B5] - 15/04/2013 - 16:49:46 ---A- - C:\Windows\Prefetch\EPOWEREVENT.EXE-EA4AE030.pf
O45 - LFCP:[MD5.5A24EE9219A42AA1F6D45421A692C91F] - 15/04/2013 - 16:50:01 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf
O45 - LFCP:[MD5.E1F90E5E30142C2CC494A4D2C4868524] - 15/04/2013 - 16:50:03 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-29D61DAB.pf
O45 - LFCP:[MD5.ED2951190D52950F4E3874DD4B2D2A2B] - 15/04/2013 - 16:50:05 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf
O45 - LFCP:[MD5.00975F9C0D3E28C2551FCDF2731F93D5] - 15/04/2013 - 16:50:10 ---A- - C:\Windows\Prefetch\SUPREME SAVINGS-BG.EXE-663478F1.pf
O45 - LFCP:[MD5.DCA5AABBE74E84FF6C60146D18196AFC] - 15/04/2013 - 16:50:13 ---A- - C:\Windows\Prefetch\AgCx_SC5.db
O45 - LFCP:[MD5.CEFE29589E0C83D329D2928D297AE772] - 15/04/2013 - 16:50:15 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-C6CFE2A8.pf
O45 - LFCP:[MD5.518301FC81E635FE31090A8A95112FEA] - 15/04/2013 - 16:50:16 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-10E4267C.pf
O45 - LFCP:[MD5.BBD51143083FF64E04D446A9F513A623] - 15/04/2013 - 16:50:18 ---A- - C:\Windows\Prefetch\FLASHUTIL_ACTIVEX.EXE-4E6AE223.pf
O45 - LFCP:[MD5.72B0710807CDC824E96F37CB8CE36F53] - 15/04/2013 - 16:50:28 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-9848A323.pf
O45 - LFCP:[MD5.2B73C0CB54FB16445A5EDA3338ECD5B0] - 15/04/2013 - 16:50:30 ---A- - C:\Windows\Prefetch\BTVSTACK.EXE-0FA626F5.pf
O45 - LFCP:[MD5.2C19667B4AFCD5C093EC1E71C2E58AAF] - 15/04/2013 - 16:50:33 ---A- - C:\Windows\Prefetch\BTTRAY.EXE-5C8F7D59.pf
O45 - LFCP:[MD5.A3602AA5C35896C85DE081A7D1020A55] - 15/04/2013 - 17:03:30 ---A- - C:\Windows\Prefetch\SETTINGSYNCHOST.EXE-DD400067.pf
O45 - LFCP:[MD5.A69AFB31C0E0B01DBE64CB42A652DF85] - 15/04/2013 - 17:04:00 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.530665DEE3A754BA018D1951B5C8CAD3] - 15/04/2013 - 17:19:08 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-D687BE54.pf
O45 - LFCP:[MD5.6C98DEBCDA32AD613505150EF05F7C38] - 15/04/2013 - 17:34:13 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-7D20CFB0.pf
O45 - LFCP:[MD5.D4969A6C0DEC50F451F1EACB645B1D4A] - 15/04/2013 - 17:36:00 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-E0E5E52F.pf
O45 - LFCP:[MD5.0527D3457B4FEAF3ED135644D08CC56F] - 15/04/2013 - 17:36:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-23205583.pf
O45 - LFCP:[MD5.7C88B75DCDCFBAEF6E07DCBA0636418F] - 15/04/2013 - 17:46:00 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-62E5E10F.pf
O45 - LFCP:[MD5.D7B28A67985C2CBC60650B6938016F5E] - 15/04/2013 - 17:52:52 ---A- - C:\Windows\Prefetch\CONSENT.EXE-2D674CE4.pf
O45 - LFCP:[MD5.9A401FA5A43C083BCE805B95D8EA94DA] - 15/04/2013 - 17:52:57 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50AF0BCC.pf
O45 - LFCP:[MD5.122B99D2BD63CD269AB99D8FED4ABAEA] - 15/04/2013 - 17:53:03 ---A- - C:\Windows\Prefetch\ONLINECMDLINESCANNER.EXE-3CE1EF93.pf
O45 - LFCP:[MD5.30944A608047577099CDDCD932B531CF] - 15/04/2013 - 18:06:40 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.60EDE6986A141B14737DD100F6C584B7] - 15/04/2013 - 18:06:41 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.F80BB822D6A8741083FC57332812BCA8] - 15/04/2013 - 18:06:42 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.EE071E233AE3FFA34552E6669A4D07A3] - 15/04/2013 - 18:06:42 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.F6F0A95A74330B818A5CF5AA42155140] - 15/04/2013 - 18:58:43 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.8B34F2BBEDD47C6B76EA7AC5E90A01DC] - 15/04/2013 - 18:58:54 ---A- - C:\Windows\Prefetch\PRINTISOLATIONHOST.EXE-9AE42873.pf
O45 - LFCP:[MD5.63C39B76D85B9E16A6D481FF5067EA56] - 15/04/2013 - 18:59:43 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.A8CD6345DDE4A2F48EB3079DB0B830B2] - 15/04/2013 - 19:02:42 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-360351707-2276754314-377163639-1001.db
O45 - LFCP:[MD5.016A92DFF33C26AC03119EA937368DAA] - 15/04/2013 - 19:02:42 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-360351707-2276754314-377163639-1001.db
O45 - LFCP:[MD5.DF607B6978A6BD4017B370A574866821] - 15/04/2013 - 19:04:23 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-B018CCBF.pf
O45 - LFCP:[MD5.9499FD4B6093E3FF3C352F1436B7C1D6] - 15/04/2013 - 19:04:25 ---A- - C:\Windows\Prefetch\TIWORKER.EXE-D3BFD41F.pf
O45 - LFCP:[MD5.9F47566C9C34BB3648E12522488444A8] - 15/04/2013 - 19:11:21 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-600B5B3D.pf
O45 - LFCP:[MD5.06EAD087562EE5D6F46721C65F138789] - 15/04/2013 - 19:11:21 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-E2E79266.pf
O45 - LFCP:[MD5.7BC686746CE421AC79703A9D208ECB66] - 15/04/2013 - 19:12:18 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-210D3DBE.pf
O45 - LFCP:[MD5.B0F948C4E34F2F576F617B734C7D8929] - 15/04/2013 - 19:14:29 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-5F2753B1.pf
O45 - LFCP:[MD5.9774E69E629E6FDB2451A8A859A69C4E] - 15/04/2013 - 19:14:40 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-C7289479.pf
O45 - LFCP:[MD5.BF47BC53401BBB91A0ED983ED0B8718E] - 15/04/2013 - 19:16:46 ---A- - C:\Windows\Prefetch\CMD.EXE-2EB3E6E2.pf
O45 - LFCP:[MD5.B8674DDB60628C2047BAA425EFEE608D] - 15/04/2013 - 19:16:46 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-E9FF6526.pf
O45 - LFCP:[MD5.D510DC3C96A61B611B82B49D03BD4FB8] - 15/04/2013 - 19:16:53 ---A- - C:\Windows\Prefetch\PV.EXE-D9D90B9C.pf
O45 - LFCP:[MD5.B21650AF7DC8017611AB4A7E0B5DF32C] - 15/04/2013 - 19:16:53 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-7B160CA5.pf
O45 - LFCP:[MD5.C3395FC4C61FC582E95E458D0F87ABC4] - 15/04/2013 - 19:16:53 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-0C8A533A.pf
O45 - LFCP:[MD5.469BFD1E4E8E07D67AEED30F568C5F0B] - 15/04/2013 - 19:17:02 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5B401A7E.pf
O45 - LFCP:[MD5.3C5224066D9361D7329C4CE6A02DD416] - 15/04/2013 - 19:17:05 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-D08B2113.pf
O45 - LFCP:[MD5.E6E2AB3952A4E1C617443D1F63214694] - 15/04/2013 - 19:17:23 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-0AD36442.pf
O45 - LFCP:[MD5.1C425177A4D509687CBB5C8DBC2811FC] - 15/04/2013 - 19:17:56 ---A- - C:\Windows\Prefetch\SUPREME SAVINGS.EXE-7FC711EB.pf
~ Prefetcher: 229 Scanned in 00mn 05s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableCAD"=1
O55 - MWPS:[HKLM\...\Policies\System] - "DisableTaskMgr"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0
~ MWPS: 20 Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRun"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoControlPanel"=0
~ MWPE Keys: 5 Scanned in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.4F18D4C7EA14F11A7211F60D553C03DB] - 26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys   [106736]
~ Drivers:  Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 12/04/2013 - 16:48:12 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\DomaIQ.exe   [356352]
O61 - LFC: 12/04/2013 - 16:48:12 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\DomaIQ10.exe   [346624]
O61 - LFC: 12/04/2013 - 16:48:12 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\OfferBrokerage_14003.exe   [966712]
O61 - LFC: 12/04/2013 - 16:48:36 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\config.dll   [36]
O61 - LFC: 12/04/2013 - 16:48:38 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\routes.dll   [257]
O61 - LFC: 12/04/2013 - 19:00:30 ---A- C:\Users\Thierry\AppData\Roaming\Microsoft\Office\Word12.pip   [1688]
O61 - LFC: 12/04/2013 - 19:00:54 ---A- C:\Users\Thierry\AppData\Roaming\Microsoft\Office\Excel12.pip   [1544]
O61 - LFC: 12/04/2013 - 19:00:56 ---A- C:\Users\Thierry\AppData\Local\Packages\microsoft.microsoftskydrive_8wekyb3d8bbwe\LocalState\Microsoft.MicrosoftSkyDrive.etl   [131072]
O61 - LFC: 12/04/2013 - 19:00:56 ---A- C:\Users\Thierry\AppData\Local\Packages\microsoft.microsoftskydrive_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 14/04/2013 - 15:20:23 ---A- C:\Users\Thierry\Links\Desktop.lnk   [488]
O61 - LFC: 14/04/2013 - 15:20:23 ---A- C:\Users\Thierry\Links\Downloads.lnk   [943]
O61 - LFC: 14/04/2013 - 15:20:23 ---A- C:\Users\Thierry\Links\RecentPlaces.lnk   [383]
O61 - LFC: 14/04/2013 - 15:24:05 ---A- C:\Users\Thierry\Downloads\Sécurité\Ad-Aware\Adaware_Installer.exe   [5577352]
O61 - LFC: 14/04/2013 - 15:27:08 ---A- C:\Users\Thierry\AppData\Local\Temp\c5c6d417-05ae-4a5a-9308-717ab722f9c3\CartSdk.dll   [464776]
O61 - LFC: 14/04/2013 - 15:27:08 ---A- C:\Users\Thierry\AppData\Local\Temp\c5c6d417-05ae-4a5a-9308-717ab722f9c3\amd64\gfibto.sys   [14456]
O61 - LFC: 14/04/2013 - 15:27:08 ---A- C:\Users\Thierry\AppData\Local\Temp\c5c6d417-05ae-4a5a-9308-717ab722f9c3\amd64\sbbd.exe   [47496]
O61 - LFC: 14/04/2013 - 15:27:08 ---A- C:\Users\Thierry\AppData\Local\Temp\c5c6d417-05ae-4a5a-9308-717ab722f9c3\i386\gfibto.sys   [13560]
O61 - LFC: 14/04/2013 - 15:27:08 ---A- C:\Users\Thierry\AppData\Local\Temp\c5c6d417-05ae-4a5a-9308-717ab722f9c3\i386\sbbd.exe   [44424]
O61 - LFC: 14/04/2013 - 15:27:09 ---A- C:\Users\Thierry\AppData\Local\Temp\c5c6d417-05ae-4a5a-9308-717ab722f9c3\CartSdk64.exe   [326024]
O61 - LFC: 14/04/2013 - 15:27:09 ---A- C:\Users\Thierry\AppData\Local\Temp\c5c6d417-05ae-4a5a-9308-717ab722f9c3\definitions\CartDefinitions.xml   [819082]
O61 - LFC: 14/04/2013 - 15:27:09 ---A- C:\Users\Thierry\AppData\Local\Temp\c5c6d417-05ae-4a5a-9308-717ab722f9c3\sbrc.exe   [200560]
O61 - LFC: 14/04/2013 - 15:27:11 ---A- C:\Users\Thierry\AppData\Local\Temp\75d89641-3a02-4692-8c0f-f42b40b9bff0\Statistics.dll   [617984]
O61 - LFC: 14/04/2013 - 15:29:28 ---A- C:\Users\Thierry\AppData\Local\Temp\c5c6d417-05ae-4a5a-9308-717ab722f9c3\scanresult.xml   [130]
O61 - LFC: 14/04/2013 - 15:29:41 ---A- C:\Users\Thierry\AppData\Local\Temp\80b38e4e-bb9e-45be-9479-98b794df1bdf.msi   [14403560]
O61 - LFC: 14/04/2013 - 15:29:59 ---A- C:\Users\Thierry\AppData\Local\Temp\7c1e4df4-208d-4510-a14e-5ac70e5aa413\CartSdk.dll   [464776]
