~ Rapport de ZHPDiag v2013.10.16.42 - Nicolas Coolman  (16/10/2013)
~ Lancé par Bill Gates (16/10/2013 21:49:38)
~ Adresse du Site Web  http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version : 
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16721
MFIE: Mozilla Firefox 22.0
GCIE: Google Chrome v29.0.1547.66 (Defaut)
OBIE: Safari v5.34.57.2

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista Home Premium Edition, 64-bit  (Build 6000)
Windows Server License Manager Script : OK

---\\ Logiciels de protection du système
Avira Free Antivirus v13.0.0.4042
Malwarebytes Anti-Malware version 1.75.0.1300

---\\ Logiciels d'optimisation du système
CCleaner v3.17 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer
Pando Media Booster v2.6.0.8

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 25

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4043 MB (36% free)
System Restore: Activé (Enable)
System drive C: has 257 GB (45%) free of 571 GB

---\\ Mode de connexion au système
~ Computer Name: BILLGATES-HP
~ User Name: Bill Gates
~ All Users Names: OA, HomeGroupUser$, Bill Gates, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Bill Gates\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Bill Gates\AppData\Roaming\
~ %Desktop% : C:\Users\Bill Gates\Desktop\
~ %Favorites% : C:\Users\Bill Gates\Favorites\
~ %LocalAppData% : C:\Users\Bill Gates\AppData\Local\
~ %StartMenu% : C:\Users\Bill Gates\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 257 Go of 571 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 21 Go)
E: Hard drive, Flash drive, Thumb drive (Free 0 Go of 4 Go)
F: CD-ROM drive (Not Inserted)
G: CD-ROM drive (Free 0 Go of 7 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 38 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.04/11/2011 - 22:57:32.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.D28B35DE88D27EFB27DF4B1E8319E3C0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.16/10/2013 - 00:01:03.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.314C17917AC8523EC77A710215012A65] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/09/2013 - 02:10:19.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/11/2011 - 22:59:54.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.04/11/2011 - 22:55:34.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes:  Scanned in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/197
~ Mes musiques (My Musics) : 2/8
~ Mes Videos (My Videos) : 2/249
~ Mes Favoris (My Favorites) : 1/12
~ Mes Documents (My Documents) : 3/34556
~ Mon Bureau (My Desktop) : 3/15729
~ Menu demarrer (Programs) : 1/56
~ Hidden Files:  Scanned in 01mn 13s



---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe   [532040] [PID.1992]
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe   [136488] [PID.3560]
[MD5.10E89F598469C60D8C87A8218089A87D] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Bill Gates\AppData\Local\Akamai\netsession_win.exe   [4489472] [PID.320]
[MD5.4458989C34FA84B5A75DD3ABCFBE786A] - (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe   [3093624] [PID.1460]
[MD5.C948AC73822CA662CF44185B909EA18B] - (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.exe   [720064] [PID.1724]
[MD5.D213F06AE294341F3503FD74E22E7DDA] - (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\Bill Gates\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe   [257136] [PID.1208]
[MD5.6C3DBE1AB6E79D29C53A2242044DCC76] - (.Hewlett-Packard Company - HP QuickWeb Utilities.) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe   [169528] [PID.2872]
[MD5.8A3B69683E63808719D24E1C68C21CC7] - (.Hewlett-Packard Development Company, L.P. - HP On Screen Display.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe   [379960] [PID.2124]
[MD5.D658AB1B55127D18DCFBCAC8CAAEA522] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe   [49208] [PID.3544]
[MD5.DB3F7F19F942D3CE4E1A0E8D9FF541FB] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe   [347192] [PID.3524]
[MD5.8192B2E274607D1D530F5C191698C544] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe   [578944] [PID.916]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [253816] [PID.3988]
[MD5.F6158734F1E24C6C510155CF0D363911] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe   [295512] [PID.2908]
[MD5.DF1BBA1168C0AD1D080A1F1B99576A76] - (.Google Inc. - Google Chrome.) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe   [829392] [PID.4112]
[MD5.A2CB714DCF8F0E134F2429AF673C7C08] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe   [506744] [PID.1292]
[MD5.281AA535DB9FA6C906656E04734CAC72] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8094720] [PID.3996]
~ Processes Running:  Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.fr
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [cfhdojbkjhnklbpkdaibdccddilifddb] Adblock Plus v.1.6, (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock v.2.6.10, (Activé)
G2 - GCE: Preference [User Data\Default] [idhngdhcfkoamngbedgpaokgjbnpdiji] RealDownloader v.1.3.3 (Désactivé)
G2 - GCE: Preference [User Data\Default] [jkmldmjpckbcljhbjpplolfpckheplog] Skiplimites - Extension v.2.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Chrome In-App Payments service v.0.0.4.11 (Activé)
G2 - GCE: Preference [User Data\Default] [pipaffcpmobohfilpejhaciheebhaaej] DebrideurStreaming - Add-On v.2.1 (Activé)
~ Google Browser: 13 Scanned in 00mn 12s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\Bill Gates\AppData\Roaming\Mozilla\Firefox\Profiles\biwm1wgv.default\prefs.js
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_31 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKLM] [adobe.com/AdobeAAMDetect] - (.Adobe Systems - A plugin to detect whether the Adobe Application Manager is installed.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
P2 - FPN: [HKLM] [adobe.com/AdobeExManDetect] - (.Adobe Systems - A plugin to detect whether the Adobe Extension Manager is installed on.) -- C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Bill Gates\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Bill Gates\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 4.1.2f1.) -- C:\Users\Bill Gates\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
~ Firefox Browser: 10 Scanned in 00mn 01s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKCU\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main,Start Page = http://allssearch.com =>Adware.SocialSkinz
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16521 (win8_gdr_soc_ie.130216-2100)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 11 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer [64Bits] - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealDownloader - RealPlayer Download and Record Plugin.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: Bing Bar Helper [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (...) -- "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (.not file.) =>Toolbar.Bing
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper [64Bits] - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} . (.Hewlett-Packard - HP Network Check IE Plug-in.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
~ BHO: 14 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Achat de consommables - HP Deskjet 1050 J410 series.lnk . (...)  -- C:\Program Files (x86)\HP\HP Deskjet 1050 J410 series\Bin\hpqDTSS.exe (.not file.)
O4 - GS\Desktop [Public]: Adobe Application Manager.lnk . (.Adobe Systems Incorporated - Adobe Application Manager.)  -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe 
O4 - GS\Desktop [Public]: Adobe Reader X.lnk . (.Adobe Systems Incorporated - Adobe Reader.)  -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe 
O4 - GS\Desktop [Public]: Avira Control Center.lnk . (.Avira Operations GmbH & Co. KG - Avira Control Center.)  -- C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe 
O4 - GS\Desktop [Public]: CCleaner.lnk . (...)  -- C:\Program Files (x86)\CCleaner\CCleaner64.exe (.not file.) =>Piriform Ltd
O4 - GS\Desktop [Public]: Choix de navigateur .lnk . (.Microsoft Corporation - Choix de navigateur .)  -- C:\Windows\System32\browserchoice.exe 
O4 - GS\Desktop [Public]: FL Studio 11.lnk . (.Image-Line - FL Studio launcher.)  -- C:\Users\Bill Gates\Desktop\FL Studio 11\FL.exe 
O4 - GS\Desktop [Public]: Game Booster 3.lnk . (.IObit - Game Booster.)  -- C:\Program Files (x86)\IObit\Game Booster 3\GameBooster.exe 
O4 - GS\Desktop [Public]: Garena Plus.lnk . (...)  -- C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
O4 - GS\Desktop [Public]: HP Deskjet 1050 J410 series Scan.lnk . (.Hewlett-Packard Co. - HPScan.)  -- C:\Program Files (x86)\HP\HP Deskjet 1050 J410 series\bin\HPScan.exe 
O4 - GS\Desktop [Public]: HP Deskjet 1050 J410 series.lnk . (...)  -- C:\Program Files (x86)\HP\HP Deskjet 1050 J410 series\Bin\HP Deskjet 1050 J410 series.exe (.not file.)
O4 - GS\Desktop [Public]: HP Photo Creations.lnk . (.Visan / RocketLife - PhotoProduct.exe.)  -- C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe 
O4 - GS\Desktop [Public]: HP Support Assistant.lnk . (.Hewlett-Packard Company - HP Support Assistant.)  -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  =>.Hewlett-Packard Co
O4 - GS\Desktop [Public]: HP+.lnk . (...)  -- C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe
O4 - GS\Desktop [Public]: Inkscape.lnk . (.inkscape.org - Inkscape.)  -- C:\Program Files (x86)\Inkscape\inkscape.exe 
O4 - GS\Desktop [Public]: Jouer à League of Legends.lnk . (...)  -- C:\Riot Games\League of Legends\lol.launcher.exe
O4 - GS\Desktop [Public]: Magic Desktop.lnk . (.EasyBits Software AS - EasyBits Security Shield.)  -- C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe  =>.EasyBits Software AS
O4 - GS\Desktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.)  -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe 
O4 - GS\Desktop [Public]: MBRCheck.lnk . (...)  -- C:\Program Files (x86)\ZHPDiag\mbrcheck.exe  =>.Nicolas Coolman
O4 - GS\Desktop [Public]: Microsoft Office 2010.lnk . (.Hewlett-Packard Company - OfficeDesktopIconThread.)  -- C:\SYSTEM.SAV\util\OfficeDesktopIconThread.exe 
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
O4 - GS\Desktop [Public]: OpenOffice 4.0.0.lnk . (.Apache Software Foundation - OpenOffice 4.0.0.)  -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe 
O4 - GS\Desktop [Public]: Photos Snapfish.lnk . (...)  -- C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe
O4 - GS\Desktop [Public]: RaRa Music.lnk . (...)  -- C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe
O4 - GS\Desktop [Public]: RealPlayer.lnk . (.RealNetworks, Inc. - RealPlayer.)  -- C:\program files (x86)\real\realplayer\RealPlay.exe 
O4 - GS\Desktop [Public]: Skype.lnk . (...)  -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O4 - GS\Desktop [Public]: Switch to Gaming Mode.lnk . (.IObit - Game Booster.)  -- C:\Program Files (x86)\IObit\Game Booster 3\GameBooster.exe 
O4 - GS\Desktop [Public]: WildTangent Games App - hp.lnk . (...)  -- C:\Program Files (x86)\HP Games\onplay\onplay.exe
O4 - GS\Desktop [Public]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.)  -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe  =>.Nicolas Coolman
O4 - GS\Desktop [Public]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.)  -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe  =>.Nicolas Coolman
O4 - GS\Desktop [Public]: Zune.lnk . (...)  -- C:\Program Files (x86)\Zune\Zune.exe (.not file.)
O4 - GS\Desktop [Public]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\Bill Gates\Documents\Vinoth Dossiers\µTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Program [Public]: Adobe Application Manager.lnk . (.Adobe Systems Incorporated - Adobe Application Manager.)  -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe 
O4 - GS\Program [Public]: Adobe Dreamweaver CS6.lnk . (.Adobe Systems, Inc. - Adobe Dreamweaver CS6.)  -- C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe 
O4 - GS\Program [Public]: Adobe ExtendScript Toolkit CS6.lnk . (.Adobe Systems Incorporated - ExtendScript Toolkit CS6 and Debugger (32 b.)  -- C:\Program Files (x86)\Adobe\Adobe Utilities - CS6\ExtendScript Toolkit CS6\ExtendScript Toolkit.exe  =>.Adobe Systems Incorporated
O4 - GS\Program [Public]: Adobe Extension Manager CS6.lnk . (.Adobe Systems Incorporated - Adobe Extension Manager CS6.)  -- C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Adobe Extension Manager CS6.exe 
O4 - GS\Program [Public]: Adobe Help.lnk . (...)  -- C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe
O4 - GS\Program [Public]: Adobe Widget Browser.lnk . (...)  -- C:\Program Files (x86)\Adobe\Adobe Widget Browser\Adobe Widget Browser.exe
O4 - GS\Program [Public]: Apple Software Update.lnk . (...)  -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe  =>.Apple Inc
O4 - GS\Program [Public]: DMC Devi May Cry.lnk . (...)  -- C:\Program Files (x86)\DMC Devi May Cry\Binaries\Win32\DMC-DevilMayCry.exe
O4 - GS\Program [Public]: FL Studio 11.lnk . (.Image-Line - FL Studio launcher.)  -- C:\Users\Bill Gates\Desktop\FL Studio 11\FL.exe 
O4 - GS\Program [Public]: Inkscape.lnk . (.inkscape.org - Inkscape.)  -- C:\Program Files (x86)\Inkscape\inkscape.exe 
O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.)  -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
O4 - GS\Program [Public]: Safari.lnk . (...)  -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Program [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets du Bureau Windows.)  -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Interface utilisateur de Mise à niveau expr.)  -- C:\Windows\system32\WindowsAnytimeUpgradeUI.exe 
O4 - GS\Program [Public]: Windows DVD Maker.lnk . (...)  -- C:\Program Files (x86)\DVD Maker\DVDMaker.exe (.not file.)
O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft  Windows Fax and Scan.)  -- C:\Windows\system32\WFS.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.)  -- C:\Program Files (x86)\Windows Live\Mail\wlmail.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Movie Maker.lnk . (.Microsoft Corporation - Windows Live Movie Maker.)  -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Photo Gallery.lnk . (.Microsoft Corporation - Windows Live Photo Gallery.)  -- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Media Player.lnk - Clé orpheline  =>.Microsoft Corporation
O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.)  -- C:\Windows\system32\xpsrchvw.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.)  -- C:\Windows\system32\calc.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.)  -- C:\Windows\system32\displayswitch.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.)  -- C:\Windows\system32\mblctr.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.)  -- C:\Windows\system32\mspaint.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.)  -- C:\Windows\system32\mstsc.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.)  -- C:\Windows\system32\SnippingTool.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.)  -- C:\Windows\system32\SoundRecorder.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.)  -- C:\Windows\system32\StikyNot.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.)  -- C:\Windows\System32\mobsync.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Mise en route.)  -- C:\Windows\system32\OobeFldr.dll  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.)  -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.)  -- C:\Windows\system32\charmap.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.)  -- C:\Windows\system32\dfrgui.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.)  -- C:\Windows\system32\cleanmgr.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.)  -- C:\Windows\system32\perfmon.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.)  -- C:\Windows\system32\msinfo32.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.)  -- C:\Windows\system32\rstrui.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...)  -- C:\Windows\system32\taskschd.msc
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.)  -- C:\Windows\system32\migwiz\postmig.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et paramè.)  -- C:\Windows\system32\migwiz\migwiz.exe  =>.Microsoft Corporation
O4 - GS\QuickLaunch [OA]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\QuickLaunch [OA]: µTorrent.lnk . (...)  -- C:\Users\Bill Gates\Desktop\µTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent
O4 - GS\TaskBar [OA]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe 
O4 - GS\TaskBar [OA]: HP Recommended.LNK . (...)  -- C:\Program Files (x86)\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe (.not file.)
O4 - GS\TaskBar [OA]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\TaskBar [OA]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
O4 - GS\TaskBar [OA]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe  =>.Microsoft Corporation
O4 - GS\TaskBar [OA]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O4 - GS\Program [OA]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\Accessories [OA]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.)  -- C:\Windows\system32\cmd.exe  =>.Microsoft Corporation
O4 - GS\Accessories [OA]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.)  -- C:\Windows\system32\notepad.exe  =>.Microsoft Corporation
O4 - GS\Accessories [OA]: Run.lnk - Clé orpheline
O4 - GS\Accessories [OA]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [OA]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\SystemTools [OA]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.)  -- C:\Windows\system32\eudcedit.exe  =>.Microsoft Corporation
O4 - GS\Desktop [OA]: Algobox.lnk . (...)  -- C:\Program Files (x86)\Algobox\algobox.exe
O4 - GS\Desktop [OA]: Altered Beast on the Gamefabrique.lnk . (...)  -- C:\Program Files (x86)\Altered Beast\Fusion.url 
O4 - GS\Desktop [OA]: Altered Beast.lnk . (...)  -- C:\Program Files (x86)\Altered Beast\Fusion.exe
O4 - GS\Desktop [OA]: Artisteer 3.lnk . (.ExtenSoft - Artisteer.)  -- C:\Program Files (x86)\Artisteer 3\bin\Artisteer.exe 
O4 - GS\Desktop [OA]: Assassin's Creed Brotherhood.lnk - Clé orpheline
O4 - GS\Desktop [OA]: CyberLink YouCam.lnk . (.CyberLink Corp. - YouCam.)  -- C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe 
O4 - GS\Desktop [OA]: Dreamweaver.lnk . (.Adobe Systems, Inc. - Adobe Dreamweaver CS5.)  -- C:\Users\Bill Gates\Downloads\Adobe Dreamweaver CS5 Portable\Dreamweaver.exe 
O4 - GS\Desktop [OA]: FL Studio 10.lnk . (.Image-Line - FL Studio engine launcher.)  -- C:\Users\Bill Gates\Documents\FL Studio by Vinoth Venedittan\FL.exe 
O4 - GS\Desktop [OA]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe 
O4 - GS\Desktop [OA]: pes2012.lnk . (.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2012.)  -- C:\Users\Bill Gates\Documents\PES 2012\program files\KONAMI\Pro Evolution Soccer 2012\pes2012.exe 
O4 - GS\Desktop [OA]: Pes2013.lnk . (.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2013.)  -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe 
O4 - GS\Desktop [OA]: Pro Evolution Soccer 6 DEMO.lnk . (.KONAMI - pes6.exe.)  -- C:\Program Files (x86)\KONAMI\PES6 DEMO\pes6.exe 
O4 - GS\Desktop [OA]: Remember Me.lnk . (.CAPCOM U.S.A, INC http://www.capcom.com/us - Remember Me.)  -- C:\Program Files (x86)\Remember Me\Binaries\Win32\RememberMe.exe 
O4 - GS\QuickLaunch [Bill Gates]: Artisteer 3.lnk . (.ExtenSoft - Artisteer.)  -- C:\Program Files (x86)\Artisteer 3\bin\Artisteer.exe 
O4 - GS\QuickLaunch [Bill Gates]: CodeBlocks.lnk . (...)  -- C:\Program Files (x86)\CodeBlocks\codeblocks.exe
O4 - GS\QuickLaunch [Bill Gates]: D-Jix Media LE.lnk . (.D-Jix - D-Jix Media LE.)  -- C:\Users\Bill Gates\AppData\Roaming\D-Jix\D-Jix Media LE\D-Jix Media LE.exe 
O4 - GS\QuickLaunch [Bill Gates]: Inkscape.lnk . (.inkscape.org - Inkscape.)  -- C:\Program Files (x86)\Inkscape\inkscape.exe 
O4 - GS\QuickLaunch [Bill Gates]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\QuickLaunch [Bill Gates]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\Bill Gates\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [Bill Gates]: FL Studio 11.lnk . (.Image-Line - FL Studio launcher.)  -- C:\Users\Bill Gates\Desktop\FL Studio 11\FL.exe 
O4 - GS\TaskBar [Bill Gates]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe 
O4 - GS\TaskBar [Bill Gates]: HP Recommended.LNK . (...)  -- C:\Program Files (x86)\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe (.not file.)