O61 - LFC: 14/04/2013 - 15:29:59 ---A- C:\Users\Thierry\AppData\Local\Temp\7c1e4df4-208d-4510-a14e-5ac70e5aa413\CartSdk64.exe   [326024]
O61 - LFC: 14/04/2013 - 15:29:59 ---A- C:\Users\Thierry\AppData\Local\Temp\7c1e4df4-208d-4510-a14e-5ac70e5aa413\amd64\gfibto.sys   [14456]
O61 - LFC: 14/04/2013 - 15:29:59 ---A- C:\Users\Thierry\AppData\Local\Temp\7c1e4df4-208d-4510-a14e-5ac70e5aa413\amd64\sbbd.exe   [47496]
O61 - LFC: 14/04/2013 - 15:29:59 ---A- C:\Users\Thierry\AppData\Local\Temp\7c1e4df4-208d-4510-a14e-5ac70e5aa413\definitions\CartDefinitions.xml   [819082]
O61 - LFC: 14/04/2013 - 15:29:59 ---A- C:\Users\Thierry\AppData\Local\Temp\7c1e4df4-208d-4510-a14e-5ac70e5aa413\i386\gfibto.sys   [13560]
O61 - LFC: 14/04/2013 - 15:29:59 ---A- C:\Users\Thierry\AppData\Local\Temp\7c1e4df4-208d-4510-a14e-5ac70e5aa413\i386\sbbd.exe   [44424]
O61 - LFC: 14/04/2013 - 15:29:59 ---A- C:\Users\Thierry\AppData\Local\Temp\7c1e4df4-208d-4510-a14e-5ac70e5aa413\sbrc.exe   [200560]
O61 - LFC: 14/04/2013 - 15:30:02 ---A- C:\Users\Thierry\AppData\Local\Temp\7c1e4df4-208d-4510-a14e-5ac70e5aa413\scanresult.xml   [130]
O61 - LFC: 14/04/2013 - 15:30:02 ---A- C:\Users\Thierry\AppData\Local\Temp\9bfc347d-d217-438c-8318-0bf8e9fcbf6e\Statistics.dll   [617984]
O61 - LFC: 14/04/2013 - 15:30:51 ---A- C:\Users\Thierry\AppData\Local\Temp\0189ad29-55f0-4635-a4a5-13e231cb7cc1.msi   [20035584]
O61 - LFC: 14/04/2013 - 15:31:01 ---A- C:\Users\Thierry\AppData\Local\Temp\8e07ac32-6229-4a8d-b1a9-2f2d94ca7731.exe   [3134432]
O61 - LFC: 14/04/2013 - 15:31:02 ---A- C:\Users\Thierry\AppData\Local\Temp\{6c97a91e-4524-4019-86af-2aa2d567bf5c}\geodata.xml   [187]
O61 - LFC: 14/04/2013 - 15:31:43 ---A- C:\Users\Thierry\AppData\Local\Temp\adawaretb_Install_Log.txt   [3812]
O61 - LFC: 14/04/2013 - 15:32:05 ---A- C:\Users\Thierry\AppData\Local\Temp\MSI40945.LOG   [1062760]
O61 - LFC: 14/04/2013 - 15:34:54 ---A- C:\Users\Thierry\AppData\Roaming\Ad-Aware Antivirus\language.xml   [128]
O61 - LFC: 14/04/2013 - 15:35:14 ---A- C:\Users\Thierry\AppData\Local\Temp\b6983b2e-78d1-4e43-8251-4df17b7c80f7.xml   [130]
O61 - LFC: 14/04/2013 - 15:45:24 ---A- C:\Users\Thierry\AppData\Roaming\LavasoftStatistics\adaware.xml   [969]
O61 - LFC: 14/04/2013 - 15:54:12 ---A- C:\Users\Thierry\AppData\Local\Temp\MSI879c1.LOG   [312338]
O61 - LFC: 14/04/2013 - 15:56:21 ---A- C:\Users\Thierry\AppData\Local\Temp\20a782a7-70e3-4ccc-b322-5da22e0d175d.xml   [130]
O61 - LFC: 14/04/2013 - 15:56:52 -S-A- C:\Users\Thierry\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\F063BF7EF604434CBE00FF198F0D9B10   [334]
O61 - LFC: 14/04/2013 - 15:58:10 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130414141547-f.list   [834127]
O61 - LFC: 14/04/2013 - 16:23:10 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130414151713-l.list   [2515]
O61 - LFC: 14/04/2013 - 16:23:10 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130414151713-m.list   [2566]
O61 - LFC: 14/04/2013 - 17:44:23 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130414161840-l.list   [3114]
O61 - LFC: 14/04/2013 - 17:44:23 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130414161840-m.list   [396]
O61 - LFC: 14/04/2013 - 18:41:44 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130414172007-l.list   [700]
O61 - LFC: 14/04/2013 - 18:41:44 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130414172007-m.list   [3057]
O61 - LFC: 14/04/2013 - 20:07:06 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130414182133-l.list   [751]
O61 - LFC: 14/04/2013 - 20:07:06 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130414182133-m.list   [5100]
O61 - LFC: 14/04/2013 - 20:17:03 ---A- C:\Users\Thierry\Downloads\FLASHPLAYER\FlashPlayer_V.69164577a.exe   [852048]
O61 - LFC: 14/04/2013 - 20:19:40 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\bin\bin.html   [0]
O61 - LFC: 14/04/2013 - 20:19:44 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\temp\templateStyle.dfe   [217933]
O61 - LFC: 14/04/2013 - 20:19:45 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\temp\Delta Babyloninfo.dfe   [921]  =>Toolbar.Babylon
O61 - LFC: 14/04/2013 - 20:19:45 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\temp\Dockings.dfe   [4370]
O61 - LFC: 14/04/2013 - 20:19:45 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\temp\templateDisplays.dfe   [3559]
O61 - LFC: 14/04/2013 - 20:19:46 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\temp\Mixi Dj Yahooinfo.dfe   [15795]
O61 - LFC: 14/04/2013 - 20:19:46 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\temp\Supreme Savings-INTLinfo.dfe   [964]
O61 - LFC: 14/04/2013 - 20:19:47 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\temp\Boxoreinfo.dfe   [15932]  =>Adware.Boxore
O61 - LFC: 14/04/2013 - 20:19:48 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\temp\Iminentinfo.dfe   [47856]  =>Adware.IMBooster
O61 - LFC: 14/04/2013 - 20:19:49 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\temp\Yontooinfo.dfe   [41376]  =>PUP.Yontoo
O61 - LFC: 14/04/2013 - 20:19:50 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\temp\OptimizerProinfo.dfe   [66385]
O61 - LFC: 14/04/2013 - 20:19:51 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\temp\SpeedUpMyPcinfo.dfe   [44265]
O61 - LFC: 14/04/2013 - 20:19:52 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\bin\Boxore\info.dfe   [7496]  =>Adware.Boxore
O61 - LFC: 14/04/2013 - 20:19:52 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\bin\Delta Babylon\info.dfe   [42124]  =>Toolbar.Babylon
O61 - LFC: 14/04/2013 - 20:19:52 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\bin\Driverpro\info.dfe   [11200]
O61 - LFC: 14/04/2013 - 20:19:52 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\bin\Iminent\info.dfe   [20108]  =>Adware.IMBooster
O61 - LFC: 14/04/2013 - 20:19:52 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\bin\Mixi Dj Yahoo\info.dfe   [2244]
O61 - LFC: 14/04/2013 - 20:19:52 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\bin\OptimizerPro\info.dfe   [11740]
O61 - LFC: 14/04/2013 - 20:19:52 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\bin\SpeedUpMyPc\info.dfe   [34888]
O61 - LFC: 14/04/2013 - 20:19:52 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\bin\Supreme Savings-INTL\info.dfe   [34884]
O61 - LFC: 14/04/2013 - 20:19:52 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\bin\Yontoo\info.dfe   [47308]  =>PUP.Yontoo
O61 - LFC: 14/04/2013 - 20:19:52 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\bin\css\base.css   [494]
O61 - LFC: 14/04/2013 - 20:19:52 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\bin\exe\close.dfe   [520]
O61 - LFC: 14/04/2013 - 20:19:52 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\bin\exe\finish.dfe   [412]
O61 - LFC: 14/04/2013 - 20:19:52 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\bin\exe\instalando.dfe   [1776]
O61 - LFC: 14/04/2013 - 20:19:52 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\bin\exe\options.dfe   [1412]
O61 - LFC: 14/04/2013 - 20:19:52 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\bin\exe\welcome.dfe   [212]
O61 - LFC: 14/04/2013 - 20:19:52 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\temp\Driverproinfo.dfe   [66896]
O61 - LFC: 14/04/2013 - 20:22:18 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\software\Delta Babylon.exe   [782832]  =>Toolbar.Babylon
O61 - LFC: 14/04/2013 - 20:22:22 ---A- C:\Users\Thierry\AppData\Local\Temp\6BE6E596-BAB0-7891-ABA0-EE19AC9FF7AE\bab098.claroico.zpb   [953]
O61 - LFC: 14/04/2013 - 20:22:22 ---A- C:\Users\Thierry\AppData\Local\Temp\6BE6E596-BAB0-7891-ABA0-EE19AC9FF7AE\bab149.spreg.zpb   [299]
O61 - LFC: 14/04/2013 - 20:22:26 ---A- C:\Users\Thierry\AppData\Local\Temp\6BE6E596-BAB0-7891-ABA0-EE19AC9FF7AE\Setup-deltatb.zpb   [1755878]
O61 - LFC: 14/04/2013 - 20:22:28 ---A- C:\Users\Thierry\AppData\Local\Temp\6BE6E596-BAB0-7891-ABA0-EE19AC9FF7AE\GUninstaller_cat.zpb   [138930]
O61 - LFC: 14/04/2013 - 20:22:29 ---A- C:\Users\Thierry\AppData\Local\Temp\6BE6E596-BAB0-7891-ABA0-EE19AC9FF7AE\ccp.zpb   [227051]
O61 - LFC: 14/04/2013 - 20:22:31 ---A- C:\Users\Thierry\AppData\Local\Temp\6BE6E596-BAB0-7891-ABA0-EE19AC9FF7AE\DeltaChromeTB_1001.zpb   [745762]
O61 - LFC: 14/04/2013 - 20:22:31 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\software\Supreme Savings-INTL.exe   [4526496]
O61 - LFC: 14/04/2013 - 20:22:43 ---A- C:\Users\Thierry\AppData\Roaming\Babylon\log_file.txt   [6420]  =>Toolbar.Babylon
O61 - LFC: 14/04/2013 - 20:22:49 ---A- C:\Users\Thierry\AppData\Local\Updater19962\Updater19962.exe   [210312]
O61 - LFC: 14/04/2013 - 20:23:42 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\software\FlashPlayer.exe   [10479859]
O61 - LFC: 14/04/2013 - 20:24:34 ---A- C:\Users\Thierry\AppData\Roaming\player\images\channel_ld_219.png   [9665]
O61 - LFC: 14/04/2013 - 20:24:34 ---A- C:\Users\Thierry\AppData\Roaming\player\images\channel_ld_268.png   [6730]
O61 - LFC: 14/04/2013 - 20:24:53 ---A- C:\Users\Thierry\AppData\Local\Temp\DIQ\FlashPlayer_151\bin.dll   [5372]
O61 - LFC: 14/04/2013 - 21:23:38 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130414192258-l.list   [823]
O61 - LFC: 14/04/2013 - 21:23:38 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130414192258-m.list   [2231]
O61 - LFC: 14/04/2013 - 21:27:40 -SHA- C:\Users\Thierry\AppData\Roaming\Microsoft\Protect\S-1-5-21-360351707-2276754314-377163639-1001\eee18efe-b87f-45a1-a3fc-2116e060cf92   [468]
O61 - LFC: 14/04/2013 - 21:28:41 ---A- C:\Users\Thierry\AppData\Local\Temp\884f4016-291c-4951-9e34-da623a10a463.xml   [130]
O61 - LFC: 14/04/2013 - 21:31:04 ---A- C:\Users\Thierry\AppData\Local\Temp\c69c3493-3b8b-4220-ae3d-a572a0f4e412.xml   [130]
O61 - LFC: 14/04/2013 - 21:32:58 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130414202424-l.list   [739]
O61 - LFC: 14/04/2013 - 21:32:58 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130414202424-m.list   [4707]