O4 - GS\TaskBar [Bill Gates]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
O4 - GS\TaskBar [Bill Gates]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe  =>.Microsoft Corporation
O4 - GS\TaskBar [Bill Gates]: Windows Live.LNK . (...)  -- C:\Program Files (x86)\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe (.not file.)
O4 - GS\TaskBar [Bill Gates]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O4 - GS\Program [Bill Gates]: DC Universe Online Live.lnk . (...)  -- C:\Users\Public\Sony Online Entertainment\Installed Games\DC Universe Online Live\LaunchPad.exe (.not file.)
O4 - GS\Program [Bill Gates]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\Program [Bill Gates]: Microsoft SkyDrive.lnk . (.Microsoft Corporation - Microsoft SkyDrive.)  -- C:\Users\Bill Gates\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe  =>.Microsoft Corporation
O4 - GS\Program [Bill Gates]: Norton Product Installer.lnk . (...)  -- C:\Users\OA\AppData\Local\Temp\SymInstallStub.exe (.not file.)
O4 - GS\Accessories [Bill Gates]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.)  -- C:\Windows\system32\cmd.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Bill Gates]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.)  -- C:\Windows\system32\notepad.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Bill Gates]: Run.lnk - Clé orpheline
O4 - GS\Accessories [Bill Gates]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Bill Gates]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\SystemTools [Bill Gates]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.)  -- C:\Windows\system32\eudcedit.exe  =>.Microsoft Corporation
O4 - GS\SendTo [Bill Gates]: Format Factory.lnk . (.Free Time - FormatFactory.)  -- C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe 
O4 - GS\SendTo [Bill Gates]: Skype.lnk . (.Skype Technologies S.A. - Skype.)  -- C:\Program Files (x86)\Skype\Phone\Skype.exe  =>.Skype Technologies S.A.
O4 - GS\Desktop [Bill Gates]: Algobox.lnk . (...)  -- C:\Program Files (x86)\Algobox\algobox.exe
O4 - GS\Desktop [Bill Gates]: Altered Beast.lnk . (...)  -- C:\Program Files (x86)\Altered Beast\Fusion.exe
O4 - GS\Desktop [Bill Gates]: Artisteer 3.lnk . (.ExtenSoft - Artisteer.)  -- C:\Program Files (x86)\Artisteer 3\bin\Artisteer.exe 
O4 - GS\Desktop [Bill Gates]: Assassin's Creed Brotherhood.lnk - Clé orpheline
O4 - GS\Desktop [Bill Gates]: CodeBlocks.lnk . (...)  -- C:\Program Files (x86)\CodeBlocks\codeblocks.exe
O4 - GS\Desktop [Bill Gates]: CyberLink YouCam.lnk . (.CyberLink Corp. - YouCam.)  -- C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe 
O4 - GS\Desktop [Bill Gates]: D-Jix Media LE.lnk . (.D-Jix - D-Jix Media LE.)  -- C:\Users\Bill Gates\AppData\Roaming\D-Jix\D-Jix Media LE\D-Jix Media LE.exe 
O4 - GS\Desktop [Bill Gates]: Dreamweaver.lnk . (.Adobe Systems, Inc. - Adobe Dreamweaver CS5.)  -- C:\Users\Bill Gates\Downloads\Adobe Dreamweaver CS5 Portable\Dreamweaver.exe 
O4 - GS\Desktop [Bill Gates]: Format Factory.lnk . (.Free Time - FormatFactory.)  -- C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe 
O4 - GS\Desktop [Bill Gates]: pes2012.lnk . (.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2012.)  -- C:\Users\Bill Gates\Documents\PES 2012\program files\KONAMI\Pro Evolution Soccer 2012\pes2012.exe 
O4 - GS\Desktop [Bill Gates]: Pes2013.lnk . (.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2013.)  -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe 
O4 - GS\Desktop [Bill Gates]: Pro Evolution Soccer 6 DEMO.lnk . (.KONAMI - pes6.exe.)  -- C:\Program Files (x86)\KONAMI\PES6 DEMO\pes6.exe 
O4 - GS\Desktop [Bill Gates]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.)  -- C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe 
O4 - GS\Desktop [Bill Gates]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.)  -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe  =>.Nicolas Coolman
O4 - GS\Desktop [Bill Gates]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.)  -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe  =>.Nicolas Coolman
O4 - GS\Desktop [Bill Gates]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\Bill Gates\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 143 Scanned in 00mn 13s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe 
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe 
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe 
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) 
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe 
O4 - HKLM\..\Run: [SetDefault] . (.Hewlett-Packard Development Company, L.P. - SetDefault.) -- C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe 
O4 - HKLM\..\Run: [Zune Launcher] . (.Microsoft Corporation - Zune Auto-Launcher.) -- C:\Program Files\Zune\ZuneLauncher.exe 
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe  =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Bill Gates\AppData\Local\Akamai\netsession_win.exe 
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Users\Bill Gates\Documents\DT\DTLite.exe  =>.DT Soft Ltd
O4 - HKCU\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe 
O4 - HKCU\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.exe 
O4 - HKCU\..\Run: [GrooveMonitor] . (.Microsoft Corporation - Microsoft SharePoint Workspace Monitor.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.exe 
O4 - HKCU\..\Run: [SkyDrive] . (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\Bill Gates\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe  =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe  =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [HPQuickWebProxy] . (.Hewlett-Packard Company - HP QuickWeb Utilities.) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe 
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe  =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [HPOSD] . (.Hewlett-Packard Development Company, L.P. - HP On Screen Display.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe 
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] . (.EasyBits Software AS - Pas de description.) -- C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe  =>.EasyBits Software AS
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe  =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe 
O4 - HKLM\..\Wow6432Node\Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe 
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe  =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe  =>.RealNetworks, Inc
O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2068963316-1541744968-104418768-1000\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Bill Gates\AppData\Local\Akamai\netsession_win.exe 
O4 - HKUS\S-1-5-21-2068963316-1541744968-104418768-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Users\Bill Gates\Documents\DT\DTLite.exe  =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-2068963316-1541744968-104418768-1000\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe 
O4 - HKUS\S-1-5-21-2068963316-1541744968-104418768-1000\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.exe 
O4 - HKUS\S-1-5-21-2068963316-1541744968-104418768-1000\..\Run: [GrooveMonitor] . (.Microsoft Corporation - Microsoft SharePoint Workspace Monitor.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.exe 
O4 - HKUS\S-1-5-21-2068963316-1541744968-104418768-1000\..\Run: [SkyDrive] . (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\Bill Gates\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe  =>.Microsoft Corporation
~ Application:  Scanned in 00mn 01s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll  =>.Microsoft Corporation
~ Winsock: 8 Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.clonewarsadventures.com
O15 - Trusted Zone: [HKCU\...\Domains] *.freerealms.com
O15 - Trusted Zone: [HKCU\...\Domains] *.soe.com
O15 - Trusted Zone: [HKCU\...\Domains] *.sony.com
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A0B10EA4-A50D-4549-843C-47D61398A473}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{A0B10EA4-A50D-4549-843C-47D61398A473}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{A0B10EA4-A50D-4549-843C-47D61398A473}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- 
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service:  (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Avira Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  =>.Google Inc
O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe  =>.Hewlett-Packard Co
O23 - Service: HP Auto (HPAuto) . (.Hewlett-Packard - HP Usage Improvement Tracking.) - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
O23 - Service: HP Client Services (HPClientSvc) . (.Hewlett-Packard Company - HP Client Services.) - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HPWMISVC (HPWMISVC) . (.Hewlett-Packard Development Company, L.P. - HP Quick Launch WMI Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Icon Tool..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: InstallClick Connector (InstallClick) . (...) - C:\Program Files (x86)\RIFT Technologies\InstallClick Connector\installclick.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service:  (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service:  (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\SysWOW64\PnkBstrA.exe
O23 - Service: RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: C:\Windows\System32\stlang64.dll (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
~ Services: 21 Scanned in 00mn 11s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Adobe Flash Player Updater.job   [1002]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job   [1072]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1076]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\HPCeeScheduleForBill Gates.job   [352]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\HPCeeScheduleForBILLGATES-HP$.job   [352]
[MD5.A283108E14F3970432C21AF4C0CB1BCE] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe   [257416]
[MD5.320681DF28D82CDCA7E3EED0846625DB] [APT] [AdobeAAMUpdater-1.0-BillGates-HP-Bill Gates] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe   [444904]
[MD5.3AADCF0B983E96111F1610613973411C] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS\AutoKMS.exe   [3152384]  =>Trojan.Keygen
[MD5.00000000000000000000000000000000] [APT] [avast! Emergency Update] (...) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe (.not file.)   [0]
[MD5.362EF26C8F6811F14F31CF70AF08F9D1] [APT] [Game_Booster_AutoUpdate] (...) -- C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe   [801304]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [136176]
[MD5.8AA3B22B716A04AC8DD13318A40D708D] [APT] [HPCeeScheduleForBill Gates] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe   [95800]
[MD5.8AA3B22B716A04AC8DD13318A40D708D] [APT] [HPCeeScheduleForBILLGATES-HP$] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe   [95800]
[MD5.87E7AABE4F6A0DFD6105224E4D88C4D7] [APT] [HPCustParticipation HP Deskjet 1050 J410 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe   [3794792]
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] [APT] [MirageAgent] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe   [136488]
[MD5.DDBE89226D55D694F1B7B3DD0C324640] [APT] [RealDownloaderDownloaderScheduledTaskS-1-5-21-2068963316-1541744968-104418768-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe   [233048]
[MD5.DDBE89226D55D694F1B7B3DD0C324640] [APT] [RealDownloaderDownloaderScheduledTaskS-1-5-21-2068963316-1541744968-104418768-1003] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe   [233048]
[MD5.675DE4EC2D88A6D68C39C662A3204596] [APT] [RealDownloaderRealUpgradeLogonTaskS-1-5-21-2068963316-1541744968-104418768-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe   [187984]
[MD5.675DE4EC2D88A6D68C39C662A3204596] [APT] [RealDownloaderRealUpgradeLogonTaskS-1-5-21-2068963316-1541744968-104418768-1003] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe   [187984]
[MD5.675DE4EC2D88A6D68C39C662A3204596] [APT] [RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2068963316-1541744968-104418768-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe   [187984]
[MD5.675DE4EC2D88A6D68C39C662A3204596] [APT] [RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2068963316-1541744968-104418768-1003] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe   [187984]
[MD5.2A356FA2650E30E139F0476979548BF6] [APT] [RealPlayerRealUpgradeLogonTaskS-1-5-21-2068963316-1541744968-104418768-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe   [187984]
[MD5.2A356FA2650E30E139F0476979548BF6] [APT] [RealPlayerRealUpgradeLogonTaskS-1-5-21-2068963316-1541744968-104418768-1003] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe   [187984]
[MD5.2A356FA2650E30E139F0476979548BF6] [APT] [RealPlayerRealUpgradeScheduledTaskS-1-5-21-2068963316-1541744968-104418768-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe   [187984]
[MD5.2A356FA2650E30E139F0476979548BF6] [APT] [RealPlayerRealUpgradeScheduledTaskS-1-5-21-2068963316-1541744968-104418768-1003] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe   [187984]
[MD5.2A356FA2650E30E139F0476979548BF6] [APT] [RealUpgradeLogonTaskS-1-5-21-2068963316-1541744968-104418768-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe   [187984]
[MD5.2A356FA2650E30E139F0476979548BF6] [APT] [RealUpgradeLogonTaskS-1-5-21-2068963316-1541744968-104418768-1003] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe   [187984]
[MD5.2A356FA2650E30E139F0476979548BF6] [APT] [RealUpgradeScheduledTaskS-1-5-21-2068963316-1541744968-104418768-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe   [187984]
[MD5.2A356FA2650E30E139F0476979548BF6] [APT] [RealUpgradeScheduledTaskS-1-5-21-2068963316-1541744968-104418768-1003] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe   [187984]
[MD5.00000000000000000000000000000000] [APT] [{36DBC82D-8FF0-4D83-86AD-92E6CB4B0D86}] (...) -- C:\Users\Bill Gates\DownlBill Gatesds\UDKInstall-2012-05-BETA.exe (.not file.)   [0]
[MD5.DF1BBA1168C0AD1D080A1F1B99576A76] [APT] [{6471A780-8D6A-4BB1-95BB-CDD92F782F93}] (.Google Inc..) -- c:\users\Bill Gates\appdata\local\google\chrome\application\chrome.exe   [829392]
[MD5.C155A13687144076286989EF078112C2] [APT] [{8BFE4BC0-7E5B-4A4A-9E33-1D10F0E46BBC}] (.Nicolas Coolman.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe   [1917440]
[MD5.00000000000000000000000000000000] [APT] [{B8A840EC-EEC0-4356-892C-DEA8D7988F1E}] (...) -- C:\Users\Bill Gates\Downloads\pro_evolution_soccer_6_demo.exe (.not file.)   [0]
[MD5.C155A13687144076286989EF078112C2] [APT] [{BB3B9D1E-01D8-49A9-AA31-C05B87A82849}] (.Nicolas Coolman.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe   [1917440]
[MD5.6F3C9B162D2F5DEBB55A7CFF5162E39B] [APT] [{D2E77054-4C40-4A65-8C7C-3AD76F36D58B}] (.Nicolas Coolman.) -- C:\Users\Bill Gates\Downloads\ZHPDiag2 (1).exe   [6836409]
[MD5.0AE2C218A9AB6C16D79160CCE55B35FC] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe   [525728]
[MD5.0AE2C218A9AB6C16D79160CCE55B35FC] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe   [525728]
[MD5.0AE2C218A9AB6C16D79160CCE55B35FC] [APT] [PC Health Analysis Install] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe   [525728]
[MD5.28E1A34ED1B810BC2F4734F2DBFF2A76] [APT] [Update Check] (.Hewlett-Packard Company.) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe   [615736]
[MD5.A6578474FB7265891B76A4A3B0BCC4E9] [APT] [WarrantyChecker] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe   [1553112]
[MD5.A6578474FB7265891B76A4A3B0BCC4E9] [APT] [WarrantyChecker_DeviceScan] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe   [1553112]
~ Scheduled Task: 46 Scanned in 00mn 21s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Java (Sun) [64Bits] - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll  =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe  =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe  =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 01s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (avipbb) . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver:  (avkmgr) . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - C:\Windows\System32\DRIVERS\avkmgr.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver:  (dtsoftbus01) . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys
O41 - Driver:  (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver:  (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 69 Scanned in 00mn 01s



---\\ Logiciels installés (O42)
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {70F55D70-7E5F-6291-4924-2F7640F19BFE}
O42 - Logiciel: ASIO4ALL - (.Michael Tippach.) [HKLM][64Bits] -- ASIO4ALL
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A0087DDE-69D0-11E2-AD57-43CA6188709B}
O42 - Logiciel: Adobe Dreamweaver CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Help Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Adobe Help Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AF37176A-78CA-545B-34EF-8B6A21514DD1}
O42 - Logiciel: Adobe Reader X (10.1.8) MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-AA0000000001}
O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player
O42 - Logiciel: Adobe Widget Browser - (.Adobe Systems Incorporated..) [HKLM][64Bits] -- com.adobe.WidgetBrowser
O42 - Logiciel: Adobe Widget Browser - (.Adobe Systems Incorporated..) [HKLM][64Bits] -- {EFBE6DD5-B224-96E5-72B9-68D328CB12A6}
O42 - Logiciel: Akamai NetSession Interface - (.Akamai Technologies, Inc.) [HKCU][64Bits] -- Akamai
O42 - Logiciel: Akamai NetSession Interface Service - (...) [HKLM][64Bits] -- Akamai
O42 - Logiciel: Algobox - (...) [HKLM][64Bits] -- Algobox
O42 - Logiciel: Altered Beast - (.GameFabrique.) [HKLM][64Bits] -- Altered Beast_is1
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}  =>.Apple Inc
O42 - Logiciel: Artisteer 3 - (.Extensoft.) [HKLM][64Bits] -- Artisteer 3
O42 - Logiciel: Assassin's Creed Brotherhood - (.Ubisoft.) [HKLM][64Bits] -- {BE4BA698-8533-4F77-9559-C7F3F78C0B05}
O42 - Logiciel: Avira Free Antivirus v13.0.0.4042 - (.Avira.) [HKLM][64Bits] -- Avira AntiVir Desktop
O42 - Logiciel: Bandisoft MPEG-1 Decoder - (...) [HKLM][64Bits] -- BandiMPEG1
O42 - Logiciel: Bejeweled 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-caa53955-f820-44bd-a039-b8d3c1b40788
O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM][64Bits] -- {9FA13759-5C2B-4177-9DDC-0038F8B5BEFD} =>Toolbar.Bing
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>Piriform Ltd
O42 - Logiciel: Cake Mania - (.WildTangent.) [HKLM][64Bits] -- WTA-7453aafd-b093-4641-9724-bee2199c2320
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {08523528-BA2F-43BB-87E3-252C081872B9}
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-a31ebb72-b28a-43ce-8c45-ae91494a7dd8
O42 - Logiciel: CodeBlocks - (.The Code::Blocks Team.) [HKCU][64Bits] -- CodeBlocks
O42 - Logiciel: ConvertHelper 2.2 - (.DownloadHelper.) [HKLM][64Bits] -- {27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1
O42 - Logiciel: Cradle of Rome 2 - (.WildTangent.) [HKLM][64Bits] -- WTA-c4021960-8221-4a3e-ad32-9d0db876476b
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: D-Jix Media LE - (.D-Jix.) [HKLM][64Bits] -- {D37EE37A-EE31-420C-8D2C-CE83F9E12632}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite  =>.DT Soft Ltd
O42 - Logiciel: DMC Devi May Cry (c) Capcom version 1 - (...) [HKLM][64Bits] -- DMC Devi May Cry (c) Capcom_is1
O42 - Logiciel: ESU for Microsoft Windows 7 SP1 - (.Hewlett-Packard.) [HKLM][64Bits] -- {E96CAA2A-0244-4A2A-8403-0C3C9534778B}
O42 - Logiciel: Evernote v. 4.2.3 - (.Evernote Corp..) [HKLM][64Bits] -- {F761359C-9CED-45AE-9A51-9D6605CD55C4}
O42 - Logiciel: FATE - (.WildTangent.) [HKLM][64Bits] -- WTA-1eeefd12-7a3e-4648-97b7-79458616a3c2
O42 - Logiciel: FL Studio 11 - (.Image-Line.) [HKLM][64Bits] -- FL Studio 11
O42 - Logiciel: Farm Frenzy - (.WildTangent.) [HKLM][64Bits] -- WTA-380f9d0a-2c3a-49b1-929e-d36072160175
O42 - Logiciel: Farmscapes - (.WildTangent.) [HKLM][64Bits] -- WTA-027d5a6b-8877-412c-9aa9-2d40905aaaa0
O42 - Logiciel: FileZilla Client 3.7.0.2 - (.FileZilla Project.) [HKLM][64Bits] -- FileZilla Client
O42 - Logiciel: Final Drive Fury - (.WildTangent.) [HKLM][64Bits] -- WTA-b7dd6065-84a3-4068-9fa8-8d60239dbfb6
O42 - Logiciel: Fishdom (TM) 2 - (.WildTangent.) [HKLM][64Bits] -- WTA-a117b8c0-eb60-43ed-97be-e987ceeb3503
O42 - Logiciel: FlowStone FL 3.0 - (...) [HKLM][64Bits] -- FlowStone
O42 - Logiciel: FormatFactory 2.95 - (.Free Time.) [HKLM][64Bits] -- FormatFactory
O42 - Logiciel: Game Booster 3 - (.IObit.) [HKLM][64Bits] -- Game Booster_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Auto - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}
O42 - Logiciel: HP Client Services - (.Hewlett-Packard.) [HKLM][64Bits] -- {2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: HP Deskjet 1050 J410 series - Enquête sur l'amélioration du produit - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {9D74CBB7-C988-4FBD-A34B-A369BC366AD4}
O42 - Logiciel: HP Deskjet 1050 J410 series Aide - (.Hewlett Packard.) [HKLM][64Bits] -- {5C90D8CF-F12A-41C6-9007-3B651A1F0D78}
O42 - Logiciel: HP Documentation - (.Hewlett-Packard.) [HKLM][64Bits] -- {BC6CB499-9F29-4B41-8B8B-FA7248525256}
O42 - Logiciel: HP Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent hp Master Uninstall
O42 - Logiciel: HP Launch Box - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {BF1E75D0-E7AF-4BEA-9FBC-567F0C54BDF9}
O42 - Logiciel: HP On Screen Display - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {ED1BD69A-07E3-418C-91F1-D856582581BF}
O42 - Logiciel: HP Photo Creations - (.HP Photo Creations Powered by RocketLife.) [HKLM][64Bits] -- HP Photo Creations
O42 - Logiciel: HP Power Manager - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {E44578C7-4667-4124-8BC2-1161BCA54978}
O42 - Logiciel: HP Quick Launch - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {53B17A98-5BF0-40BC-AAFF-850A357975AC}
O42 - Logiciel: HP QuickWeb - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}
O42 - Logiciel: HP Recovery Manager - (.Hewlett-Packard.) [HKLM][64Bits] -- {DBCD5E64-7379-4648-9444-8A6558DCB614}
O42 - Logiciel: HP Security Assistant - (.Hewlett-Packard.) [HKLM][64Bits] -- {562608FE-2051-4488-BF22-8CE4C03046AC}
O42 - Logiciel: HP Setup - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}
O42 - Logiciel: HP Setup Manager - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {AE856388-AFAD-4753-81DF-D96B19D0A17C}
O42 - Logiciel: HP Software Framework - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {98D5A5FA-1AA3-4CBE-B26C-A737E20F8A6D}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {EE202411-2C26-49E8-9784-1BC1DBF7DE96}  =>.Hewlett-Packard Co
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}
O42 - Logiciel: Handset WinDriver 1.02.03.00 - (.Huawei technologies Co., Ltd..) [HKLM][64Bits] -- Handset WinDriver
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.2.1.1 - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM][64Bits] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: IL Download Manager - (.Image-Line.) [HKLM][64Bits] -- IL Download Manager
O42 - Logiciel: IL Shared Libraries - (.Image-Line.) [HKLM][64Bits] -- IL Shared Libraries
O42 - Logiciel: Inkscape 0.48.2 - (...) [HKLM][64Bits] -- Inkscape
O42 - Logiciel: Insaniquarium Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-2b862691-569e-40b5-bdcc-c64da0d073e0
O42 - Logiciel: InstallClick Connector - (.RIFT Technologies.) [HKLM][64Bits] -- {2F57C004-1FED-4C30-81FC-EE305D4D0A2E}
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}
O42 - Logiciel: Intel(R) Display Audio Driver - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Java 7 Update 25 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217025FF}
O42 - Logiciel: Java(TM) 6 Update 31 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86416031FF}
O42 - Logiciel: Jewel Match 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-4e13c407-5ca1-4f93-91ae-76a56ed34983
O42 - Logiciel: Jewel Quest II - (.WildTangent.) [HKLM][64Bits] -- WTA-b7ce2476-59c8-43c8-af61-b1a974b69658
O42 - Logiciel: Jewel Quest Solitaire 2 - (.WildTangent.) [HKLM][64Bits] -- WTA-2d7054d0-9bd2-434d-9798-ec6177f5c6b4
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: League of Legends - (.Riot Games.) [HKLM][64Bits] -- {92606477-9366-4D3B-8AE3-6BE4B29727AB}
O42 - Logiciel: LinuxLive USB Creator - (.Thibaut Lauziere.) [HKLM][64Bits] -- LinuxLive USB Creator
O42 - Logiciel: Logiciel de base du périphérique HP Deskjet 1050 J410 series - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {CB2AE3D4-298D-4A1E-9998-EDE47AB74E00}  =>.Hewlett-Packard Co
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: Magic Desktop - (.EasyBits Software AS.) [HKLM][64Bits] -- EasyBits Magic Desktop  =>.EasyBits Software AS
O42 - Logiciel: Mahjongg Artifacts - (.WildTangent.) [HKLM][64Bits] -- WTA-aace2f21-b6b7-446f-8e71-5b7377073db0
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {F2508213-9989-4E85-A078-72BE483917EF}
O42 - Logiciel: Microsoft Games for Windows Marketplace - (.Microsoft Corporation.) [HKLM][64Bits] -- {4CB0307C-565E-4441-86BE-0DF2E4FB828C}
O42 - Logiciel: Microsoft SharePoint Designer 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-0017-040C-0000-0000000FF1CE}_Office14.OMUI.fr-fr_{62BC8863-A303-4CB9-B1FB-446642BE1938}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft SkyDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- SkyDriveSetup.exe  =>.Microsoft Corporation
O42 - Logiciel: Mozilla Firefox 22.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 22.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: My Game Long Name - (.Epic Games, Inc..) [HKLM][64Bits] -- UDK-80c96c05-ecc2-46ee-9be7-17709e2cf0f1
O42 - Logiciel: Mystery of Mortlake Mansion - (.WildTangent.) [HKLM][64Bits] -- WTA-57d07022-5817-49f0-843c-3e0068fc5cc5
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {5DB65884-C963-4454-AABA-4CA3089281FA}
O42 - Logiciel: Nexon Game Manager - (...) [HKLM][64Bits] -- {289AC7E0-0AEE-4a7b-913C-709D9803D23E}
O42 - Logiciel: Notepad++ - (...) [HKLM][64Bits] -- Notepad++
O42 - Logiciel: OGPlanet Game Launcher - (.OGPlanet, Inc..) [HKLM][64Bits] -- OGPlanet Game Launcher
O42 - Logiciel: OpenOffice 4.0.0 - (.Apache Software Foundation.) [HKLM][64Bits] -- {4F8C9861-DDCF-4EE8-978C-35B691C406B3}
O42 - Logiciel: PCSX2 - Playstation 2 Emulator - (...) [HKLM][64Bits] -- pcsx2-r4600
O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM][64Bits] -- {980A182F-E0A2-4A40-94C1-AE0C1235902E}
O42 - Logiciel: Plants vs. Zombies - Game of the Year - (.WildTangent.) [HKLM][64Bits] -- WTA-1ab76407-555e-4aa6-a343-296faa7adacb
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WTA-1628d585-3bee-4f8e-91df-8117865ecc75
O42 - Logiciel: Pro Evolution Soccer 2012 - (.KONAMI.) [HKLM][64Bits] -- {E737A098-F161-4B6F-AF22-86AAE34F6FBD}
O42 - Logiciel: Pro Evolution Soccer 2013 - (.KONAMI.) [HKLM][64Bits] -- {C2523AE6-F335-4D0B-BC15-1C07E4ACE629}
O42 - Logiciel: Pro Evolution Soccer 6 DEMO - (.KONAMI.) [HKLM][64Bits] -- InstallShield_{AC63F331-8D46-46BC-A0DA-9B3DF927FD3A}
O42 - Logiciel: PunkBuster Services - (.Even Balance, Inc..) [HKLM][64Bits] -- PunkBusterSvc
O42 - Logiciel: Ralink RT5390 802.11b/g/n WiFi Adapter - (.Ralink.) [HKLM][64Bits] -- {8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}
O42 - Logiciel: Ranch Rush 2 - Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-d2738b06-d6ac-46d1-8b98-53dbfce3ed2d
O42 - Logiciel: RealDownloader - (.RealNetworks, Inc..) [HKLM][64Bits] -- {C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM][64Bits] -- RealPlayer 16.0
O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM][64Bits] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek PCIE Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {C1594429-8296-4652-BF54-9DBE4932A44C}
O42 - Logiciel: Remember Me - (.Capcom.) [HKLM][64Bits] -- Remember Me_is1
O42 - Logiciel: Revo Uninstaller 1.94 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM][64Bits] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D}
O42 - Logiciel: Skype™ 6.3 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: Synaptics TouchPad Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: Torchlight - (.WildTangent.) [HKLM][64Bits] -- WTA-648a319a-25fe-4ce4-a290-d74cfc92afaf
O42 - Logiciel: Ubisoft Game Launcher - (.UBISOFT.) [HKLM][64Bits] -- {888F1505-C2B3-4FDE-835D-36353EBD4754}
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
O42 - Logiciel: VLC media player 2.0.1 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player  =>.VideoLAN
O42 - Logiciel: Virtual Families - (.WildTangent.) [HKLM][64Bits] -- WTA-84eae040-efce-4ade-b138-c8a552f1b42f
O42 - Logiciel: Virtual Villagers 4 - The Tree of Life - (.WildTangent.) [HKLM][64Bits] -- WTA-3dc14964-f06d-4825-b139-0ba7c45724f3
O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM][64Bits] -- WTA-99610366-ce15-4f13-b7b2-201bb370ab4d
O42 - Logiciel: WildTangent Games App (HP Games) - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp
O42 - Logiciel: WinRAR 4.11 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Windows Mobile Device Updater Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {F2CB8C3C-9C9E-4FAB-9067-655601C5F748}
O42 - Logiciel: Zone4 - (...) [HKCU][64Bits] -- Zone4
O42 - Logiciel: Zuma's Revenge - (.WildTangent.) [HKLM][64Bits] -- WTA-2128a76c-f765-4245-aa90-cf9223ebc24f
O42 - Logiciel: Zune - (.Microsoft Corporation.) [HKLM][64Bits] -- Zune
O42 - Logiciel: Zune - (.Microsoft Corporation.) [HKLM][64Bits] -- {9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}
O42 - Logiciel: Zune Language Pack (CHS) - (.Microsoft Corporation.) [HKLM][64Bits] -- {2A9DFFD8-4E09-4B91-B957-454805B0D7C4}
O42 - Logiciel: Zune Language Pack (CHT) - (.Microsoft Corporation.) [HKLM][64Bits] -- {A5A53EA8-A11E-49F0-BDF5-AE536426A31A}
O42 - Logiciel: Zune Language Pack (CSY) - (.Microsoft Corporation.) [HKLM][64Bits] -- {A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}
O42 - Logiciel: Zune Language Pack (DAN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8B112338-2B08-4851-AF84-E7CAD74CEB32}
O42 - Logiciel: Zune Language Pack (DEU) - (.Microsoft Corporation.) [HKLM][64Bits] -- {BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}
O42 - Logiciel: Zune Language Pack (ELL) - (.Microsoft Corporation.) [HKLM][64Bits] -- {3589A659-F732-4E65-A89A-5438C332E59D}
O42 - Logiciel: Zune Language Pack (ESP) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6B33492E-FBBC-4EC3-8738-09E16E395A10}
O42 - Logiciel: Zune Language Pack (FIN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {B4870774-5F3A-46D9-9DFE-06FB5599E26B}
O42 - Logiciel: Zune Language Pack (FRA) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C68D33B1-0204-4EBE-BC45-A6E432B1D13A}
O42 - Logiciel: Zune Language Pack (HUN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C6BE19C6-B102-4038-B2A6-1C313872DBB4}
O42 - Logiciel: Zune Language Pack (IND) - (.Microsoft Corporation.) [HKLM][64Bits] -- {92ECE3F9-591E-4C12-8A62-B9FCE38BF646}
O42 - Logiciel: Zune Language Pack (ITA) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C5D37FFA-7483-410B-982B-91E93FD3B7DA}
O42 - Logiciel: Zune Language Pack (JPN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {D8A781C9-3892-4E2E-9320-480CF896CFBB}
O42 - Logiciel: Zune Language Pack (KOR) - (.Microsoft Corporation.) [HKLM][64Bits] -- {51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}
O42 - Logiciel: Zune Language Pack (MSL) - (.Microsoft Corporation.) [HKLM][64Bits] -- {76BA306B-2AA0-47C0-AB6B-F313AB56C136}
O42 - Logiciel: Zune Language Pack (NLD) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6740BCB0-5863-47F4-80F4-44F394DE4FE2}
O42 - Logiciel: Zune Language Pack (NOR) - (.Microsoft Corporation.) [HKLM][64Bits] -- {5DEFD397-4012-46C3-B6DA-E8013E660772}
O42 - Logiciel: Zune Language Pack (PLK) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8960A0A1-BB5A-479E-92CF-65AB9D684B43}
O42 - Logiciel: Zune Language Pack (PTB) - (.Microsoft Corporation.) [HKLM][64Bits] -- {07EEE598-5F21-4B57-B40B-46592625B3D9}
O42 - Logiciel: Zune Language Pack (PTG) - (.Microsoft Corporation.) [HKLM][64Bits] -- {5C93E291-A1CC-4E51-85C6-E194209FCDB4}
O42 - Logiciel: Zune Language Pack (RUS) - (.Microsoft Corporation.) [HKLM][64Bits] -- {57C51D56-B287-4C11-9192-EC3C46EF76A4}
O42 - Logiciel: Zune Language Pack (SVE) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6EB931CD-A7DA-4A44-B74A-89C8EB50086F}
O42 - Logiciel: ffdshow [rev 3154] [2009-12-09] - (...) [HKLM][64Bits] -- ffdshow_is1
O42 - Logiciel: opensource - (.Your Company Name.) [HKLM][64Bits] -- {3677D4D8-E5E0-49FC-B86E-06541CF00BBE}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>P2P.BitTorrent
~ Logic: 298 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ASProtect]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\AhnLab]
[HKCU\Software\AppDataLow\RealNetworks]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\LyricsPal] =>Adware.AddLyrics
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\RealNetworks]
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Avast Software]
[HKCU\Software\Avira]
[HKCU\Software\BandiMPEG1]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\Bugsplat]
[HKCU\Software\Burda]
[HKCU\Software\Caphyon]
[HKCU\Software\ClassesB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\D-Jix]
[HKCU\Software\DT Soft]
[HKCU\Software\Epic Games]
[HKCU\Software\Extensoft]
[HKCU\Software\FreeTime]
[HKCU\Software\GNU]
[HKCU\Software\Google]
[HKCU\Software\Helmsman]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Icaros]
[HKCU\Software\Image-Line]
[HKCU\Software\IncrediMail]
[HKCU\Software\Intel\Indeo\4.1]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Kamuse Inc.]