O61 - LFC: 14/04/2013 - 21:33:33 ---A- C:\Users\Thierry\Downloads\Sécurité\Ccleaner\ccsetup400.exe   [4316280]
O61 - LFC: 14/04/2013 - 21:36:51 ---A- C:\Users\Thierry\AppData\Local\Temp\nsx4BB4.tmp\System.dll   [11264]
O61 - LFC: 14/04/2013 - 21:37:36 ---A- C:\Users\Thierry\AppData\Local\Packages\WinStore_cw5n1h2txyewy\AC\PRICache\WinStore\3367477557.pri   [8960]
O61 - LFC: 14/04/2013 - 21:41:29 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\First Run   [0]
O61 - LFC: 14/04/2013 - 21:41:30 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.0_0\BUSolution.dll   [691792]
O61 - LFC: 14/04/2013 - 21:41:30 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.0_0\BabMaint.x   [9808]
O61 - LFC: 14/04/2013 - 21:41:30 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.0_0\bg.html   [202]
O61 - LFC: 14/04/2013 - 21:41:30 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.0_0\bg.js   [399]
O61 - LFC: 14/04/2013 - 21:41:30 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\background.html   [95]
O61 - LFC: 14/04/2013 - 21:41:30 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Shortcuts   [12288]
O61 - LFC: 14/04/2013 - 21:41:30 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\User StyleSheets\Custom.css   [0]
O61 - LFC: 14/04/2013 - 21:41:31 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\main.html   [92]
O61 - LFC: 14/04/2013 - 21:41:31 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\main.js   [79]
O61 - LFC: 14/04/2013 - 21:41:31 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.0_0\NPObject.dll   [126976]
O61 - LFC: 14/04/2013 - 21:41:31 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.0_0\redirect.html   [189]
O61 - LFC: 14/04/2013 - 21:41:31 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.0_0\redirect.js   [357]
O61 - LFC: 14/04/2013 - 21:41:31 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik\1.0.0.1_0\image_128.png   [7849]
O61 - LFC: 14/04/2013 - 21:41:31 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik\1.0.0.1_0\manifest.json   [715]
O61 - LFC: 14/04/2013 - 21:41:31 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\background.js   [1827]
O61 - LFC: 14/04/2013 - 21:41:31 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll   [72704]
O61 - LFC: 14/04/2013 - 21:41:32 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\icon_128.png   [3009]
O61 - LFC: 14/04/2013 - 21:41:32 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\icon_16.png   [143]
O61 - LFC: 14/04/2013 - 21:41:32 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\manifest.json   [649]
O61 - LFC: 14/04/2013 - 21:41:32 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\eu\messages.json   [243]
O61 - LFC: 14/04/2013 - 21:41:32 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.0_0\delta128.png   [12964]
O61 - LFC: 14/04/2013 - 21:41:32 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.0_0\delta48.png   [3435]
O61 - LFC: 14/04/2013 - 21:41:32 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.0_0\manifest.json   [614]
O61 - LFC: 14/04/2013 - 21:41:32 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\manifest.json   [558]
O61 - LFC: 14/04/2013 - 21:41:33 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\no\messages.json   [210]
O61 - LFC: 14/04/2013 - 21:41:34 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\no\messages.json   [218]
O61 - LFC: 14/04/2013 - 21:41:34 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\no\messages.json   [216]
O61 - LFC: 14/04/2013 - 21:41:34 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\no\messages.json   [300]
O61 - LFC: 14/04/2013 - 21:41:34 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\se\messages.json   [210]
O61 - LFC: 14/04/2013 - 21:41:34 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Login Data   [12288]
O61 - LFC: 14/04/2013 - 21:41:35 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOCK   [0]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\128.png   [7654]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\ar\messages.json   [422]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\bg\messages.json   [559]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\ca\messages.json   [265]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\cs\messages.json   [283]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\da\messages.json   [251]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\de\messages.json   [256]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\el\messages.json   [565]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\en_GB\messages.json   [249]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\en_US\messages.json   [249]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\es\messages.json   [259]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\es_419\messages.json   [259]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\et\messages.json   [259]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\fi\messages.json   [277]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\fil\messages.json   [260]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\fr\messages.json   [260]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\he\messages.json   [438]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\hi\messages.json   [492]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\hr\messages.json   [263]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\hu\messages.json   [276]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\id\messages.json   [261]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\it\messages.json   [258]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\ja\messages.json   [395]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\ko\messages.json   [365]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\lt\messages.json   [309]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\lv\messages.json   [262]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\ms\messages.json   [254]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\nl\messages.json   [250]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\pl\messages.json   [261]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\pt_BR\messages.json   [250]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\pt_PT\messages.json   [272]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\ro\messages.json   [309]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\ru\messages.json   [614]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\sk\messages.json   [293]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\sl\messages.json   [268]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\sr\messages.json   [467]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\sv\messages.json   [261]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\th\messages.json   [521]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\tr\messages.json   [302]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\uk\messages.json   [657]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\vi\messages.json   [321]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\zh_CN\messages.json   [360]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\zh_TW\messages.json   [348]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\manifest.json   [981]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\128.png   [5369]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\16.png   [496]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\32.png   [1143]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\48.png   [1858]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ar\messages.json   [423]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\bg\messages.json   [515]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ca\messages.json   [330]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\cs\messages.json   [355]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\da\messages.json   [328]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\de\messages.json   [307]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\el\messages.json   [569]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en\messages.json   [314]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en_GB\messages.json   [314]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en_US\messages.json   [314]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\es\messages.json   [340]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\es_419\messages.json   [341]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\et\messages.json   [314]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fi\messages.json   [305]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fil\messages.json   [337]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fr\messages.json   [329]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\he\messages.json   [471]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hi\messages.json   [326]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hr\messages.json   [340]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hu\messages.json   [336]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\id\messages.json   [319]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\it\messages.json   [324]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ja\messages.json   [388]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ko\messages.json   [380]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\lt\messages.json   [359]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\lv\messages.json   [360]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\nl\messages.json   [323]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pl\messages.json   [336]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pt_BR\messages.json   [332]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pt_PT\messages.json   [331]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ro\messages.json   [332]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ru\messages.json   [471]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sk\messages.json   [338]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sl\messages.json   [329]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sr\messages.json   [483]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sv\messages.json   [333]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\th\messages.json   [472]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\tr\messages.json   [330]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\uk\messages.json   [501]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\vi\messages.json   [363]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\zh_CN\messages.json   [346]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\zh_TW\messages.json   [346]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\manifest.json   [790]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\128.png   [5920]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ar\messages.json   [556]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\bg\messages.json   [492]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ca\messages.json   [262]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\cs\messages.json   [289]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\da\messages.json   [240]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\de\messages.json   [239]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\el\messages.json   [624]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\en\messages.json   [215]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\es\messages.json   [281]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fi\messages.json   [284]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fil\messages.json   [234]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fr\messages.json   [272]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hi\messages.json   [391]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hr\messages.json   [246]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hu\messages.json   [234]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\id\messages.json   [242]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\it\messages.json   [260]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ja\messages.json   [364]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ko\messages.json   [328]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lt\messages.json   [269]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lv\messages.json   [262]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\nl\messages.json   [232]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pl\messages.json   [292]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_BR\messages.json   [230]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_PT\messages.json   [231]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ro\messages.json   [281]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ru\messages.json   [482]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sk\messages.json   [238]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sl\messages.json   [249]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sr\messages.json   [511]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\th\messages.json   [471]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\tr\messages.json   [250]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\uk\messages.json   [536]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\vi\messages.json   [257]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_CN\messages.json   [339]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_TW\messages.json   [321]
O61 - LFC: 14/04/2013 - 21:41:36 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\manifest.json   [755]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\128.png   [3524]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ar\messages.json   [401]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\bg\messages.json   [427]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ca\messages.json   [250]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\cs\messages.json   [255]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\da\messages.json   [242]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\de\messages.json   [226]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\el\messages.json   [475]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\en\messages.json   [227]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\es\messages.json   [240]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fi\messages.json   [222]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fil\messages.json   [236]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fr\messages.json   [249]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\he\messages.json   [419]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hi\messages.json   [408]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hr\messages.json   [220]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hu\messages.json   [253]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\id\messages.json   [231]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\it\messages.json   [224]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ja\messages.json   [349]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ko\messages.json   [323]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lt\messages.json   [266]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lv\messages.json   [245]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\nl\messages.json   [225]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pl\messages.json   [274]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_BR\messages.json   [237]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_PT\messages.json   [236]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ro\messages.json   [248]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ru\messages.json   [394]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sk\messages.json   [241]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sl\messages.json   [245]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sr\messages.json   [437]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sv\messages.json   [238]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\th\messages.json   [365]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\tr\messages.json   [255]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\uk\messages.json   [442]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\vi\messages.json   [310]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_CN\messages.json   [257]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_TW\messages.json   [269]
O61 - LFC: 14/04/2013 - 21:41:37 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\manifest.json   [745]
O61 - LFC: 14/04/2013 - 21:41:39 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AJHVJKP2\macromedia.com\support\flashplayer\sys\settings.sol   [379]
O61 - LFC: 14/04/2013 - 21:41:44 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs   [10240]
O61 - LFC: 14/04/2013 - 21:41:44 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old   [46]
O61 - LFC: 14/04/2013 - 22:00:10 ---A- C:\Users\Thierry\Documents\Ccleaner\cc_20130414_225928.reg   [51604]
O61 - LFC: 14/04/2013 - 22:02:24 ---A- C:\Users\Thierry\Documents\Ccleaner\cc_20130414_230216.reg   [9014]
O61 - LFC: 14/04/2013 - 22:09:56 ---A- C:\Users\Thierry\AppData\Local\Temp\280db31e-40fe-4cc6-9234-743450bd638b.xml   [130]
O61 - LFC: 14/04/2013 - 22:49:54 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130414212548-l.list   [1105]
O61 - LFC: 14/04/2013 - 22:49:54 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130414212548-m.list   [411]
O61 - LFC: 14/04/2013 - 23:52:06 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130414222713-l.list   [892]
O61 - LFC: 14/04/2013 - 23:52:06 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130414222713-m.list   [1370]
O61 - LFC: 15/04/2013 - 00:40:40 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130414232839-l.list   [1366]
O61 - LFC: 15/04/2013 - 00:40:41 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130414232839-m.list   [5537]
O61 - LFC: 15/04/2013 - 07:07:45 -S-A- C:\Users\Thierry\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\ACF244F1A10D4DBED0D88EBA0C43A9B5_A9C858C1E3D297A71D80B8E1560DA3B5   [1508]
O61 - LFC: 15/04/2013 - 07:08:03 ---A- C:\Users\Thierry\AppData\Local\Temp\cce69d1f-cf57-456b-8ee2-799d134e821b.xml   [130]
O61 - LFC: 15/04/2013 - 07:08:16 -S-A- C:\Users\Thierry\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_A9C858C1E3D297A71D80B8E1560DA3B5   [406]
O61 - LFC: 15/04/2013 - 07:09:58 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415003003-l.list   [839]
O61 - LFC: 15/04/2013 - 07:09:58 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415003003-m.list   [611]
O61 - LFC: 15/04/2013 - 07:09:58 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415013129-l.list   [1439]
O61 - LFC: 15/04/2013 - 07:09:58 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415013129-m.list   [649]
O61 - LFC: 15/04/2013 - 07:09:58 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415023257-l.list   [920]
O61 - LFC: 15/04/2013 - 07:09:59 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415023257-m.list   [24]
O61 - LFC: 15/04/2013 - 07:09:59 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415030344-l.list   [378]
O61 - LFC: 15/04/2013 - 07:09:59 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415030344-m.list   [560]