[HKCU\Software\KingsIsle]
[HKCU\Software\LinuxLive]
[HKCU\Software\Logitech]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\OGPlanet]
[HKCU\Software\OldSchoolInject]
[HKCU\Software\OpenOffice]
[HKCU\Software\Outsim]
[HKCU\Software\PCSX2]
[HKCU\Software\PS2Eplugin]
[HKCU\Software\Pando Networks]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Razer]
[HKCU\Software\RealNetworks]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Skype]
[HKCU\Software\SoftVoice]
[HKCU\Software\Symantec]
[HKCU\Software\Synaptics]
[HKCU\Software\Sysinternals]
[HKCU\Software\TeamViewer]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\Ubisoft]
[HKCU\Software\Unity]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\Valve]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Xenocode]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\g3n-h@ckm@n]
[HKCU\Software\neowiz]
[HKLM\Software\AMD]
[HKLM\Software\ASIO]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\BandiMPEG1]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CBSTEST]
[HKLM\Software\CXT]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cyberlink]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\FileZilla 3]
[HKLM\Software\Google]
[HKLM\Software\HPQ]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Huawei technologies]
[HKLM\Software\IDT]
[HKLM\Software\IM Providers]
[HKLM\Software\Image-Line]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Native Instruments]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\Wow6432Node\AGEIA Technologies]
[HKLM\Software\Wow6432Node\ASIO]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\AviSynth]
[HKLM\Software\Wow6432Node\Avira]
[HKLM\Software\Wow6432Node\Bunndle]
[HKLM\Software\Wow6432Node\CDDB]
[HKLM\Software\Wow6432Node\Caphyon]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DSPRobotics]
[HKLM\Software\Wow6432Node\DT Soft]
[HKLM\Software\Wow6432Node\DownloadHelper]
[HKLM\Software\Wow6432Node\EasyBits]
[HKLM\Software\Wow6432Node\Even Balance]
[HKLM\Software\Wow6432Node\Evernote]
[HKLM\Software\Wow6432Node\FileZilla 3]
[HKLM\Software\Wow6432Node\GNU]
[HKLM\Software\Wow6432Node\Garena]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\IDT]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\Image-Line]
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Insyde]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\InterVideo]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\KONAMIPES6DEMO]
[HKLM\Software\Wow6432Node\KONAMIPES6DEMO_S]
[HKLM\Software\Wow6432Node\KONAMI]
[HKLM\Software\Wow6432Node\Kaydara]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\Mircrosoft]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Native Instruments]
[HKLM\Software\Wow6432Node\NexonEU]
[HKLM\Software\Wow6432Node\Norton]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OpenOffice]
[HKLM\Software\Wow6432Node\Outsim]
[HKLM\Software\Wow6432Node\PCTools]
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Propellerhead Software]
[HKLM\Software\Wow6432Node\Ralink]
[HKLM\Software\Wow6432Node\RealNetworks]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Riot Games]
[HKLM\Software\Wow6432Node\RocketLife]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\SoftVoice]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\TeamViewer]
[HKLM\Software\Wow6432Node\Ubisoft]
[HKLM\Software\Wow6432Node\VST]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Visan]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\Win32 Services]
[HKLM\Software\Wow6432Node\WinRAR]
[HKLM\Software\Wow6432Node\WindyZone]
[HKLM\Software\Wow6432Node\X-AVCSD]
[HKLM\Software\Wow6432Node\Xing Technology Corp.]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Key Software: 340 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/06/2013 - 05:45:13 - [847,650] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 07/04/2012 - 16:56:45 - [117,663] ----D C:\Program Files (x86)\AGEIA Technologies
O43 - CFD: 08/10/2013 - 20:30:07 - [88,466] ----D C:\Program Files (x86)\Algobox
O43 - CFD: 01/07/2013 - 15:31:29 - [3,950] ----D C:\Program Files (x86)\Altered Beast
O43 - CFD: 12/12/2011 - 02:31:29 - [2,323] ----D C:\Program Files (x86)\AMD APP
O43 - CFD: 30/12/2012 - 18:48:04 - [2,316] ----D C:\Program Files (x86)\Apple Software Update  =>.Apple Inc
O43 - CFD: 24/08/2012 - 18:41:46 - [131,208] ----D C:\Program Files (x86)\Artisteer 3
O43 - CFD: 24/07/2013 - 01:17:28 - [0,530] ----D C:\Program Files (x86)\ASIO4ALL v2
O43 - CFD: 12/12/2011 - 02:31:20 - [66,593] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 27/12/2012 - 00:54:43 - [240,196] ----D C:\Program Files (x86)\Avira
O43 - CFD: 14/07/2012 - 13:53:16 - [8,682] ----D C:\Program Files (x86)\BandiMPEG1
O43 - CFD: 18/07/2013 - 10:46:06 - [0] ----D C:\Program Files (x86)\Black_Box
O43 - CFD: 27/09/2013 - 21:12:38 - [236,024] ----D C:\Program Files (x86)\CodeBlocks
O43 - CFD: 12/09/2013 - 22:18:25 - [597,278] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 03/05/2012 - 15:18:40 - [29,417] ----D C:\Program Files (x86)\ConvertHelper
O43 - CFD: 12/12/2011 - 02:39:15 - [209,827] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 29/01/2013 - 20:16:32 - [342,217] ----D C:\Program Files (x86)\DMC Devi May Cry
O43 - CFD: 24/07/2013 - 01:14:53 - [1,680] ----D C:\Program Files (x86)\DSPRobotics
O43 - CFD: 30/03/2012 - 02:21:19 - [109,278] ----D C:\Program Files (x86)\EasyBits For Kids
O43 - CFD: 04/11/2011 - 15:27:18 - [278,025] ----D C:\Program Files (x86)\Evernote
O43 - CFD: 25/06/2012 - 00:20:39 - [16,634] ----D C:\Program Files (x86)\ffdshow
O43 - CFD: 08/06/2013 - 05:56:10 - [17,310] ----D C:\Program Files (x86)\FileZilla FTP Client
O43 - CFD: 03/05/2012 - 15:12:46 - [111,530] ----D C:\Program Files (x86)\FreeTime
O43 - CFD: 29/12/2012 - 15:25:05 - [257,993] ----D C:\Program Files (x86)\Garena Plus
O43 - CFD: 23/04/2013 - 17:58:40 - [49,386] ----D C:\Program Files (x86)\Google
O43 - CFD: 29/04/2013 - 08:07:40 - [10,069] ----D C:\Program Files (x86)\Handset WinDriver
O43 - CFD: 03/06/2013 - 10:44:21 - [486,940] ----D C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 06/06/2012 - 11:43:19 - [5,889] ----D C:\Program Files (x86)\HP
O43 - CFD: 04/11/2011 - 15:34:31 - [1151,653] ----D C:\Program Files (x86)\HP Games
O43 - CFD: 06/06/2012 - 11:43:22 - [0,352] ----D C:\Program Files (x86)\HP Photo Creations
O43 - CFD: 24/07/2013 - 01:15:23 - [4,712] ----D C:\Program Files (x86)\Image-Line
O43 - CFD: 26/04/2012 - 12:30:34 - [160,220] ----D C:\Program Files (x86)\Inkscape
O43 - CFD: 31/07/2013 - 10:15:24 - [59,851] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 12/12/2011 - 02:32:20 - [36,777] ----D C:\Program Files (x86)\Intel
O43 - CFD: 16/10/2013 - 19:56:49 - [4,886] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 25/06/2012 - 00:20:37 - [19,695] ----D C:\Program Files (x86)\IObit
O43 - CFD: 19/07/2013 - 16:24:37 - [122,487] ----D C:\Program Files (x86)\Java
O43 - CFD: 19/07/2013 - 04:18:17 - [541,934] ----D C:\Program Files (x86)\KONAMI
O43 - CFD: 05/10/2013 - 15:06:16 - [8,926] ----D C:\Program Files (x86)\LinuxLive USB Creator
O43 - CFD: 23/04/2013 - 17:32:59 - [18,056] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 12/12/2011 - 02:43:34 - [20,280] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 11/09/2013 - 23:28:39 - [38,653] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 31/05/2012 - 11:13:12 - [8,929] ----D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
O43 - CFD: 12/09/2013 - 22:17:36 - [1235,340] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 11/10/2013 - 20:15:35 - [40,851] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 10/05/2013 - 23:07:24 - [5,713] ----D C:\Program Files (x86)\Microsoft SkyDrive  =>.Microsoft Corporation
O43 - CFD: 12/09/2013 - 22:17:32 - [3,467] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 12/09/2013 - 22:17:32 - [0,757] ----D C:\Program Files (x86)\Microsoft Sync Framework
O43 - CFD: 12/09/2013 - 22:18:28 - [0,312] ----D C:\Program Files (x86)\Microsoft Synchronization Services
O43 - CFD: 11/09/2013 - 23:29:38 - [1,821] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 12/09/2013 - 22:17:32 - [7,797] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 12/10/2013 - 12:23:12 - [47,224] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 09/07/2013 - 17:44:03 - [0,214] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 12/09/2013 - 22:19:57 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 11/05/2012 - 03:55:51 - [11,447] ----D C:\Program Files (x86)\Notepad++
O43 - CFD: 13/04/2013 - 20:42:45 - [-1435,722] ----D C:\Program Files (x86)\OGPlanet
O43 - CFD: 29/03/2012 - 12:55:30 - [20,096] R---D C:\Program Files (x86)\Online Services
O43 - CFD: 03/08/2013 - 21:02:14 - [315,745] ----D C:\Program Files (x86)\OpenOffice 4
O43 - CFD: 15/04/2012 - 09:37:15 - [8,752] ----D C:\Program Files (x86)\Outsim
O43 - CFD: 29/03/2012 - 18:41:50 - [7,234] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 09/05/2012 - 02:06:09 - [23,013] ----D C:\Program Files (x86)\PCSX2 0.9.8
O43 - CFD: 08/09/2013 - 11:30:38 - [111,742] ----D C:\Program Files (x86)\Real
O43 - CFD: 08/09/2013 - 11:31:13 - [18,245] ----D C:\Program Files (x86)\RealNetworks
O43 - CFD: 12/12/2011 - 02:33:23 - [16,710] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [37,357] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 17/06/2013 - 01:06:09 - [-1143,861] ----D C:\Program Files (x86)\Remember Me
O43 - CFD: 28/07/2012 - 13:10:44 - [2,229] ----D C:\Program Files (x86)\RIFT Technologies
O43 - CFD: 30/12/2012 - 18:49:20 - [102,605] ----D C:\Program Files (x86)\Safari
O43 - CFD: 09/08/2013 - 19:35:28 - [18,033] R---D C:\Program Files (x86)\Skype
O43 - CFD: 12/12/2011 - 02:44:09 - [0,727] ----D C:\Program Files (x86)\SymSilent
O43 - CFD: 03/02/2013 - 01:12:32 - [568,871] ----D C:\Program Files (x86)\Ubisoft
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 09/06/2012 - 11:58:25 - [89,128] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 23/09/2012 - 14:39:00 - [6,503] ----D C:\Program Files (x86)\VS Revo Group
O43 - CFD: 29/05/2013 - 20:59:28 - [11,431] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 11/07/2013 - 05:48:33 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 09/08/2013 - 19:35:45 - [147,701] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 09/06/2012 - 01:38:29 - [5,895] ----D C:\Program Files (x86)\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 15/08/2012 - 06:49:32 - [5,092] ----D C:\Program Files (x86)\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 09/06/2012 - 01:38:28 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2010 - 05:31:38 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 09/06/2012 - 01:38:29 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 24/08/2012 - 06:11:21 - [4,111] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 16/10/2013 - 21:48:57 - [21,845] ----D C:\Program Files (x86)\ZHPDiag  =>.Nicolas Coolman
O43 - CFD: 21/04/2013 - 09:15:43 - [209,789] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 24/04/2013 - 22:45:44 - [45,606] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 16/10/2013 - 20:56:17 - [21,390] ----D C:\Program Files (x86)\Common Files\Akamai
O43 - CFD: 29/12/2012 - 15:21:13 - [0] ----D C:\Program Files (x86)\Common Files\Blizzard Entertainment
O43 - CFD: 12/09/2013 - 22:18:25 - [0,095] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 03/02/2013 - 01:37:31 - [6,624] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 12/12/2011 - 02:31:42 - [13,605] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 12/12/2011 - 02:38:25 - [0,007] ----D C:\Program Files (x86)\Common Files\Intel Corporation
O43 - CFD: 19/07/2013 - 16:25:05 - [1,189] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 14/09/2013 - 03:10:44 - [203,172] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 30/08/2012 - 19:19:22 - [0] ----D C:\Program Files (x86)\Common Files\PC Tools
O43 - CFD: 12/12/2011 - 02:32:23 - [0,155] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 09/08/2013 - 19:35:28 - [1,904] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 22/06/2012 - 03:33:59 - [0] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 11/09/2013 - 23:45:49 - [10,399] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 04/11/2011 - 15:38:34 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 17/07/2013 - 02:21:17 - [43,806] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 08/09/2013 - 11:30:33 - [0,336] ----D C:\Program Files (x86)\Common Files\xing shared
O43 - CFD: 22/04/2013 - 02:00:03 - [34,277] ----D C:\ProgramData\Adobe
O43 - CFD: 30/12/2012 - 18:48:03 - [2,216] ----D C:\ProgramData\Apple
O43 - CFD: 30/12/2012 - 18:49:00 - [36,533] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 12/12/2011 - 02:50:50 - [0] ----D C:\ProgramData\ATI
O43 - CFD: 31/12/2012 - 17:52:55 - [0] ----D C:\ProgramData\AVAST Software
O43 - CFD: 27/12/2012 - 00:54:43 - [101,450] ----D C:\ProgramData\Avira
O43 - CFD: 01/11/2012 - 09:03:41 - [96,709] ----D C:\ProgramData\Battle.net
O43 - CFD: 29/03/2012 - 12:53:51 - [0] -SH-D C:\ProgramData\Bureau
O43 - CFD: 15/08/2012 - 06:50:20 - [0] --H-D C:\ProgramData\Common Files
O43 - CFD: 29/03/2012 - 23:18:17 - [0,014] ----D C:\ProgramData\CyberLink
O43 - CFD: 06/06/2012 - 19:38:37 - [0,002] ----D C:\ProgramData\DAEMON Tools Lite  =>.DT Soft Ltd