O61 - LFC: 15/04/2013 - 07:09:59 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415033431-l.list   [336]
O61 - LFC: 15/04/2013 - 07:09:59 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415033431-m.list   [0]
O61 - LFC: 15/04/2013 - 07:09:59 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415040518-l.list   [581]
O61 - LFC: 15/04/2013 - 07:09:59 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415040518-m.list   [126]
O61 - LFC: 15/04/2013 - 07:10:00 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415043603-l.list   [465]
O61 - LFC: 15/04/2013 - 07:10:00 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415043603-m.list   [0]
O61 - LFC: 15/04/2013 - 07:10:00 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415050649-l.list   [395]
O61 - LFC: 15/04/2013 - 07:10:00 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415050649-m.list   [0]
O61 - LFC: 15/04/2013 - 07:10:00 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415053737-l.list   [1377]
O61 - LFC: 15/04/2013 - 07:10:00 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415053737-m.list   [0]
O61 - LFC: 15/04/2013 - 07:10:36 ---A- C:\Users\Thierry\AppData\Local\pctuto\uppct_fr_2.cyp   [524]
O61 - LFC: 15/04/2013 - 07:17:25 -SHA- C:\Users\Thierry\AppData\Roaming\Microsoft\Protect\S-1-5-21-360351707-2276754314-377163639-1001\b63df32f-d5b5-40cb-b432-23f4da5e1038   [468]
O61 - LFC: 15/04/2013 - 07:20:06 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Archived History   [57344]
O61 - LFC: 15/04/2013 - 07:20:06 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Archived History-journal   [512]
O61 - LFC: 15/04/2013 - 07:20:07 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor   [13312]
O61 - LFC: 15/04/2013 - 07:20:07 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal   [3608]
O61 - LFC: 15/04/2013 - 07:20:08 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Web Data   [73728]
O61 - LFC: 15/04/2013 - 07:20:09 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000005.sst   [185786]
O61 - LFC: 15/04/2013 - 07:20:09 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT   [16]
O61 - LFC: 15/04/2013 - 07:20:09 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000004   [91]
O61 - LFC: 15/04/2013 - 07:20:10 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Top Sites   [20480]
O61 - LFC: 15/04/2013 - 07:20:10 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal   [12824]
O61 - LFC: 15/04/2013 - 07:20:11 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG   [262]
O61 - LFC: 15/04/2013 - 07:20:15 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Managed Mode Settings   [8]
O61 - LFC: 15/04/2013 - 07:21:05 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\README   [180]
O61 - LFC: 15/04/2013 - 07:22:33 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Favicons   [24576]
O61 - LFC: 15/04/2013 - 07:22:33 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal   [16384]
O61 - LFC: 15/04/2013 - 07:22:33 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-04   [90112]
O61 - LFC: 15/04/2013 - 07:22:33 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-04-journal   [16384]
O61 - LFC: 15/04/2013 - 07:22:49 -S-A- C:\Users\Thierry\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\7D1F03728133589A90656A87E482B21F   [21901]
O61 - LFC: 15/04/2013 - 07:22:49 -S-A- C:\Users\Thierry\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\7D1F03728133589A90656A87E482B21F   [256]
O61 - LFC: 15/04/2013 - 07:22:52 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Cookies   [10240]
O61 - LFC: 15/04/2013 - 07:22:52 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal   [6704]
O61 - LFC: 15/04/2013 - 07:23:05 ---A- C:\Users\Thierry\Downloads\esetsmartinstaller_enu.exe   [2347384]
O61 - LFC: 15/04/2013 - 07:25:00 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Safe Browsing Download   [1468936]
O61 - LFC: 15/04/2013 - 07:25:01 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom   [1924660]
O61 - LFC: 15/04/2013 - 07:25:01 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set   [409786]
O61 - LFC: 15/04/2013 - 07:25:01 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist   [134612]
O61 - LFC: 15/04/2013 - 07:25:01 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist   [19852]
O61 - LFC: 15/04/2013 - 07:25:01 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist   [4628]
O61 - LFC: 15/04/2013 - 07:25:05 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Current Session   [68671]
O61 - LFC: 15/04/2013 - 07:25:06 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Current Tabs   [15818]
O61 - LFC: 15/04/2013 - 07:25:06 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\History   [94208]
O61 - LFC: 15/04/2013 - 07:25:06 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache   [3935]
O61 - LFC: 15/04/2013 - 07:25:06 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\History-journal   [16384]
O61 - LFC: 15/04/2013 - 07:25:06 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Preferences   [29276]
O61 - LFC: 15/04/2013 - 07:25:06 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Visited Links   [131072]
O61 - LFC: 15/04/2013 - 07:25:06 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Local State   [24830]
O61 - LFC: 15/04/2013 - 07:25:06 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies   [6144]
O61 - LFC: 15/04/2013 - 07:25:06 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal   [4640]
O61 - LFC: 15/04/2013 - 07:25:07 ---A- C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt   [5]
O61 - LFC: 15/04/2013 - 07:35:02 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415061026-l.list   [215]
O61 - LFC: 15/04/2013 - 07:35:02 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415061026-m.list   [2733]
O61 - LFC: 15/04/2013 - 08:00:03 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415064112-l.list   [62]
O61 - LFC: 15/04/2013 - 08:00:03 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415064112-m.list   [0]
O61 - LFC: 15/04/2013 - 08:25:05 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415071156-l.list   [666]
O61 - LFC: 15/04/2013 - 08:25:05 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415071156-m.list   [1902]
O61 - LFC: 15/04/2013 - 08:54:15 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415074242-l.list   [0]
O61 - LFC: 15/04/2013 - 08:54:16 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415074242-m.list   [66]
O61 - LFC: 15/04/2013 - 09:20:31 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415081327-l.list   [262]
O61 - LFC: 15/04/2013 - 09:20:31 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415081327-m.list   [1395]
O61 - LFC: 15/04/2013 - 09:47:49 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415084415-l.list   [205]
O61 - LFC: 15/04/2013 - 09:47:49 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415084415-m.list   [37]
O61 - LFC: 15/04/2013 - 09:47:54 ---A- C:\Users\Thierry\AppData\Local\pctuto\pctuto\1.10\ads.cyl   [69]
O61 - LFC: 15/04/2013 - 09:59:01 ---A- C:\Users\Thierry\AppData\Local\pctuto\pctuto\1.10\conf.cyl   [95]
O61 - LFC: 15/04/2013 - 16:45:32 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415091504-l.list   [162]
O61 - LFC: 15/04/2013 - 16:45:32 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415091504-m.list   [1154]
O61 - LFC: 15/04/2013 - 16:45:32 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415094551-l.list   [23]
O61 - LFC: 15/04/2013 - 16:45:32 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415094551-m.list   [418]
O61 - LFC: 15/04/2013 - 16:45:32 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415101637-l.list   [500]
O61 - LFC: 15/04/2013 - 16:45:32 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415101637-m.list   [639]
O61 - LFC: 15/04/2013 - 16:45:32 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415104724-l.list   [0]
O61 - LFC: 15/04/2013 - 16:45:33 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415104724-m.list   [71]
O61 - LFC: 15/04/2013 - 16:45:33 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415111812-l.list   [192]
O61 - LFC: 15/04/2013 - 16:45:33 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415111812-m.list   [0]
O61 - LFC: 15/04/2013 - 16:45:33 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415114901-l.list   [4932]
O61 - LFC: 15/04/2013 - 16:45:33 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415114901-m.list   [0]
O61 - LFC: 15/04/2013 - 16:45:33 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415121947-l.list   [411]
O61 - LFC: 15/04/2013 - 16:45:33 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415121947-m.list   [431]
O61 - LFC: 15/04/2013 - 16:45:34 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415125033-l.list   [235]
O61 - LFC: 15/04/2013 - 16:45:34 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415125033-m.list   [0]
O61 - LFC: 15/04/2013 - 16:45:34 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415132119-l.list   [863]
O61 - LFC: 15/04/2013 - 16:45:34 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415132119-m.list   [67]
O61 - LFC: 15/04/2013 - 16:45:34 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415135207-l.list   [280]
O61 - LFC: 15/04/2013 - 16:45:34 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415135207-m.list   [34]
O61 - LFC: 15/04/2013 - 16:45:34 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415142254-l.list   [977]
O61 - LFC: 15/04/2013 - 16:45:34 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415142254-m.list   [2456]
O61 - LFC: 15/04/2013 - 16:45:35 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415145341-l.list   [543]
O61 - LFC: 15/04/2013 - 16:45:35 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415145341-m.list   [266]
O61 - LFC: 15/04/2013 - 16:45:35 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415152427-l.list   [682]