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 29/03/2012 - 12:53:51 - [0] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Favorites
O43 - CFD: 30/12/2012 - 03:16:38 - [13,203] ----D C:\ProgramData\GarenaMessenger
O43 - CFD: 10/07/2013 - 07:33:12 - [54,564] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 15/12/2012 - 21:11:20 - [6,813] ----D C:\ProgramData\HP
O43 - CFD: 06/06/2012 - 11:44:13 - [2,487] ----D C:\ProgramData\HP Photo Creations
O43 - CFD: 12/12/2011 - 02:49:48 - [0,001] ----D C:\ProgramData\Intel
O43 - CFD: 25/06/2012 - 00:20:37 - [1,813] ----D C:\ProgramData\IObit
O43 - CFD: 27/12/2012 - 00:02:06 - [0] ----D C:\ProgramData\KONAMI
O43 - CFD: 17/06/2012 - 03:16:20 - [17,208] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 03/04/2012 - 12:30:01 - [0] ----D C:\ProgramData\McAfee
O43 - CFD: 29/03/2012 - 12:53:51 - [0] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 29/09/2013 - 17:28:17 - [462,064] -S--D C:\ProgramData\Microsoft
O43 - CFD: 11/10/2013 - 00:54:59 - [0,194] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 10/05/2013 - 23:07:02 - [0] ----D C:\ProgramData\Microsoft SkyDrive  =>.Microsoft Corporation
O43 - CFD: 12/09/2013 - 23:03:51 - [0,002] ----D C:\ProgramData\Microsoft Toolkit
O43 - CFD: 29/03/2012 - 12:53:51 - [0] -SH-D C:\ProgramData\Modèles
O43 - CFD: 25/04/2012 - 00:16:47 - [0] ----D C:\ProgramData\Mozilla
O43 - CFD: 29/03/2012 - 19:55:53 - [5,110] ----D C:\ProgramData\Nexon
O43 - CFD: 14/07/2012 - 13:56:39 - [1,887] ----D C:\ProgramData\NexonEU
O43 - CFD: 30/12/2012 - 19:05:18 - [0,021] ----D C:\ProgramData\Norton
O43 - CFD: 12/12/2011 - 02:39:32 - [14,577] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 30/08/2012 - 15:10:39 - [207,726] ----D C:\ProgramData\PC Tools
O43 - CFD: 13/10/2013 - 12:36:49 - [0,035] ----D C:\ProgramData\PMB Files =>P2P.Pando
O43 - CFD: 12/12/2011 - 02:34:16 - [4,719] ----D C:\ProgramData\Ralink Driver
O43 - CFD: 08/09/2013 - 11:30:31 - [2,510] ----D C:\ProgramData\Real
O43 - CFD: 08/09/2013 - 11:31:10 - [3,335] ----D C:\ProgramData\RealNetworks
O43 - CFD: 21/04/2013 - 09:15:00 - [0,002] ----D C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 09/08/2013 - 19:35:38 - [56,559] ----D C:\ProgramData\Skype
O43 - CFD: 05/01/2013 - 17:33:19 - [0,003] ----D C:\ProgramData\Solidshield
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 30/01/2013 - 00:03:08 - [0,116] ----D C:\ProgramData\Steam
O43 - CFD: 11/05/2012 - 21:23:44 - [0] ----D C:\ProgramData\Sun
O43 - CFD: 29/12/2012 - 00:45:04 - [0] ----D C:\ProgramData\Symantec
O43 - CFD: 12/12/2011 - 02:49:51 - [0,174] ----D C:\ProgramData\Synaptics
O43 - CFD: 12/09/2013 - 22:05:19 - [1658,565] ---AD C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Templates
O43 - CFD: 05/01/2013 - 17:35:34 - [0] ----D C:\ProgramData\Ubisoft
O43 - CFD: 22/06/2012 - 10:57:37 - [0] ----D C:\ProgramData\Virtualized Applications
O43 - CFD: 31/03/2012 - 13:39:54 - [0] ----D C:\ProgramData\VirtualizedApplications
O43 - CFD: 25/04/2013 - 00:29:58 - [0] ----D C:\ProgramData\VMware
O43 - CFD: 08/07/2012 - 16:31:39 - [147,732] ----D C:\ProgramData\WildTangent
O43 - CFD: 08/12/2012 - 13:01:10 - [39,643] ----D C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
O43 - CFD: 04/05/2013 - 00:40:58 - [0] --H-D C:\ProgramData\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}
O43 - CFD: 24/04/2013 - 22:45:53 - [33,251] ----D C:\Users\Bill Gates\AppData\Roaming\Adobe
O43 - CFD: 16/01/2013 - 15:17:18 - [10,712] ----D C:\Users\Bill Gates\AppData\Roaming\Apple Computer
O43 - CFD: 05/05/2012 - 01:00:39 - [1,997] ----D C:\Users\Bill Gates\AppData\Roaming\Artisteer
O43 - CFD: 29/03/2012 - 12:59:58 - [0] ----D C:\Users\Bill Gates\AppData\Roaming\ATI
O43 - CFD: 27/12/2012 - 01:00:16 - [0] ----D C:\Users\Bill Gates\AppData\Roaming\Avira
O43 - CFD: 21/04/2013 - 09:21:49 - [0,031] ----D C:\Users\Bill Gates\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O43 - CFD: 11/10/2013 - 23:18:27 - [0,070] ----D C:\Users\Bill Gates\AppData\Roaming\CodeBlocks
O43 - CFD: 24/04/2013 - 22:45:51 - [0,396] ----D C:\Users\Bill Gates\AppData\Roaming\com.adobe.WidgetBrowser
O43 - CFD: 29/03/2012 - 12:59:36 - [0,532] ----D C:\Users\Bill Gates\AppData\Roaming\CyberLink
O43 - CFD: 11/05/2012 - 13:42:08 - [95,461] ----D C:\Users\Bill Gates\AppData\Roaming\D-Jix
O43 - CFD: 11/05/2012 - 13:46:14 - [0,002] ----D C:\Users\Bill Gates\AppData\Roaming\D-Jix Media LE
O43 - CFD: 04/05/2013 - 03:32:06 - [1,409] ----D C:\Users\Bill Gates\AppData\Roaming\DAEMON Tools Lite  =>.DT Soft Ltd
O43 - CFD: 17/09/2012 - 22:23:44 - [0] ----D C:\Users\Bill Gates\AppData\Roaming\EurekaLog
O43 - CFD: 20/05/2012 - 01:10:50 - [0,024] ----D C:\Users\Bill Gates\AppData\Roaming\FileZilla
O43 - CFD: 24/07/2013 - 01:14:53 - [4,253] ----D C:\Users\Bill Gates\AppData\Roaming\FlowStone
O43 - CFD: 11/12/2012 - 18:52:08 - [0,012] ----D C:\Users\Bill Gates\AppData\Roaming\GarenaPlus
O43 - CFD: 07/04/2012 - 03:04:11 - [0] ----D C:\Users\Bill Gates\AppData\Roaming\GetRightToGo
O43 - CFD: 01/06/2012 - 21:47:14 - [0,010] ----D C:\Users\Bill Gates\AppData\Roaming\Hewlett-Packard
O43 - CFD: 11/05/2012 - 16:15:47 - [0,649] ----D C:\Users\Bill Gates\AppData\Roaming\hpqlog
O43 - CFD: 29/03/2012 - 12:58:22 - [0] ----D C:\Users\Bill Gates\AppData\Roaming\Identities
O43 - CFD: 10/05/2012 - 21:26:08 - [2,338] ----D C:\Users\Bill Gates\AppData\Roaming\Image-Line
O43 - CFD: 26/04/2012 - 12:37:27 - [0,026] ----D C:\Users\Bill Gates\AppData\Roaming\inkscape
O43 - CFD: 01/08/2012 - 05:44:49 - [0] ----D C:\Users\Bill Gates\AppData\Roaming\LolClient
O43 - CFD: 29/03/2012 - 17:29:15 - [0,055] ----D C:\Users\Bill Gates\AppData\Roaming\Macromedia
O43 - CFD: 17/06/2012 - 03:16:29 - [5,159] ----D C:\Users\Bill Gates\AppData\Roaming\Malwarebytes
O43 - CFD: 12/12/2011 - 11:20:44 - [0] ----D C:\Users\Bill Gates\AppData\Roaming\Media Center Programs
O43 - CFD: 13/09/2013 - 00:30:01 - [12,216] -S--D C:\Users\Bill Gates\AppData\Roaming\Microsoft
O43 - CFD: 02/04/2012 - 23:34:02 - [32,583] ----D C:\Users\Bill Gates\AppData\Roaming\Mozilla
O43 - CFD: 11/05/2012 - 03:56:01 - [0,434] ----D C:\Users\Bill Gates\AppData\Roaming\Notepad++
O43 - CFD: 03/08/2013 - 21:03:15 - [7,752] ----D C:\Users\Bill Gates\AppData\Roaming\OpenOffice
O43 - CFD: 10/05/2013 - 23:35:33 - [0] ----D C:\Users\Bill Gates\AppData\Roaming\PC Remote
O43 - CFD: 21/04/2013 - 09:15:17 - [0] ----D C:\Users\Bill Gates\AppData\Roaming\PDAppFlex
O43 - CFD: 05/01/2013 - 17:22:24 - [0,797] ----D C:\Users\Bill Gates\AppData\Roaming\PunkBuster
O43 - CFD: 27/12/2012 - 00:20:22 - [8,268] ----D C:\Users\Bill Gates\AppData\Roaming\Real
O43 - CFD: 08/09/2013 - 11:32:18 - [0,027] ----D C:\Users\Bill Gates\AppData\Roaming\RealNetworks
O43 - CFD: 26/07/2013 - 03:36:36 - [0] ----D C:\Users\Bill Gates\AppData\Roaming\Riot Games
O43 - CFD: 09/08/2013 - 19:51:35 - [6,601] ----D C:\Users\Bill Gates\AppData\Roaming\Skype
O43 - CFD: 11/09/2013 - 22:13:51 - [1,226] ----D C:\Users\Bill Gates\AppData\Roaming\SoftGrid Client
O43 - CFD: 17/09/2012 - 22:18:46 - [0] ----D C:\Users\Bill Gates\AppData\Roaming\Softplicity
O43 - CFD: 29/03/2012 - 12:58:55 - [0] ----D C:\Users\Bill Gates\AppData\Roaming\Synaptics
O43 - CFD: 27/04/2013 - 18:32:17 - [0] ----D C:\Users\Bill Gates\AppData\Roaming\SynthMaker
O43 - CFD: 11/12/2012 - 20:01:52 - [0,013] ----D C:\Users\Bill Gates\AppData\Roaming\TeamViewer
O43 - CFD: 30/03/2013 - 02:21:24 - [0,005] ----D C:\Users\Bill Gates\AppData\Roaming\Unity
O43 - CFD: 06/10/2013 - 04:06:45 - [4,097] ----D C:\Users\Bill Gates\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 16/10/2013 - 21:21:03 - [0,080] ----D C:\Users\Bill Gates\AppData\Roaming\vlc
O43 - CFD: 08/07/2012 - 16:31:43 - [6,867] ----D C:\Users\Bill Gates\AppData\Roaming\WildTangent
O43 - CFD: 02/04/2012 - 23:05:30 - [0] ----D C:\Users\Bill Gates\AppData\Roaming\Windows Live Writer
O43 - CFD: 07/04/2012 - 03:04:31 - [0] ----D C:\Users\Bill Gates\AppData\Roaming\WinRAR
O43 - CFD: 08/10/2013 - 20:33:22 - [0,001] ----D C:\Users\Bill Gates\AppData\Roaming\xm1
O43 - CFD: 16/10/2013 - 21:52:09 - [0,018] ----D C:\Users\Bill Gates\AppData\Roaming\ZHP  =>.Nicolas Coolman
O43 - CFD: 15/10/2013 - 07:23:51 - [2,715] ----D C:\Users\Bill Gates\AppData\Local\Adobe
O43 - CFD: 28/06/2013 - 18:40:58 - [32,920] ----D C:\Users\Bill Gates\AppData\Local\Akamai
O43 - CFD: 30/12/2012 - 18:48:05 - [0] ----D C:\Users\Bill Gates\AppData\Local\Apple
O43 - CFD: 30/12/2012 - 18:49:29 - [56,081] ----D C:\Users\Bill Gates\AppData\Local\Apple Computer
O43 - CFD: 29/03/2012 - 12:54:00 - [0] -SH-D C:\Users\Bill Gates\AppData\Local\Application Data
O43 - CFD: 20/06/2012 - 03:03:12 - [1,487] ----D C:\Users\Bill Gates\AppData\Local\Apps
O43 - CFD: 29/03/2012 - 12:59:58 - [0,056] ----D C:\Users\Bill Gates\AppData\Local\ATI
O43 - CFD: 31/03/2012 - 03:08:55 - [0,001] ----D C:\Users\Bill Gates\AppData\Local\CAPCOM
O43 - CFD: 19/09/2013 - 00:14:48 - [0] ----D C:\Users\Bill Gates\AppData\Local\CrashDumps
O43 - CFD: 29/03/2012 - 12:59:35 - [0,005] ----D C:\Users\Bill Gates\AppData\Local\CyberLink
O43 - CFD: 20/06/2012 - 03:03:21 - [0] ----D C:\Users\Bill Gates\AppData\Local\Deployment
O43 - CFD: 15/06/2012 - 06:55:06 - [0] ----D C:\Users\Bill Gates\AppData\Local\Diagnostics
O43 - CFD: 07/04/2012 - 16:58:01 - [722,261] ----D C:\Users\Bill Gates\AppData\Local\Downloaded Installations
O43 - CFD: 29/09/2013 - 21:23:41 - [0,360] ----D C:\Users\Bill Gates\AppData\Local\ElevatedDiagnostics
O43 - CFD: 27/11/2012 - 18:04:53 - [0] ----D C:\Users\Bill Gates\AppData\Local\Garena
O43 - CFD: 23/04/2013 - 17:36:33 - [-1772,470] ----D C:\Users\Bill Gates\AppData\Local\Google
O43 - CFD: 30/03/2012 - 17:29:35 - [0,012] ----D C:\Users\Bill Gates\AppData\Local\Hewlett-Packard
O43 - CFD: 01/06/2012 - 21:47:13 - [0,004] ----D C:\Users\Bill Gates\AppData\Local\Hewlett-Packard_Company
O43 - CFD: 29/03/2012 - 12:54:00 - [0] -SH-D C:\Users\Bill Gates\AppData\Local\Historique
O43 - CFD: 06/06/2012 - 14:31:55 - [0,027] ----D C:\Users\Bill Gates\AppData\Local\HP
O43 - CFD: 23/06/2012 - 20:50:16 - [0] ----D C:\Users\Bill Gates\AppData\Local\Macromedia
O43 - CFD: 13/09/2013 - 00:30:02 - [-1542,637] ----D C:\Users\Bill Gates\AppData\Local\Microsoft
O43 - CFD: 13/10/2012 - 13:59:51 - [0,235] ----D C:\Users\Bill Gates\AppData\Local\Microsoft Games
O43 - CFD: 28/04/2012 - 03:29:25 - [0] ----D C:\Users\Bill Gates\AppData\Local\Microsoft Help
O43 - CFD: 02/06/2012 - 18:20:43 - [0] ----D C:\Users\Bill Gates\AppData\Local\MigWiz
O43 - CFD: 02/04/2012 - 23:34:02 - [86,366] ----D C:\Users\Bill Gates\AppData\Local\Mozilla
O43 - CFD: 16/10/2013 - 21:54:01 - [0,180] ----D C:\Users\Bill Gates\AppData\Local\PMB Files =>P2P.Pando
O43 - CFD: 11/01/2013 - 23:38:02 - [0] ----D C:\Users\Bill Gates\AppData\Local\Programs
O43 - CFD: 29/03/2012 - 12:55:06 - [0] ----D C:\Users\Bill Gates\AppData\Local\RemEngine
O43 - CFD: 17/02/2013 - 03:54:27 - [0] ----D C:\Users\Bill Gates\AppData\Local\SCE
O43 - CFD: 30/03/2012 - 11:40:13 - [4,273] ----D C:\Users\Bill Gates\AppData\Local\SoftGrid Client
O43 - CFD: 16/10/2013 - 21:54:14 - [1,338] ----D C:\Users\Bill Gates\AppData\Local\Temp
O43 - CFD: 29/03/2012 - 12:54:00 - [0] -SH-D C:\Users\Bill Gates\AppData\Local\Temporary Internet Files
O43 - CFD: 30/03/2013 - 01:07:01 - [0,208] ----D C:\Users\Bill Gates\AppData\Local\Unity
O43 - CFD: 07/04/2012 - 18:29:47 - [0,004] ----D C:\Users\Bill Gates\AppData\Local\VirtualStore
O43 - CFD: 25/04/2013 - 00:29:58 - [0] ----D C:\Users\Bill Gates\AppData\Local\VMware
O43 - CFD: 10/09/2013 - 20:50:32 - [0,059] ----D C:\Users\Bill Gates\AppData\Local\Windows Live
O43 - CFD: 02/04/2012 - 23:05:39 - [0,618] ----D C:\Users\Bill Gates\AppData\Local\Windows Live Writer
O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\Bill Gates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 12/09/2013 - 22:00:54 - [0] R---D C:\Users\Bill Gates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 08/10/2013 - 20:30:07 - [0] ----D C:\Users\Bill Gates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Algobox
O43 - CFD: 24/07/2013 - 01:17:28 - [0,003] ----D C:\Users\Bill Gates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
O43 - CFD: 27/09/2013 - 21:12:38 - [0,004] ----D C:\Users\Bill Gates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
O43 - CFD: 11/05/2012 - 13:43:51 - [0,003] ----D C:\Users\Bill Gates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\D-Jix Media LE
O43 - CFD: 03/05/2012 - 15:13:04 - [0,004] ----D C:\Users\Bill Gates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 17/02/2013 - 03:49:25 - [0,003] ----D C:\Users\Bill Gates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 15/01/2013 - 22:37:08 - [0,002] ----D C:\Users\Bill Gates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 24/07/2013 - 01:15:36 - [0,003] ----D C:\Users\Bill Gates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
O43 - CFD: 03/10/2012 - 01:02:08 - [0] ----D C:\Users\Bill Gates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KONAMI
O43 - CFD: 05/10/2013 - 15:06:12 - [0,002] ----D C:\Users\Bill Gates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\Bill Gates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 11/05/2012 - 03:55:45 - [0] ----D C:\Users\Bill Gates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 24/07/2013 - 00:59:10 - [0,002] ----D C:\Users\Bill Gates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OGPlanet