O61 - LFC: 15/04/2013 - 16:45:35 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415152427-m.list   [9323]
O61 - LFC: 15/04/2013 - 16:48:06 ---A- C:\Users\Thierry\AppData\Roaming\Ad-Aware Antivirus\gaming-mode.xml   [64]
O61 - LFC: 15/04/2013 - 16:48:06 ---A- C:\Users\Thierry\AppData\Roaming\Ad-Aware Antivirus\id-watch-dog.xml   [352]
O61 - LFC: 15/04/2013 - 16:48:06 ---A- C:\Users\Thierry\AppData\Roaming\Ad-Aware Antivirus\protection-status.xml   [96]
O61 - LFC: 15/04/2013 - 16:48:06 ---A- C:\Users\Thierry\AppData\Roaming\Ad-Aware Antivirus\update-parameters.xml   [96]
O61 - LFC: 15/04/2013 - 16:48:08 ---A- C:\Users\Thierry\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveCommLast.etl   [131072]
O61 - LFC: 15/04/2013 - 16:48:08 --HA- C:\Users\Thierry\AppData\Local\IconCache.db   [112264]
O61 - LFC: 15/04/2013 - 16:49:03 ----- C:\Users\Thierry\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm.etl   [0]
O61 - LFC: 15/04/2013 - 16:49:05 ---A- C:\Users\Thierry\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\2b26647f9f731a4e\120712-0049\DBStore\edb.chk   [8192]
O61 - LFC: 15/04/2013 - 16:49:08 -S-A- C:\Users\Thierry\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157   [338]
O61 - LFC: 15/04/2013 - 16:49:32 ---A- C:\Users\Thierry\AppData\Roaming\Ad-Aware Antivirus\application-settings.xml   [352]
O61 - LFC: 15/04/2013 - 16:49:36 ---A- C:\Users\Thierry\AppData\Local\Temp\2883345b-b8fb-453f-87ba-9812ba7eca9d.xml   [130]
O61 - LFC: 15/04/2013 - 17:20:05 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415155515-l.list   [2402]
O61 - LFC: 15/04/2013 - 17:20:05 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415155515-m.list   [666]
O61 - LFC: 15/04/2013 - 17:37:54 ---A- C:\Users\Thierry\AppData\Roaming\Microsoft\Spelling\fr-FR\default.acl   [2]
O61 - LFC: 15/04/2013 - 17:37:54 ---A- C:\Users\Thierry\AppData\Roaming\Microsoft\Spelling\fr-FR\default.dic   [2]
O61 - LFC: 15/04/2013 - 17:37:54 ---A- C:\Users\Thierry\AppData\Roaming\Microsoft\Spelling\fr-FR\default.exc   [2]
O61 - LFC: 15/04/2013 - 17:45:06 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415162602-l.list   [564]
O61 - LFC: 15/04/2013 - 17:45:06 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415162602-m.list   [8436]
O61 - LFC: 15/04/2013 - 18:10:07 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415165650-l.list   [956]
O61 - LFC: 15/04/2013 - 18:10:07 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415165650-m.list   [592]
O61 - LFC: 15/04/2013 - 18:58:37 ---A- C:\Users\Thierry\AppData\Local\adawarebp\catalog.list   [8177]
O61 - LFC: 15/04/2013 - 18:58:37 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415172738-l.list   [1343]
O61 - LFC: 15/04/2013 - 18:58:37 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415172738-m.list   [488]
O61 - LFC: 15/04/2013 - 18:58:37 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415175822-l.list   [511]
O61 - LFC: 15/04/2013 - 18:58:38 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\130415175822-m.list   [14030]
O61 - LFC: 15/04/2013 - 18:58:38 ---A- C:\Users\Thierry\AppData\Local\adawarebp\data\temp.zip   [5027]
O61 - LFC: 15/04/2013 - 19:00:49 ---A- C:\Users\Thierry\AppData\Roaming\Ad-Aware Antivirus\definitions-date.xml   [256]
O61 - LFC: 15/04/2013 - 19:03:47 -S-A- C:\Users\Thierry\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\AFA2A5744430E65F42D3175FABFBE3E8   [19648]
O61 - LFC: 15/04/2013 - 19:03:47 -S-A- C:\Users\Thierry\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\AFA2A5744430E65F42D3175FABFBE3E8   [222]
O61 - LFC: 15/04/2013 - 19:03:47 -S-A- C:\Users\Thierry\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\E2EF7F0FB7284B9ACFD4F65D02218479   [264]
O61 - LFC: 15/04/2013 - 19:09:18 ---A- C:\Users\Thierry\Downloads\infection\ZHPDiag2.exe   [5566486]
~ 78 Fichiers temporaires (Temporary files)
~ Files: 453 Scanned in 01mn 26s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS:  Scanned in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ FASS Keys: 18 Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [Thierry - 0i58b0oh.default] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [Thierry - 0i58b0oh.default] user_pref("extensions.delta.aflt", "babsst");
O69 - SBI: prefs.js [Thierry - 0i58b0oh.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [Thierry - 0i58b0oh.default] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [Thierry - 0i58b0oh.default] user_pref("extensions.delta.dfltLng", "en");
O69 - SBI: prefs.js [Thierry - 0i58b0oh.default] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [Thierry - 0i58b0oh.default] user_pref("extensions.delta.ffxUnstlRst", true);
O69 - SBI: prefs.js [Thierry - 0i58b0oh.default] user_pref("extensions.delta.id", "6873368a0000000000001a942370c401");
O69 - SBI: prefs.js [Thierry - 0i58b0oh.default] user_pref("extensions.delta.instlDay", "15809");
O69 - SBI: prefs.js [Thierry - 0i58b0oh.default] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [Thierry - 0i58b0oh.default] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [Thierry - 0i58b0oh.default] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [Thierry - 0i58b0oh.default] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [Thierry - 0i58b0oh.default] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [Thierry - 0i58b0oh.default] user_pref("extensions.delta.smplGrp", "none");
O69 - SBI: prefs.js [Thierry - 0i58b0oh.default] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [Thierry - 0i58b0oh.default] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [Thierry - 0i58b0oh.default] user_pref("extensions.delta.vrsn", "1.8.16.16");
O69 - SBI: prefs.js [Thierry - 0i58b0oh.default] user_pref("extensions.delta.vrsnTs", "1.8.16.1621:22:29");
O69 - SBI: prefs.js [Thierry - 0i58b0oh.default] user_pref("extensions.delta.vrsni", "1.8.16.16");
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Delta Search) - http://www1.delta-search.com  =>Toolbar.DeltaSearch
O69 - SBI: SearchScopes [HKCU] {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} [DefaultScope] - (SecureSearch) - http://lavasoft.blekko.com
~ Keys:  Scanned in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [190976]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [149504]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [149504]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [309248]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [1366016]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [1071104]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [99840]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll   [358400]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [107520]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [62976]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [438784]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [305664]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [3240448]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [826368]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [565760]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [894464]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [69632]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [151552]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [105472]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [1282560]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [219648]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [80896]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [209920]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [291328]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [190976]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll   [1964544]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [47104]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll   [207872]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll   [161792]
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll   [180224]
~ Services: 34 Scanned in 00mn 01s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.702BF5138F248D8529F5A6EFCE998AE3] [SPRF][14/04/2013] (.Lavasoft - Ad-Aware Security Add-on Installer.) -- C:\Users\Thierry\AppData\Local\Temp\8e07ac32-6229-4a8d-b1a9-2f2d94ca7731.exe   [3134432]
~ Files:  Scanned in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "vm-monitoring-rpc" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "vm-monitoring-dcom" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe
O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Netlogon-TCP-RPC-In" | In - None - P6 - FALSE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "ProximityUxHost-Sharing-In-TCP-NoScope" | In - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe
O87 - FAEL: "ProximityUxHost-Sharing-Out-TCP-NoScope" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-DAS-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-DAS-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-In-UDP-NoScope" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-UDP-LocalSubnetScope" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-NoScope" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-LocalSubnetScope" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-NoScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-LocalSubnetScope" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-SSDP-Discovery-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-In-TCP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-Out-TCP-PlayToScope" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TPMVSCMGR-Server-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-Server-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TPMVSCMGR-Server-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-Server-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-TERMSRV-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{A351A16A-1B87-49D5-81CE-F5DD85D29371}" | In - Domain - P6 - TRUE | .(.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