O43 - CFD: 23/09/2012 - 14:39:01 - [0,005] ----D C:\Users\Bill Gates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 12/09/2013 - 22:00:54 - [0] R---D C:\Users\Bill Gates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 07/04/2012 - 03:04:16 - [0,003] ----D C:\Users\Bill Gates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 13/04/2013 - 20:42:45 - [0,003] ----D C:\Users\Bill Gates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zone4 - Fight District
~ 374 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 644 Scanned in 02mn 10s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.280E90CBF4B2DDD169F0728CB44D726F] - 09/10/2013 - 17:17:07 ---A- . (.Microsoft Corporation - Default Hub Driver for USB.) -- C:\Windows\System32\Drivers\usbhub.sys   [343040]
O44 - LFC:[MD5.9406D801042FAF859CF81B2C886413DC] - 09/10/2013 - 17:17:07 ---A- . (.Microsoft Corporation - OHCI USB Miniport Driver.) -- C:\Windows\System32\Drivers\usbohci.sys   [25600]
O44 - LFC:[MD5.A83D0EC9AE4C31704442099D40BA2471] - 09/10/2013 - 17:17:07 ---A- . (.Microsoft Corporation - UHCI USB Miniport Driver.) -- C:\Windows\System32\Drivers\usbuhci.sys   [30720]
O44 - LFC:[MD5.311C1DD1088E55BEAE15954D17F50646] - 09/10/2013 - 17:17:08 ---A- . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) -- C:\Windows\System32\Drivers\usbehci.sys   [52736]
O44 - LFC:[MD5.E73A7A04FDAC9DD46EE2A4257F09E91C] - 09/10/2013 - 17:17:08 ---A- . (.Microsoft Corporation - Pilote de port USB 1.1 & 2.0.) -- C:\Windows\System32\Drivers\usbport.sys   [325120]
O44 - LFC:[MD5.ACCEA6BC68D0C9A78EB97EE159028B4E] - 09/10/2013 - 17:17:08 ---A- . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) -- C:\Windows\System32\Drivers\usbccgp.sys   [99840]
O44 - LFC:[MD5.861C197502A5057E68F0AC75D9EFCDD7] - 09/10/2013 - 17:17:08 ---A- . (.Microsoft Corporation - Universal Serial Bus Driver.) -- C:\Windows\System32\Drivers\usbd.sys   [7808]
O44 - LFC:[MD5.56661BB55AE4633677F846FFCD080ECA] - 09/10/2013 - 17:17:15 ---A- . (.Microsoft Corporation - Nettoyage de la mise à jour.) -- C:\Windows\SysNative\scavengeui.dll   [461312]
O44 - LFC:[MD5.56661BB55AE4633677F846FFCD080ECA] - 09/10/2013 - 17:17:15 ---A- . (.Microsoft Corporation - Nettoyage de la mise à jour.) -- C:\Windows\System32\scavengeui.dll   [461312]
O44 - LFC:[MD5.53BD875C7C0808235BFB803C1A8BE009] - 09/10/2013 - 17:17:17 ---A- . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys   [984512]
O44 - LFC:[MD5.E6DE47E2B2E36018E071D4E44AEBBFAC] - 09/10/2013 - 17:17:17 ---A- . (.Microsoft Corporation - DirectX Graphics MMS.) -- C:\Windows\System32\Drivers\dxgmms1.sys   [265152]
O44 - LFC:[MD5.764DF431D13537A575752009E7740F18] - 09/10/2013 - 17:17:17 ---A- . (.Microsoft Corporation - WinFX OpenType/CFF Rasterizer.) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll   [124112]
O44 - LFC:[MD5.764DF431D13537A575752009E7740F18] - 09/10/2013 - 17:17:17 ---A- . (.Microsoft Corporation - WinFX OpenType/CFF Rasterizer.) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll   [124112]
O44 - LFC:[MD5.CAAAC014C5C56A69F710B5F1B836DE22] - 09/10/2013 - 17:17:35 ---A- . (.Microsoft Corporation - DLL Couche NT.) -- C:\Windows\SysNative\ntdll.dll   [1732032]
O44 - LFC:[MD5.CAAAC014C5C56A69F710B5F1B836DE22] - 09/10/2013 - 17:17:35 ---A- . (.Microsoft Corporation - DLL Couche NT.) -- C:\Windows\System32\ntdll.dll   [1732032]
O44 - LFC:[MD5.70833F5A59F65908698093889C34BCA2] - 09/10/2013 - 17:17:35 ---A- . (.Microsoft Corporation - Win32 Emulation on NT64.) -- C:\Windows\SysNative\wow64.dll   [243712]
O44 - LFC:[MD5.70833F5A59F65908698093889C34BCA2] - 09/10/2013 - 17:17:35 ---A- . (.Microsoft Corporation - Win32 Emulation on NT64.) -- C:\Windows\System32\wow64.dll   [243712]
O44 - LFC:[MD5.A3FCC4F97551087D65F8FEE879FEF736] - 09/10/2013 - 17:17:36 ---A- . (.Microsoft Corporation - Bibliothèque de l’application auxiliaire de.) -- C:\Windows\SysNative\tdh.dll   [859648]
O44 - LFC:[MD5.A3FCC4F97551087D65F8FEE879FEF736] - 09/10/2013 - 17:17:36 ---A- . (.Microsoft Corporation - Bibliothèque de l’application auxiliaire de.) -- C:\Windows\System32\tdh.dll   [859648]
O44 - LFC:[MD5.63A580C88CFAF72A92550940054569EF] - 09/10/2013 - 17:17:38 ---A- . (.Microsoft Corporation - API avancées Windows 32.) -- C:\Windows\SysNative\advapi32.dll   [878080]
O44 - LFC:[MD5.63A580C88CFAF72A92550940054569EF] - 09/10/2013 - 17:17:38 ---A- . (.Microsoft Corporation - API avancées Windows 32.) -- C:\Windows\System32\advapi32.dll   [878080]
O44 - LFC:[MD5.5B9A6A310326D9C438F2C19FBBE97C97] - 09/10/2013 - 17:17:39 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\SysNative\ntoskrnl.exe   [5549504]
O44 - LFC:[MD5.5B9A6A310326D9C438F2C19FBBE97C97] - 09/10/2013 - 17:17:39 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe   [5549504]
O44 - LFC:[MD5.19320B121BFE7462EADD50A42C81AFD0] - 09/10/2013 - 17:17:46 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\SysNative\win32k.sys   [3155968]
O44 - LFC:[MD5.19320B121BFE7462EADD50A42C81AFD0] - 09/10/2013 - 17:17:46 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys   [3155968]
O44 - LFC:[MD5.314C17917AC8523EC77A710215012A65] - 09/10/2013 - 17:17:49 ---A- . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\Drivers\afd.sys   [497152]
O44 - LFC:[MD5.9A9F9F1A77D6A80EE28B57664F00013E] - 09/10/2013 - 17:17:49 ---A- . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Micro.) -- C:\Windows\SysNative\mswsock.dll   [327168]
O44 - LFC:[MD5.9A9F9F1A77D6A80EE28B57664F00013E] - 09/10/2013 - 17:17:49 ---A- . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Micro.) -- C:\Windows\System32\mswsock.dll   [327168]
O44 - LFC:[MD5.40AF23633D197905F03AB5628C558C51] - 09/10/2013 - 17:17:49 ---A- . (.Microsoft Corporation - Pilote TCP/IP.) -- C:\Windows\System32\Drivers\tcpip.sys   [1903552]
O44 - LFC:[MD5.B32AB94A432289AC2DF77A3DCAD32EED] - 09/10/2013 - 17:17:51 ---A- . (.Microsoft Corporation - Web DAV Client DLL.) -- C:\Windows\SysNative\davclnt.dll   [102400]
O44 - LFC:[MD5.B32AB94A432289AC2DF77A3DCAD32EED] - 09/10/2013 - 17:17:51 ---A- . (.Microsoft Corporation - Web DAV Client DLL.) -- C:\Windows\System32\davclnt.dll   [102400]
O44 - LFC:[MD5.1A4F75E63C9FB84B85DFFC6B63FD5404] - 09/10/2013 - 17:17:51 ---A- . (.Microsoft Corporation - Windows NT WebDav Minirdr.) -- C:\Windows\System32\Drivers\mrxdav.sys   [140800]
O44 - LFC:[MD5.0EB0E5D22B1760F2DBCE632F2DD7A54D] - 09/10/2013 - 17:17:52 ---A- . (.Microsoft Corporation - Fichier DLL du service DAV pour le Web.) -- C:\Windows\SysNative\WebClnt.dll   [259584]
O44 - LFC:[MD5.0EB0E5D22B1760F2DBCE632F2DD7A54D] - 09/10/2013 - 17:17:52 ---A- . (.Microsoft Corporation - Fichier DLL du service DAV pour le Web.) -- C:\Windows\System32\WebClnt.dll   [259584]
O44 - LFC:[MD5.E2C933EDBC389386EBE6D2BA953F43D8] - 09/10/2013 - 17:17:53 ---A- . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) -- C:\Windows\System32\Drivers\Wdf01000.sys   [785624]
O44 - LFC:[MD5.80B0F7D5CCF86CEB5D402EAAF61FEC31] - 09/10/2013 - 17:17:54 ---A- . (.Microsoft Corporation - USB Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\usbcir.sys   [100864]
O44 - LFC:[MD5.1F775DA4CF1A3A1834207E975A72E9D7] - 09/10/2013 - 17:17:54 ---A- . (.Microsoft Corporation - USB Video Class Driver.) -- C:\Windows\System32\Drivers\usbvideo.sys   [185344]
O44 - LFC:[MD5.597C3699384E53CC59587ED50CCE5CA2] - 09/10/2013 - 17:17:56 ---A- . (.Microsoft Corporation - Hid Class Library.) -- C:\Windows\System32\Drivers\hidclass.sys   [76800]
O44 - LFC:[MD5.856E76B3641746ABBC2946BED1372098] - 09/10/2013 - 17:17:56 ---A- . (.Microsoft Corporation - Hid Parsing Library.) -- C:\Windows\System32\Drivers\hidparse.sys   [32896]
O44 - LFC:[MD5.9661DA76B4531B2DA272ECCE25A8AF24] - 09/10/2013 - 17:17:56 ---A- . (.Microsoft Corporation - USB Scanner Driver.) -- C:\Windows\System32\Drivers\usbscan.sys   [42496]
O44 - LFC:[MD5.142671F462619CB64BA74F5B70136CB4] - 09/10/2013 - 17:17:57 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\SysNative\atmlib.dll   [46080]
O44 - LFC:[MD5.142671F462619CB64BA74F5B70136CB4] - 09/10/2013 - 17:17:57 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll   [46080]
O44 - LFC:[MD5.A5ED9421B8D09ED4F57CDA386307713E] - 09/10/2013 - 17:17:57 ---A- . (.Microsoft Corporation - DCI Manager.) -- C:\Windows\SysNative\dciman32.dll   [14336]
O44 - LFC:[MD5.A5ED9421B8D09ED4F57CDA386307713E] - 09/10/2013 - 17:17:57 ---A- . (.Microsoft Corporation - DCI Manager.) -- C:\Windows\System32\dciman32.dll   [14336]
O44 - LFC:[MD5.D6BAE9B4B210D71CDDADC224CEFCDB5F] - 09/10/2013 - 17:17:57 ---A- . (.Microsoft Corporation - Font Subsetting DLL.) -- C:\Windows\SysNative\fontsub.dll   [100864]
O44 - LFC:[MD5.D6BAE9B4B210D71CDDADC224CEFCDB5F] - 09/10/2013 - 17:17:57 ---A- . (.Microsoft Corporation - Font Subsetting DLL.) -- C:\Windows\System32\fontsub.dll   [100864]
O44 - LFC:[MD5.796B47A4B82EF1C39F13435B88834C48] - 09/10/2013 - 17:17:57 ---A- . (.Microsoft Corporation - Language Pack.) -- C:\Windows\SysNative\lpk.dll   [41472]
O44 - LFC:[MD5.796B47A4B82EF1C39F13435B88834C48] - 09/10/2013 - 17:17:57 ---A- . (.Microsoft Corporation - Language Pack.) -- C:\Windows\System32\lpk.dll   [41472]
O44 - LFC:[MD5.E1BB958681BE311E7CFF06CFEC5F1F2B] - 09/10/2013 - 17:17:58 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\SysNative\atmfd.dll   [368128]
O44 - LFC:[MD5.E1BB958681BE311E7CFF06CFEC5F1F2B] - 09/10/2013 - 17:17:58 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll   [368128]
O44 - LFC:[MD5.9028D1621C43DF8DFBD1C76860412A11] - 09/10/2013 - 17:17:59 ---A- . (.Microsoft Corporation - Bibliothèque de contrôles de l’expérience u.) -- C:\Windows\SysNative\comctl32.dll   [633856]
O44 - LFC:[MD5.9028D1621C43DF8DFBD1C76860412A11] - 09/10/2013 - 17:17:59 ---A- . (.Microsoft Corporation - Bibliothèque de contrôles de l’expérience u.) -- C:\Windows\System32\comctl32.dll   [633856]
O44 - LFC:[MD5.C53BA50404665A17707D9D4FD78699CB] - 10/10/2013 - 23:39:34 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\SysNative\MRT.exe   [80541720]
O44 - LFC:[MD5.C53BA50404665A17707D9D4FD78699CB] - 10/10/2013 - 23:39:34 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe   [80541720]
O44 - LFC:[MD5.ACF89BD76E44B0A6B7C531C2774C52B5] - 11/10/2013 - 19:21:22 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT   [732000]
O44 - LFC:[MD5.ACF89BD76E44B0A6B7C531C2774C52B5] - 11/10/2013 - 19:21:22 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT   [732000]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/10/2013 - 19:35:39 ---A- . (...) -- C:\Windows\SysNative\HP_ActiveX_Patch_NOT_DETECTED.txt   [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/10/2013 - 19:35:39 ---A- . (...) -- C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt   [0]
O44 - LFC:[MD5.E965529C43D25F2BDA77D705098BF777] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - ADVPACK.) -- C:\Windows\SysNative\IEAdvpack.dll   [135680]
O44 - LFC:[MD5.E965529C43D25F2BDA77D705098BF777] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - ADVPACK.) -- C:\Windows\System32\IEAdvpack.dll   [135680]
O44 - LFC:[MD5.942E110384668EEFF44751A02EDDF5E4] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - DLL de ressource du composant d'édition HTM.) -- C:\Windows\SysNative\mshtmler.dll   [48640]
O44 - LFC:[MD5.942E110384668EEFF44751A02EDDF5E4] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - DLL de ressource du composant d'édition HTM.) -- C:\Windows\System32\mshtmler.dll   [48640]
O44 - LFC:[MD5.658E8FEC79A4AB5BFDE032627B5C9667] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - Hôte des applications HTML de Microsoft(R).) -- C:\Windows\SysNative\mshta.exe   [13824]
O44 - LFC:[MD5.658E8FEC79A4AB5BFDE032627B5C9667] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - Hôte des applications HTML de Microsoft(R).) -- C:\Windows\System32\mshta.exe   [13824]
O44 - LFC:[MD5.C2F21E3059AFF5E616F3E361D9FA10CD] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - IE PNG plugin image decoder.) -- C:\Windows\SysNative\pngfilt.dll   [62976]
O44 - LFC:[MD5.C2F21E3059AFF5E616F3E361D9FA10CD] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - IE PNG plugin image decoder.) -- C:\Windows\System32\pngfilt.dll   [62976]
O44 - LFC:[MD5.742B2C69643527763E162C0BA923D086] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\SysNative\iesysprep.dll   [136704]
O44 - LFC:[MD5.742B2C69643527763E162C0BA923D086] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\System32\iesysprep.dll   [136704]
O44 - LFC:[MD5.5B15164486C66B76699E1CD2CD2F3A2A] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - IE plugin image decoder support DLL.) -- C:\Windows\SysNative\imgutil.dll   [51200]
O44 - LFC:[MD5.5B15164486C66B76699E1CD2CD2F3A2A] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - IE plugin image decoder support DLL.) -- C:\Windows\System32\imgutil.dll   [51200]
O44 - LFC:[MD5.7B4E06047031B2AAA4AE10F00C59BFC7] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\SysNative\jscript.dll   [855552]
O44 - LFC:[MD5.D383602755758FA81166B0FD8AFE6D40] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\SysNative\jscript9.dll   [3959296]
O44 - LFC:[MD5.7B4E06047031B2AAA4AE10F00C59BFC7] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll   [855552]
O44 - LFC:[MD5.D383602755758FA81166B0FD8AFE6D40] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll   [3959296]
O44 - LFC:[MD5.82D602EBBBA6D08E4691F32269FD3494] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - Microsoft Feeds Synchronization.) -- C:\Windows\SysNative\msfeedssync.exe   [12800]
O44 - LFC:[MD5.82D602EBBBA6D08E4691F32269FD3494] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - Microsoft Feeds Synchronization.) -- C:\Windows\System32\msfeedssync.exe   [12800]
O44 - LFC:[MD5.991A9D6B797B4D7E9EB29BE1FB4B1D28] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\SysNative\ieui.dll   [526336]
O44 - LFC:[MD5.991A9D6B797B4D7E9EB29BE1FB4B1D28] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\System32\ieui.dll   [526336]
O44 - LFC:[MD5.CCDB8FDC289AA9AFA5F8827A2ADB21AD] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\SysNative\ieframe.dll   [15404544]
O44 - LFC:[MD5.CCDB8FDC289AA9AFA5F8827A2ADB21AD] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll   [15404544]
O44 - LFC:[MD5.D0D4CE6C6CE87269A34A184356475D17] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - Object Control Viewer.) -- C:\Windows\SysNative\occache.dll   [149504]
O44 - LFC:[MD5.D0D4CE6C6CE87269A34A184356475D17] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - Object Control Viewer.) -- C:\Windows\System32\occache.dll   [149504]
O44 - LFC:[MD5.18A94D6E9D27D169D38DAB91F6A97518] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - Objets homologues Internet Explorer.) -- C:\Windows\SysNative\iepeers.dll   [136192]
O44 - LFC:[MD5.18A94D6E9D27D169D38DAB91F6A97518] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - Objets homologues Internet Explorer.) -- C:\Windows\System32\iepeers.dll   [136192]
O44 - LFC:[MD5.F651D95B5043EFC20A6108A853553984] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - Sets the date that IE was installed.) -- C:\Windows\SysNative\SetIEInstalledDate.exe   [92160]
O44 - LFC:[MD5.F651D95B5043EFC20A6108A853553984] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - Sets the date that IE was installed.) -- C:\Windows\System32\SetIEInstalledDate.exe   [92160]
O44 - LFC:[MD5.63CAE56FE4215F98FEB0188748A99378] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - Synchronisation en arrière-plan des flux Mi.) -- C:\Windows\SysNative\msfeedsbs.dll   [52224]
O44 - LFC:[MD5.63CAE56FE4215F98FEB0188748A99378] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - Synchronisation en arrière-plan des flux Mi.) -- C:\Windows\System32\msfeedsbs.dll   [52224]
O44 - LFC:[MD5.440104AEB9DAF8AC9842080AE59740FA] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - TDC ActiveX Control.) -- C:\Windows\SysNative\tdc.ocx   [77312]
O44 - LFC:[MD5.440104AEB9DAF8AC9842080AE59740FA] - 16/10/2013 - 00:01:02 ---A- . (.Microsoft Corporation - TDC ActiveX Control.) -- C:\Windows\System32\tdc.ocx   [77312]
O44 - LFC:[MD5.1FF56AC32B38A94C3C88497BD6E00C96] - 16/10/2013 - 00:01:03 ---A- . (...) -- C:\Windows\SysNative\ieuinit.inf   [25185]
O44 - LFC:[MD5.1FF56AC32B38A94C3C88497BD6E00C96] - 16/10/2013 - 00:01:03 ---A- . (...) -- C:\Windows\System32\ieuinit.inf   [25185]
O44 - LFC:[MD5.40738329209CBE2C9B48F7E30F7C1414] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Auto-extracteur de fichier CAB Win32.) -- C:\Windows\SysNative\wextract.exe   [144896]
O44 - LFC:[MD5.40738329209CBE2C9B48F7E30F7C1414] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Auto-extracteur de fichier CAB Win32.) -- C:\Windows\System32\wextract.exe   [144896]
O44 - LFC:[MD5.BC0D4AFBE94D8E1F81C8926D805C3366] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\SysNative\webcheck.dll   [247296]
O44 - LFC:[MD5.BC0D4AFBE94D8E1F81C8926D805C3366] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll   [247296]
O44 - LFC:[MD5.D8DD5CBB9668EEE98915EA49C72F78FA] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Convertisseur Microsoft HTML.) -- C:\Windows\SysNative\html.iec   [441856]
O44 - LFC:[MD5.D8DD5CBB9668EEE98915EA49C72F78FA] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Convertisseur Microsoft HTML.) -- C:\Windows\System32\html.iec   [441856]
O44 - LFC:[MD5.EC08E38751854C5B8899139B7DD29FF9] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - DLL de gestion d'utilisateur local et de co.) -- C:\Windows\SysNative\msrating.dll   [197120]
O44 - LFC:[MD5.EC08E38751854C5B8899139B7DD29FF9] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - DLL de gestion d'utilisateur local et de co.) -- C:\Windows\System32\msrating.dll   [197120]
O44 - LFC:[MD5.D8076F8A3C34064582035AE6696DC34A] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - DLL du Gestionnaire de licences Microsoft®.) -- C:\Windows\SysNative\licmgr10.dll   [27648]
O44 - LFC:[MD5.D8076F8A3C34064582035AE6696DC34A] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - DLL du Gestionnaire de licences Microsoft®.) -- C:\Windows\System32\licmgr10.dll   [27648]
O44 - LFC:[MD5.D28B35DE88D27EFB27DF4B1E8319E3C0] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\SysNative\wininet.dll   [2241024]
O44 - LFC:[MD5.D28B35DE88D27EFB27DF4B1E8319E3C0] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll   [2241024]
O44 - LFC:[MD5.882AC0DD997CFC90FBB468D698BD55C6] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysNative\urlmon.dll   [1365504]
O44 - LFC:[MD5.882AC0DD997CFC90FBB468D698BD55C6] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll   [1365504]
O44 - LFC:[MD5.A80B91A93EDFFDE3DD2646D6E4CDDC44] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\SysNative\iesetup.dll   [67072]
O44 - LFC:[MD5.A80B91A93EDFFDE3DD2646D6E4CDDC44] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll   [67072]
O44 - LFC:[MD5.402D797A7905DC3C6FE11E75CD5252EB] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Internet Shortcut Shell Extension DLL.) -- C:\Windows\SysNative\url.dll   [235008]
O44 - LFC:[MD5.402D797A7905DC3C6FE11E75CD5252EB] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Internet Shortcut Shell Extension DLL.) -- C:\Windows\System32\url.dll   [235008]
O44 - LFC:[MD5.16A3E229F60FA4B05573A0937AB3C3CB] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\SysNative\jsproxy.dll   [53248]
O44 - LFC:[MD5.16A3E229F60FA4B05573A0937AB3C3CB] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll   [53248]
O44 - LFC:[MD5.E1055A7FAD39F1F7C44F6152044056EA] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Microsoft (R) HTML Media DLL.) -- C:\Windows\SysNative\mshtmlmedia.dll   [905728]
O44 - LFC:[MD5.E1055A7FAD39F1F7C44F6152044056EA] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Microsoft (R) HTML Media DLL.) -- C:\Windows\System32\mshtmlmedia.dll   [905728]
O44 - LFC:[MD5.214E39F0A8E382F1889B26B46DE0AF81] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\SysNative\msfeeds.dll   [603136]
O44 - LFC:[MD5.214E39F0A8E382F1889B26B46DE0AF81] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll   [603136]
O44 - LFC:[MD5.23556D116D5FB93395B2A648EEB24251] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Microsoft Information Card IE Helper.) -- C:\Windows\SysNative\icardie.dll   [81408]
O44 - LFC:[MD5.23556D116D5FB93395B2A648EEB24251] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Microsoft Information Card IE Helper.) -- C:\Windows\System32\icardie.dll   [81408]
O44 - LFC:[MD5.112183DF91C9BAECB498E4A86ECDE598] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Microsoft Line Services library file.) -- C:\Windows\SysNative\msls31.dll   [216064]
O44 - LFC:[MD5.112183DF91C9BAECB498E4A86ECDE598] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Microsoft Line Services library file.) -- C:\Windows\System32\msls31.dll   [216064]
O44 - LFC:[MD5.8C3D32A4A46326031309A43C52539D7F] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter Data File.) -- C:\Windows\SysNative\ieapfltr.dat   [1400416]
O44 - LFC:[MD5.8C3D32A4A46326031309A43C52539D7F] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter Data File.) -- C:\Windows\System32\ieapfltr.dat   [1400416]
O44 - LFC:[MD5.1456EECCB5CF6B91513200F95D61706E] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\SysNative\ieapfltr.dll   [762368]
O44 - LFC:[MD5.1456EECCB5CF6B91513200F95D61706E] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll   [762368]
O44 - LFC:[MD5.4CFBEC37E4FAD530E623E1541E1EA958] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\SysNative\vbscript.dll   [599552]
O44 - LFC:[MD5.4CFBEC37E4FAD530E623E1541E1EA958] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll   [599552]
O44 - LFC:[MD5.2AAE2B8FED8390879C2369FC63F7001F] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\SysNative\mshtmled.dll   [97280]
O44 - LFC:[MD5.2AAE2B8FED8390879C2369FC63F7001F] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll   [97280]
O44 - LFC:[MD5.990235D752A40F5F8243ED537FAB2035] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\SysNative\mshtml.tlb   [2706432]
O44 - LFC:[MD5.990235D752A40F5F8243ED537FAB2035] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb   [2706432]
O44 - LFC:[MD5.4E426A67C46379B75A5E671B46FC07F6] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Moteur d'installation.) -- C:\Windows\SysNative\inseng.dll   [102912]
O44 - LFC:[MD5.4E426A67C46379B75A5E671B46FC07F6] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Moteur d'installation.) -- C:\Windows\System32\inseng.dll   [102912]
O44 - LFC:[MD5.D92F386A70534CF473C5695E3245840C] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) -- C:\Windows\SysNative\ieUnatt.exe   [173568]
O44 - LFC:[MD5.D92F386A70534CF473C5695E3245840C] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) -- C:\Windows\System32\ieUnatt.exe   [173568]
O44 - LFC:[MD5.ADE73A865A5F136E84F49BB6B1627C6E] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\SysNative\inetcpl.cpl   [1509376]
O44 - LFC:[MD5.ADE73A865A5F136E84F49BB6B1627C6E] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl   [1509376]
O44 - LFC:[MD5.D0F66CFAED5B85543216EF526D380B8B] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\SysNative\iedkcs32.dll   [270848]
O44 - LFC:[MD5.D0F66CFAED5B85543216EF526D380B8B] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll   [270848]
O44 - LFC:[MD5.4163195B6D07D3434BDEA78C293B7E0E] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Registers custom PKEYs for IE.) -- C:\Windows\SysNative\RegisterIEPKEYs.exe   [89600]
O44 - LFC:[MD5.4163195B6D07D3434BDEA78C293B7E0E] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Registers custom PKEYs for IE.) -- C:\Windows\System32\RegisterIEPKEYs.exe   [89600]
O44 - LFC:[MD5.199BD40B1890E1EEFF7438B59787534F] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\SysNative\iertutil.dll   [2647552]
O44 - LFC:[MD5.199BD40B1890E1EEFF7438B59787534F] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll   [2647552]
O44 - LFC:[MD5.38CFAC1BAFEBC8B0AF8A22093803D38E] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\SysNative\iernonce.dll   [39936]
O44 - LFC:[MD5.38CFAC1BAFEBC8B0AF8A22093803D38E] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\System32\iernonce.dll   [39936]
O44 - LFC:[MD5.C4DDAC3F3062739C4C2BB759B36E005D] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\SysNative\ie4uinit.exe   [51712]
O44 - LFC:[MD5.C4DDAC3F3062739C4C2BB759B36E005D] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe   [51712]
O44 - LFC:[MD5.F026C6F104758D0EB215B017016FAE27] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysNative\mshtml.dll   [19252224]
O44 - LFC:[MD5.F026C6F104758D0EB215B017016FAE27] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll   [19252224]
O44 - LFC:[MD5.D9C10A4A0B3411146E6FC8936B079934] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Wizard.) -- C:\Windows\SysNative\iexpress.exe   [167424]
O44 - LFC:[MD5.D9C10A4A0B3411146E6FC8936B079934] - 16/10/2013 - 00:01:03 ---A- . (.Microsoft Corporation - Wizard.) -- C:\Windows\System32\iexpress.exe   [167424]
O44 - LFC:[MD5.3531FA12A76A32ECECD972196775DF7C] - 16/10/2013 - 00:01:05 ---A- . (.Microsoft Corporation - ELS Hyphenation Service.) -- C:\Windows\SysNative\elshyph.dll   [226304]
O44 - LFC:[MD5.3531FA12A76A32ECECD972196775DF7C] - 16/10/2013 - 00:01:05 ---A- . (.Microsoft Corporation - ELS Hyphenation Service.) -- C:\Windows\System32\elshyph.dll   [226304]
O44 - LFC:[MD5.5051BB40FFB2BA4870C0A059CA03294F] - 16/10/2013 - 00:01:05 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe   [1054720]
O44 - LFC:[MD5.5051BB40FFB2BA4870C0A059CA03294F] - 16/10/2013 - 00:01:05 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe   [1054720]
O44 - LFC:[MD5.D3AA45FF6E941EB35B9100A3FF5EC385] - 16/10/2013 - 19:56:13 ---A- . (...) -- C:\log2.txt   [115]
O44 - LFC:[MD5.B7AE3E688D32C43954CFB490A2EF16C3] - 16/10/2013 - 20:02:30 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI   [1662638]
O44 - LFC:[MD5.2CE9FAAB99ACFFC1B0901AEC8E594F85] - 16/10/2013 - 20:02:30 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat   [121308]
O44 - LFC:[MD5.A8A053D4A4054162451905AAD6E60580] - 16/10/2013 - 20:02:30 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat   [149020]
O44 - LFC:[MD5.7D73EF621C8809DD5461E8BC72650F10] - 16/10/2013 - 20:02:30 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat   [652376]
O44 - LFC:[MD5.15607BCE7BAC03F743240D23D3ED63DB] - 16/10/2013 - 20:02:30 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat   [745534]
O44 - LFC:[MD5.B7AE3E688D32C43954CFB490A2EF16C3] - 16/10/2013 - 20:02:30 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1662638]