O87 - FAEL: "{3433D34A-B14B-4070-BD5F-D0A4179FBC09}" | In - Domain - P6 - TRUE | .(.NTI Corporation - Backup Manager Module.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O87 - FAEL: "{000A8EEA-6BF8-47D3-88EA-320D34975DFE}" | In - Domain - P6 - TRUE | .(.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
O87 - FAEL: "{C4A98CD8-E41B-4A86-8DF2-2B3FFCB4EB41}" | In - Public - P6 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\Program Files (x86)\Spotify\spotify.exe
O87 - FAEL: "{E582ADCF-023F-402B-BCEB-DBCDFD9B4DF7}" | In - Public - P17 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\Program Files (x86)\Spotify\spotify.exe
O87 - FAEL: "{E6532188-1C33-4A1B-9844-06D1B2D5C1A1}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
O87 - FAEL: "{4C0F5751-F963-49B5-A60E-01F135D0FA9E}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
O87 - FAEL: "{898F7745-F5D3-401D-9F37-4E79307F2487}" | In - None - P6 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
O87 - FAEL: "{8E4162B0-9BC5-4485-84F2-DBDDE9CFB875}" | In - None - P17 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
O87 - FAEL: "{2FA2962C-1C0F-4481-987A-77109C68397C}" | In - None - P6 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
O87 - FAEL: "{F0351746-5748-41C4-B0D6-B4EE8F8DDBDB}" | In - None - P17 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
O87 - FAEL: "{085A5D25-AAD2-4F40-B328-6CAFC7B2B5B0}" | In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
O87 - FAEL: "{A185043D-0273-4265-A6CF-A90F880708AC}" | In - None - P6 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
O87 - FAEL: "{FED08104-EE90-442E-A880-16334011ECE1}" | In - None - P17 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
O87 - FAEL: "{F0FA6868-2270-4493-9392-3CEF3EE2230E}" | In - None - P6 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
O87 - FAEL: "{E3FF1F7B-3FC9-4660-B6AB-B1657AD766DB}" | In - None - P17 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
O87 - FAEL: "{1335A133-3286-4348-8AAA-2C7A4571F7D7}" | In - None - P6 - TRUE | .(.Acer Cloud Technology - AcerCloud Client.) -- C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
O87 - FAEL: "{A56D2FB5-D4E7-474A-81EA-B2E8EF4BDBEA}" | In - None - P17 - TRUE | .(.Acer Cloud Technology - AcerCloud Client.) -- C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
O87 - FAEL: "{DCBF96D3-7B9F-46C0-8A6C-D1ADFE627ED2}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{A3BE22BD-C353-4363-B3F5-38C14C9BCB19}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{BC176805-08AA-4D92-B36A-BA0F4C16B413}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "{DF570005-11B3-4B84-BD38-6BF8EDA9529B}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{205FC0F5-BEB1-4A97-A7C2-63370713C007}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{3F6509EC-E72C-4D0D-BAA5-996B41A1ED14}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{CC100E99-7EDF-49C6-B5C5-2F0E39FDA5A3}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{69B8FE37-0934-4C08-8A0A-CFE290673165}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{F49B8674-434E-47A1-83C9-DAB7DFFC54D6}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{1302689F-6218-489E-8E3B-9347E789DD05}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{45B44697-84F7-4445-80BC-BE0A77FFDE7E}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{2C4F79F7-DB27-400B-A84A-3D2BDE3B4B9F}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{3CE58538-FED0-4DAD-96BA-2B47C8E5AFBA}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{89D2DBE0-8BB6-4909-95AB-C9ADA49E7270}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{C069E1CA-D0C7-4C09-9075-8B44B328934E}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{4D760CF8-C453-414D-82A7-0E6D635B2495}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{3D06F669-4C8D-4A27-BE1A-55D3BF6CB13F}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{457F87B4-0A25-4854-B725-06321DF961FB}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{B90C7355-6B79-44AC-B084-F98956ED720B}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{2865D013-C2F6-4AFF-9FBE-5B2B653BFEAD}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{00C0BE2D-BAE8-4646-89D6-922CEA298B0A}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{DA320B1C-2145-4A59-93FE-FFF6874E67EF}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{07787C76-F090-4829-80A0-D89D12E576BF}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{C9D90979-F07B-4AAE-960C-A19E7773EDD9}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{A8D04555-6664-4A3E-9C19-B5A38FB92B5D}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{FA083F9D-D8DA-45E4-BEAA-CB9FE257EC30}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "{96F037D6-085D-4587-9275-E6CB39723012}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{BFC9EFA3-F885-463E-8CA3-6ECED303F2A4}" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{16E96A5F-5A01-4C06-8909-4B451B67A903}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{F44A14FB-03C3-47AD-B3FB-73DFD7197227}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{1B004621-512E-4735-A4FC-C9D404772A42}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files (x86)\Microsoft Office\Office12\outlook.exe
O87 - FAEL: "{9D253AFD-9EFC-48C9-BFEE-BBB49EA68C42}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{906476A3-69DD-4C90-B128-7609BDF5D8B1}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{3EA2DDDC-7986-41C9-939C-BA56AFF44149}" | In - Private - P6 - TRUE | .(.Visicom Media Inc. - DtUser.) -- C:\Program Files (x86)\adawaretb\dtUser.exe
O87 - FAEL: "{18BC27F3-2AC8-4E13-AA8F-21050FB159AD}" | In - Private - P17 - TRUE | .(.Visicom Media Inc. - DtUser.) -- C:\Program Files (x86)\adawaretb\dtUser.exe
~ Firewall: 241 Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : v2.11536 - (14/04/2013)
Clés trouvées (Keys found) : 77
Valeurs trouvées (Values found) : 1
Dossiers trouvés  (Folders found) : 17
Fichiers trouvés  (Files found) : 4

[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}]   =>Toolbar.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}]   =>Toolbar.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}]   =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]   =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]   =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]   =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]   =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}]   =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}]   =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}]   =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escort.dll]   =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll]   =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll]   =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE]   =>Toolbar.Babylon
[HKLM\Software\Classes\escort.escortIEPane]   =>PUP.Funmoods
[HKLM\Software\Classes\escort.escortIEPane.1]   =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph]   =>PUP.SpecialSavings
[HKCU\Software\BabylonToolbar]   =>Toolbar.Babylon
[HKCU\Software\Cr_Installer]   =>Adware.VidSaver
[HKCU\Software\DataMngr]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr]   =>Adware.Bandoo
[HKCU\Software\PCTuto]   =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\PCTuto]   =>Spyware.AgenceExclusive
[HKCU\Software\Tutorials]   =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PcTuto_is1]   =>Spyware.AgenceExclusive
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]   =>Toolbar.DeltaSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]   =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]   =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Prod.cap]   =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings]   =>PUP.BProtector
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}]   =>PUP.Funmoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}]   =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}]   =>PUP.BProtector
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}]   =>Toolbar.DeltaSearch
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}]   =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}]   =>Toolbar.DeltaSearch
[HKLM\Software\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}]   =>Toolbar.DeltaSearch
[HKLM\Software\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}]   =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}]   =>Toolbar.DeltaSearch
[HKLM\Software\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}]   =>Toolbar.DeltaSearch
[HKLM\Software\Classes\delta.deltaappCore]   =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltaappCore.1]   =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltadskBnd]   =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltadskBnd.1]   =>PUP.Funmoods
[HKLM\Software\Classes\AppID\ESRV.EXE]   =>Adware.Facemoods
[HKLM\Software\Classes\CrossriderApp0019962.BHO]   =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0019962.BHO.1]   =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0019962.Sandbox]   =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0019962.Sandbox.1]   =>PUP.CrossRider
[HKLM\Software\Classes\delta.deltaHlpr]   =>toolbar.DeltaSearch
[HKLM\Software\Classes\delta.deltaHlpr.1]   =>toolbar.DeltaSearch
[HKLM\Software\Classes\esrv.deltaESrvc]   =>toolbar.DeltaSearch
[HKLM\Software\Classes\esrv.deltaESrvc.1]   =>toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0019962.BHO]   =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0019962.BHO.1]   =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0019962.Sandbox]   =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0019962.Sandbox.1]   =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\delta.deltaappCore]   =>toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\delta.deltaappCore.1]   =>toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\delta.deltadskBnd]   =>toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\delta.deltadskBnd.1]   =>toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\delta.deltaHlpr]   =>toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\delta.deltaHlpr.1]   =>toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\esrv.deltaESrvc]   =>toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\esrv.deltaESrvc.1]   =>toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane]   =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane.1]   =>PUP.Funmoods
[HKLM\Software\Classes\AppID\escort.DLL]   =>PUP.Funmoods
[HKLM\Software\Classes\AppID\escortApp.DLL]   =>PUP.Funmoods
[HKLM\Software\Classes\AppID\escortEng.DLL]   =>PUP.Funmoods
[HKLM\Software\Classes\AppID\escorTlbr.DLL]   =>PUP.Funmoods
[HKCU\Software\Mozilla\Firefox\Extensions]:{0F827075-B026-42F3-885D-98981EE7B1AE}   =>Toolbar.Babylon
C:\Program Files (x86)\adawaretb   =>Toolbar.Agent
C:\Program Files (x86)\PCTuto   =>Spyware.AgenceExclusive
C:\Program Files (x86)\Supreme Savings   =>PUP.RewardsArcade
C:\ProgramData\adawaretb   =>Toolbar.Agent
C:\ProgramData\Babylon   =>Toolbar.Babylon
C:\ProgramData\Installer   =>Adware.InstallPedia
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCTuto   =>Spyware.AgenceExclusive
C:\Users\Thierry\AppData\Roaming\Babylon   =>Toolbar.Babylon
C:\Users\Thierry\AppData\Roaming\BabSolution   =>Hijacker.BabSolution
C:\Users\Thierry\AppData\Local\PCTuto   =>Spyware.AgenceExclusive
C:\Users\Thierry\AppData\Local\Supreme Savings   =>PUP.RewardsArcade
C:\Users\Thierry\AppData\LocalLow\adawaretb   =>Toolbar.Agent
C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph   =>Adware.GamePlayLabs
C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde   =>Toolbar.DeltaSearch
C:\Users\Thierry\AppData\Local\\Updater19962  =>PUP.CrossRider^
C:\Users\Thierry\AppData\Roaming\Mozilla\Firefox\Profiles\0i58b0oh.default\adawaretb   =>Toolbar.Agent
C:\Users\Thierry\AppData\Roaming\Mozilla\Firefox\Profiles\0i58b0oh.default\Extensions\ffxtlbr@delta.com   =>PUP.Funmoods
C:\Users\Thierry\AppData\Roaming\Mozilla\Firefox\Profiles\0i58b0oh.default\bprotector_extensions.sqlite   =>PUP.BProtector
C:\Users\Thierry\AppData\Roaming\Mozilla\Firefox\Profiles\0i58b0oh.default\bprotector_prefs.js   =>PUP.BProtector
C:\Users\Thierry\AppData\Local\Temp\GoogleToolbarInstaller1.log  =>Toolbar.Babylon
C:\Users\Thierry\AppData\Local\Temp\GoogleToolbarInstaller2.log  =>Toolbar.Babylon
~ Additionnel:  Scanned in 00mn 20s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "00004159070000000000000000F01FEC" . (.Microsoft Office.) -- C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe
O90 - PUC: "05B51F93779A6AC41B3CA67842DC0A52" . (.MyWinLocker 4.) -- C:\windows\Installer\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}\ARPPRODUCTICON.exe
O90 - PUC: "0B8EF4ACC892D5E44A683FB321D6A6A0" . (.AcerCloud Docs.) -- C:\Windows\Installer\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}\icon.ico
O90 - PUC: "0BCE87B0B6A1D6E4987DE0C77EF74072" . (.MyWinLocker.) -- C:\windows\Installer\{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}\ARPPRODUCTICON.exe
O90 - PUC: "0C776EBEBCBCFBE408892EE7B12517FC" . (.VAFPlayer.) -- C:\Windows\Installer\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}\_112D608FD02CD87FDC7735.exe
O90 - PUC: "1BF4A48A307DBD84980E866B94D98210" . (.Qualcomm Atheros Bluetooth Suite (64).) -- C:\Windows\Installer\{A84A4FB1-D703-48DB-89E0-68B6499D2801}\ARPPRODUCTICON.exe
O90 - PUC: "203E62EEA6789D84098513925E9B9999" . (.Live Updater.) -- C:\windows\Installer\{EE26E302-876A-48D9-9058-3129E5B99999}\icon.ico
O90 - PUC: "2F98DA5B3D306024487810288900D70D" . (.clear.fi Photo.) -- C:\Windows\Installer\{B5AD89F2-03D3-4206-8487-018298007DD0}\icon.ico
O90 - PUC: "38E5962CD1FC1D3448EF3BEB5C1610A2" . (.Shredder.) -- C:\windows\Installer\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}\ARPPRODUCTICON.exe
O90 - PUC: "4179FD719C069C349A2C23CBEA4DC4EB" . (.MyWinLocker Suite.) -- C:\windows\Installer\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}\ARPPRODUCTICON.exe
O90 - PUC: "456BC9D3DA991034986CD0217A0967C7" . (.Identity Card.) -- C:\windows\Installer\{3D9CB654-99AD-4301-89C6-0D12A790767C}\icon.ico
O90 - PUC: "613755F10CFCDB14FA7FB84CC94E447D" . (.Shredder.) -- C:\windows\Installer\{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}\ARPPRODUCTICON.exe
O90 - PUC: "68AB67CA7DA76301B744BA0000000010" . (.Adobe Reader XI (11.0.02) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O90 - PUC: "7071FA9EA3F32E943854F4D226D98067" . (.clear.fi Media.) -- C:\Windows\Installer\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}\icon.ico
O90 - PUC: "71B0DA5AD43FEB941A758C3B5DA2DC31" . (.AcerCloud.) -- C:\Windows\Installer\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}\icon.ico
O90 - PUC: "75FA496A198926D428C4E7551A63A141" . (.eBay Worldwide.) -- c:\Windows\Installer\{A694AF57-9891-4D62-824C-7E55A1361A14}\_853F67D554F05449430E7E.exe
O90 - PUC: "813A512872CCE5343BAEE243348C99C8" . (.Acer Instant Update Service.) -- C:\windows\Installer\{8215A318-CC27-435E-B3EA-2E3443C8998C}\AOAC.ico
O90 - PUC: "8489373E92353E84D882B5DBE6B83E48" . (.MediaEspresso.) -- C:\windows\Installer\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\ARPPRODUCTICON.exe
O90 - PUC: "A5002F70CAC8B4A4382AAD897A22AC16" . (.Recovery Management.) -- C:\windows\Installer\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}\.\Bitmaps\eRecoveryicon.ico
O90 - PUC: "D724AD5332BB8B94A9DFFCCFEFB307D8" . (.clear.fi SDK- Movie.) -- C:\Windows\Installer\{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}\ARPPRODUCTICON.exe
O90 - PUC: "DAC33ABE170E5d841A86BF4AEE4BE239" . (.clear.fi SDK - Video.) -- C:\Windows\Installer\{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}\ARPPRODUCTICON.exe
O90 - PUC: "E020570F2B34C2F479328CC11E267E6B" . (.Ad-Aware Antivirus.) -- C:\Windows\Installer\{F075020E-43B2-4F2C-9723-C81CE162E7B6}\ARPPRODUCTICON.exe
O90 - PUC: "E02FDDD91DF943444AE37E88D9CB4902" . (.Backup Manager v4.) -- C:\windows\Installer\{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}\ARPPRODUCTICON.exe
O90 - PUC: "F2FD7A0F0EB0F0741B737D1AF9791798" . (.Broadcom Card Reader Driver Installer.) -- C:\Windows\Installer\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}\ARPPRODUCTICON.exe
~ Update Products: 59 Scanned in 00mn 00s



---\\ Random Export Key (O91)
[HKCU\Software\5ded9dab73ae410]   =>Toolbar.Babylon^
[HKCU\Software\5ded9dab73ae410]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\5ded9dab73ae410]:version="2.6.1125.80"
[HKLM\Software\Wow6432Node\5ded9dab73ae410]   =>Toolbar.Babylon^
[HKLM\Software\Wow6432Node\5ded9dab73ae410]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKLM\Software\Wow6432Node\5ded9dab73ae410]:version="2.6.1125.80"
~ Export Key Software:  Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/03/2013 1236336 |  (Ad-Aware Service) . (.Lavasoft Limited.) - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
SR - | Auto 18/12/2012 65192 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 03/04/2013 253656 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 10/08/2012 211584 |  (AtherosSvc) . (.Qualcomm Atheros Commnucations.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
SR - | Auto 20/08/2012 176640 |  (BrcmCardReader) . (.Broadcom Corp..) - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
SR - | Auto  2569168 |  (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe  =>Toolbar.Babylon
SR - | Auto 23/08/2012 2435728 |  (CCDMonitorService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
SS - | Demand 08/08/2012 276288 |  (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 23/08/2012 468624 |  (DeviceFastLaneService) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
SR - | Auto 28/08/2012 348784 |  (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
SS - | Demand 12/07/2012 174160 |  (EgisTec Ticket Service) . (.Egis Technology Inc..) - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
SR - | Demand 22/08/2012 658576 |  (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
SR - | Auto 30/08/2012 28560 |  (ETDService) . (.ELAN Microelectronics Corp..) - C:\Program Files\Elantech\ETDService.exe
SS - | Demand 12/10/2010 206072 |  (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 14/04/2013 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 14/04/2013 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 14/04/2013 194032 |  (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 20/04/2012 635104 |  (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 18/07/2012 165760 |  (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 18/07/2012 276864 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Demand 12/04/2013 115608 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 02/11/2012 259136 |  (NTI IScheduleSvc) . (.NTI Corporation.) - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
SR - | Auto 26/09/2012 93296 |  (RfButtonDriverService) . (.Dritek System INC..) - C:\Windows\RfBtnSvc64.exe
SR - | Auto 20/09/2012 3677000 |  (SBAMSvc) . (.GFI Software.) - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
SR - | Auto 18/07/2012 364416 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto  0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 31/07/2012 81536 |  (ZAtheros Wlan Agent) . (.Atheros.) - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
~ Services:  Scanned in 00mn 03s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Scanned in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Thierry at 15/04/2013 20:22:26

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR:  Scanned in 00mn 04s



End of the scan (2393 lines in 05mn 44s)(0)