O44 - LFC:[MD5.2CE9FAAB99ACFFC1B0901AEC8E594F85] - 16/10/2013 - 20:02:30 ---A- . (...) -- C:\Windows\System32\perfc009.dat   [121308]
O44 - LFC:[MD5.A8A053D4A4054162451905AAD6E60580] - 16/10/2013 - 20:02:30 ---A- . (...) -- C:\Windows\System32\perfc00C.dat   [149020]
O44 - LFC:[MD5.7D73EF621C8809DD5461E8BC72650F10] - 16/10/2013 - 20:02:30 ---A- . (...) -- C:\Windows\System32\perfh009.dat   [652376]
O44 - LFC:[MD5.15607BCE7BAC03F743240D23D3ED63DB] - 16/10/2013 - 20:02:30 ---A- . (...) -- C:\Windows\System32\perfh00C.dat   [745534]
O44 - LFC:[MD5.139245367EF592F970245F34E6CC1F1F] - 16/10/2013 - 20:31:52 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.C092B6E60EC471F142ECE87A7EF03580] - 16/10/2013 - 20:32:00 ----- . (...) -- C:\Windows\WindowsUpdate.log   [1571104]
O44 - LFC:[MD5.9B778DD0E2F12EC53207AAE09EFEC101] - 16/10/2013 - 20:54:48 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0   [32064]
O44 - LFC:[MD5.9B778DD0E2F12EC53207AAE09EFEC101] - 16/10/2013 - 20:54:48 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0   [32064]
~ Files: 173 Scanned in 01mn 04s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.EB2B4E5C62F55BA8585BC8554FAC0076] - 06/10/2013 - 17:18:16 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-D5170E12.pf
O45 - LFCP:[MD5.7157B5B2D7BF8DB3F11900C60805F509] - 07/10/2013 - 18:24:23 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2068963316-1541744968-104418768-1003.db
O45 - LFCP:[MD5.73C178D99D69CADAD755D2DD331CF08E] - 07/10/2013 - 18:24:23 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2068963316-1541744968-104418768-1003.db
O45 - LFCP:[MD5.734E22BB2B42C1CABAC7A18D11450A71] - 09/10/2013 - 10:23:25 ---A- - C:\Windows\Prefetch\FLASHPLAYERINSTALLER.EXE-21C59411.pf
O45 - LFCP:[MD5.9BB9991564FCA6B3AD8F7961F4B3B15C] - 10/10/2013 - 23:47:23 ---A- - C:\Windows\Prefetch\NGEN.EXE-EC3F9239.pf
O45 - LFCP:[MD5.698295C864B6087659B7D33B21507E07] - 10/10/2013 - 23:48:39 ---A- - C:\Windows\Prefetch\WEVTUTIL.EXE-EF5861C4.pf
O45 - LFCP:[MD5.9865D2D2A63FD3848DF22F7EF2880343] - 10/10/2013 - 23:48:40 ---A- - C:\Windows\Prefetch\WEVTUTIL.EXE-400D93E8.pf
O45 - LFCP:[MD5.200ED05766210C1B0710F6C2371D07B3] - 10/10/2013 - 23:53:15 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-E09A077A.pf
O45 - LFCP:[MD5.314F102084F773111D3C875194A8084E] - 10/10/2013 - 23:54:13 ---A- - C:\Windows\Prefetch\ADDINUTIL.EXE-E4104A95.pf
O45 - LFCP:[MD5.FCCA0A408BCB67D4A49DC6AAC03DC43E] - 11/10/2013 - 19:22:22 ---A- - C:\Windows\Prefetch\SCHED.EXE-CD2C25D2.pf
O45 - LFCP:[MD5.56C29188F610D6A8F7F04F05856B6B02] - 11/10/2013 - 19:24:08 ---A- - C:\Windows\Prefetch\AgCx_SC4.db
O45 - LFCP:[MD5.313AFFED204C60BF31821E8FC1B76B5E] - 11/10/2013 - 19:35:59 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-B2EB1806.pf
O45 - LFCP:[MD5.C957581BC764FAE0AFFCBACA5A894B38] - 12/10/2013 - 05:29:06 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.52CC879FF4F04C587A6D24E6DD0AA1A7] - 12/10/2013 - 05:29:16 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7AC6742A.pf
O45 - LFCP:[MD5.68850EC7721A4AF24FE40BBE63357D1B] - 12/10/2013 - 05:31:55 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-588F90AD.pf
O45 - LFCP:[MD5.106C33F9EB531F02BC71BE8C72C91E69] - 12/10/2013 - 05:32:14 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-411A328D.pf
O45 - LFCP:[MD5.CFD0F802094E4543C29F0427701A03B3] - 12/10/2013 - 08:15:22 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-3AB35CA7.pf
O45 - LFCP:[MD5.C887D8A1F9801A9D05C42CF41D1DBAE7] - 13/10/2013 - 09:59:18 ---A- - C:\Windows\Prefetch\AVSHADOW.EXE-04DD2548.pf
O45 - LFCP:[MD5.9057A5DA7BE19B4A0661EB8210093C20] - 13/10/2013 - 09:59:18 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:[MD5.7EF7B4D83E4553A0DB326C0DE41274BC] - 13/10/2013 - 19:00:00 ---A- - C:\Windows\Prefetch\WSQMCONS.EXE-118B52B7.pf
O45 - LFCP:[MD5.D430E05C12284EEFC38FD756A0DF373D] - 13/10/2013 - 19:42:32 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-4F28A26F.pf
O45 - LFCP:[MD5.427B31F343C3595718E5A198AE893276] - 14/10/2013 - 18:46:56 ---A- - C:\Windows\Prefetch\LOL.LAUNCHER.EXE-4C860503.pf
O45 - LFCP:[MD5.ED2A8D6AD1BD0EBD229046C0FE5CDCCF] - 14/10/2013 - 18:47:06 ---A- - C:\Windows\Prefetch\RADS_USER_KERNEL.EXE-9DAAF573.pf
O45 - LFCP:[MD5.F6B007B02E2E33EDA4ABCB790204C884] - 14/10/2013 - 18:47:07 ---A- - C:\Windows\Prefetch\PMB.EXE-3F581971.pf
O45 - LFCP:[MD5.91DAE55B42E67B344CD3798AE6894255] - 14/10/2013 - 22:58:19 ---A- - C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf
O45 - LFCP:[MD5.F78D87DAF53B88F70D2326D200B66CCB] - 15/10/2013 - 14:10:26 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.055773061BF3D13CABB9B406E20B0718] - 15/10/2013 - 14:13:32 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.C20C4047618116959CC5D20A1B18FAC2] - 15/10/2013 - 14:26:03 ---A- - C:\Windows\Prefetch\MPSIGSTUB.EXE-6CB27A06.pf
O45 - LFCP:[MD5.24CAB67CDB7794528C1D636289E07922] - 15/10/2013 - 15:59:43 ---A- - C:\Windows\Prefetch\JP2LAUNCHER.EXE-6240744E.pf
O45 - LFCP:[MD5.D529F7AA9D3BE79CB985EF1930209580] - 15/10/2013 - 18:41:45 ---A- - C:\Windows\Prefetch\REALSCHED.EXE-5D662E50.pf
O45 - LFCP:[MD5.CD4453011917B166AA88F8CB922C8016] - 15/10/2013 - 20:10:39 ---A- - C:\Windows\Prefetch\AVNOTIFY.EXE-377AF47F.pf
O45 - LFCP:[MD5.72C51FC20929920587478D661F4A835B] - 15/10/2013 - 21:42:11 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2068963316-1541744968-104418768-1000.db
O45 - LFCP:[MD5.7ECF55170378AA62C715B50DF5EA495F] - 15/10/2013 - 21:42:11 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2068963316-1541744968-104418768-1000.db
O45 - LFCP:[MD5.62B5C3BDDCC50EFCB0D3ADFD3CB8971A] - 15/10/2013 - 22:05:48 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-76936ED5.pf
O45 - LFCP:[MD5.7FEB84411A633AFF8A5C3E846E4EE545] - 15/10/2013 - 22:34:36 ---A- - C:\Windows\Prefetch\OSE.EXE-2B23CA4C.pf
O45 - LFCP:[MD5.EA791A2716A072AC4DB23DE4B4849B4F] - 15/10/2013 - 23:40:10 ---A- - C:\Windows\Prefetch\HPCEE.EXE-6A33E4FB.pf
O45 - LFCP:[MD5.DC262090B38853296907BDE75C4C5F87] - 15/10/2013 - 23:57:53 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf
O45 - LFCP:[MD5.8E9362F135D8D3BF790F18D5F6D0F940] - 15/10/2013 - 23:57:55 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf
O45 - LFCP:[MD5.50B4DB1A204E661F26D88E8AED3E42D2] - 15/10/2013 - 23:57:55 ---A- - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf
O45 - LFCP:[MD5.FFD138DF99AA1D7D7FE41CAB913A8885] - 16/09/2013 - 18:56:02 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-1A237692.pf
O45 - LFCP:[MD5.40CCD95C7DE55ADBDFC577FF5283889F] - 16/10/2013 - 00:06:33 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.3887D08811007958B2D78A02392CFC4E] - 16/10/2013 - 18:58:27 ---A- - C:\Windows\Prefetch\UPDATE.EXE-0D8A637E.pf
O45 - LFCP:[MD5.1EFC5C7B022D253E6BE165718C09ABC9] - 16/10/2013 - 18:58:27 ---A- - C:\Windows\Prefetch\UPDRGUI.EXE-D0FBFF97.pf
O45 - LFCP:[MD5.9CA690F331142C4CA1D22FD77FD6CBB0] - 16/10/2013 - 18:59:29 ---A- - C:\Windows\Prefetch\LPKSETUP.EXE-90F505D8.pf
O45 - LFCP:[MD5.CDB8E304B6BDEFAEA4969F846C5EAD3F] - 16/10/2013 - 19:00:13 ---A- - C:\Windows\Prefetch\CSC.EXE-A3B8D95D.pf
O45 - LFCP:[MD5.F5B5B1B0B3B2F5A0B721C8DDB03A01A4] - 16/10/2013 - 19:00:13 ---A- - C:\Windows\Prefetch\CVTRES.EXE-069169FB.pf
O45 - LFCP:[MD5.7288E6251E31A5FD3E8A9434573CBF26] - 16/10/2013 - 19:01:02 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-A2D55CB6.pf
O45 - LFCP:[MD5.5EE129274314BDE134B716985DEAE8EA] - 16/10/2013 - 19:02:42 ---A- - C:\Windows\Prefetch\HPWUSCHD2.EXE-DE9C9D03.pf
O45 - LFCP:[MD5.925B862ADA7998518FCE76D9E1A8F8C3] - 16/10/2013 - 19:02:50 ---A- - C:\Windows\Prefetch\HPOSD.EXE-EAAD9E22.pf
O45 - LFCP:[MD5.C0F7B64F65083D47C739AC70543DFD6A] - 16/10/2013 - 19:02:51 ---A- - C:\Windows\Prefetch\ADOBEARM.EXE-7105D3A2.pf
O45 - LFCP:[MD5.6C1D2F006E9F45183EF7983B843A6F65] - 16/10/2013 - 19:02:52 ---A- - C:\Windows\Prefetch\EZRECOVER.EXE-E7109CC0.pf
O45 - LFCP:[MD5.B030ECB36BAE72E36BA0AB638B6941DF] - 16/10/2013 - 19:03:09 ---A- - C:\Windows\Prefetch\HPTASKBAR3.EXE-A6188DE5.pf
O45 - LFCP:[MD5.8BDA8F4EE3D9561ACBF0FA0F93763F37] - 16/10/2013 - 19:03:19 ---A- - C:\Windows\Prefetch\HPTASKBAR2.EXE-92C2D360.pf
O45 - LFCP:[MD5.500FDA6B59B0F76EC3CDCA9E2F8630C6] - 16/10/2013 - 19:07:43 ---A- - C:\Windows\Prefetch\UPDATERSTARTUPUTILITY.EXE-E056967B.pf
O45 - LFCP:[MD5.73E300DC9577D703FD3DA531CB0656C7] - 16/10/2013 - 19:20:49 ---A- - C:\Windows\Prefetch\WINWORD.EXE-7D220BFE.pf
O45 - LFCP:[MD5.7A5078E39D439BE120B4138924D5956E] - 16/10/2013 - 19:41:06 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf
O45 - LFCP:[MD5.FE985B0AD5BFAE09681E26AE912530BD] - 16/10/2013 - 19:41:14 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-F401FBB4.pf
O45 - LFCP:[MD5.0F5132D255D6C79FCA0A85D975A26215] - 16/10/2013 - 19:52:59 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
O45 - LFCP:[MD5.83A22FA02FA9DBAB0BA790E5CFEF866D] - 16/10/2013 - 19:54:24 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-8461DBEE.pf
O45 - LFCP:[MD5.59EAC619B36417D29B9FBD9C0E6FFC67] - 16/10/2013 - 19:56:59 ---A- - C:\Windows\Prefetch\CMD.EXE-4A81B364.pf
O45 - LFCP:[MD5.BD77C099E87BCEC8677559EAC3AD110A] - 16/10/2013 - 19:58:00 ---A- - C:\Windows\Prefetch\SYNTPENH.EXE-E6DC1353.pf
O45 - LFCP:[MD5.CEEF28E81CC856CD4B8F3DF3FFABE8B1] - 16/10/2013 - 19:58:11 ---A- - C:\Windows\Prefetch\BCSSYNC.EXE-44FEF475.pf
O45 - LFCP:[MD5.BFAC1AE2E80E632B43546A32D52DAAA4] - 16/10/2013 - 19:58:13 ---A- - C:\Windows\Prefetch\SYNTPHELPER.EXE-0A20AAC4.pf
O45 - LFCP:[MD5.026F0953A3321A8A32855E510C060D52] - 16/10/2013 - 19:58:14 ---A- - C:\Windows\Prefetch\HPQWUTILS.EXE-EFBF4691.pf
O45 - LFCP:[MD5.C64CB045B0D9B2DBDAD503DB371FADD2] - 16/10/2013 - 19:58:16 ---A- - C:\Windows\Prefetch\AVGNT.EXE-DB62B80F.pf
O45 - LFCP:[MD5.B6EAD695E599CBBD08D21CF2AC4162A9] - 16/10/2013 - 19:58:17 ---A- - C:\Windows\Prefetch\HPMSGSVC.EXE-673FC6EC.pf
O45 - LFCP:[MD5.1A675D422549C00CFADB306F1141954A] - 16/10/2013 - 19:58:17 ---A- - C:\Windows\Prefetch\JUSCHED.EXE-60F1FB86.pf
O45 - LFCP:[MD5.728C3DEC17414AF5208B811F0AE81E7F] - 16/10/2013 - 19:58:19 ---A- - C:\Windows\Prefetch\CS6SERVICEMANAGER.EXE-87BC6064.pf
O45 - LFCP:[MD5.A9B49078583FB5F32F8159F24E9BB1F0] - 16/10/2013 - 19:58:29 ---A- - C:\Windows\Prefetch\READER_SL.EXE-B1C62096.pf
O45 - LFCP:[MD5.A97998F18CDA00E520DE0B7557854CBB] - 16/10/2013 - 19:58:36 ---A- - C:\Windows\Prefetch\HPQWMIEX.EXE-FAAC8C6F.pf
O45 - LFCP:[MD5.8190B32474672AE49A757DF588370A76] - 16/10/2013 - 19:59:03 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf
O45 - LFCP:[MD5.B07610CA8828021A79473C39703570E9] - 16/10/2013 - 19:59:06 ---A- - C:\Windows\Prefetch\REALPLAY.EXE-BBD23B10.pf
O45 - LFCP:[MD5.38511565BA863F96C938688DB044C69A] - 16/10/2013 - 19:59:14 ---A- - C:\Windows\Prefetch\IPMGUI.EXE-F9CAB886.pf
O45 - LFCP:[MD5.5D88C582C8E61AED0DDA2C29C6ABC795] - 16/10/2013 - 19:59:31 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-57D17DAF.pf
O45 - LFCP:[MD5.66106555C7E04C37FCAF4BEEFF54BA5E] - 16/10/2013 - 19:59:32 ---A- - C:\Windows\Prefetch\MOM.EXE-42E9F9DF.pf
O45 - LFCP:[MD5.F0448813B95BD90D0434A54A4F294A30] - 16/10/2013 - 19:59:41 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-D9F2A96F.pf
O45 - LFCP:[MD5.67A2CB6DD6FE8BABC0AA28A3AD5FEB8D] - 16/10/2013 - 19:59:45 ---A- - C:\Windows\Prefetch\HPSA_SERVICE.EXE-AD6579F0.pf
O45 - LFCP:[MD5.C2954A6A11C7031659828801D023C6F8] - 16/10/2013 - 19:59:48 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-C871F054.pf
O45 - LFCP:[MD5.D098FCFE9F5BADFF15284B6D1034BA07] - 16/10/2013 - 20:00:16 ---A- - C:\Windows\Prefetch\CCC.EXE-B637C9BF.pf
O45 - LFCP:[MD5.74EF31C975A29777750C4DA9B30C816A] - 16/10/2013 - 20:00:17 ---A- - C:\Windows\Prefetch\IASTORDATAMGRSVC.EXE-C086B157.pf
O45 - LFCP:[MD5.7FDFE9E3F31095CC9BBF0F3CD90E2DE8] - 16/10/2013 - 20:00:24 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf
O45 - LFCP:[MD5.10256E620D4532E707C2FFA2C72F27C2] - 16/10/2013 - 20:00:26 ---A- - C:\Windows\Prefetch\LMS.EXE-8C70F87D.pf
O45 - LFCP:[MD5.C84483128E0B77C1908C2B3A35037431] - 16/10/2013 - 20:00:26 ---A- - C:\Windows\Prefetch\RICONMAN.EXE-9FED550E.pf
O45 - LFCP:[MD5.4604F8FDF9AF1486F1855C63A9888D91] - 16/10/2013 - 20:00:27 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-05F624AB.pf
O45 - LFCP:[MD5.D3B757FE4FE2C51ACE7D13C13D40FD3C] - 16/10/2013 - 20:00:33 ---A- - C:\Windows\Prefetch\MMLOADDRV.EXE-4072A3B8.pf
O45 - LFCP:[MD5.09A3A191484CC9C7AE432A3FC7FF1ED5] - 16/10/2013 - 20:00:51 ---A- - C:\Windows\Prefetch\HPSF.EXE-C90ABEF1.pf
O45 - LFCP:[MD5.242787CAB8749A56FF4428F126A42717] - 16/10/2013 - 20:01:08 ---A- - C:\Windows\Prefetch\UNS.EXE-E6E49771.pf
O45 - LFCP:[MD5.7EA4FC13C7A459E373CD00D4AEC3C307] - 16/10/2013 - 20:01:48 ---A- - C:\Windows\Prefetch\PRESENTATIONFONTCACHE.EXE-73BE9E78.pf
O45 - LFCP:[MD5.5D5EEB70DB158BE3DAEB4FCE1D63F9FF] - 16/10/2013 - 20:01:48 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-E2C2633A.pf
O45 - LFCP:[MD5.C7A20835FDAE23A69007D7A477FF178D] - 16/10/2013 - 20:01:59 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf
O45 - LFCP:[MD5.C87E2A4DED7D3EA064B498F9F802AA4F] - 16/10/2013 - 20:03:10 ---A- - C:\Windows\Prefetch\JAVA.EXE-07FE5A9A.pf
O45 - LFCP:[MD5.F35C83466A74FEE7044005B25B51A0CA] - 16/10/2013 - 20:04:47 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf
O45 - LFCP:[MD5.057C9ADFCF0A508AE7635E45D3C2B2C2] - 16/10/2013 - 20:09:31 ---A- - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf
O45 - LFCP:[MD5.3D9E3532F8C59F6808303CC9EAE0D2C2] - 16/10/2013 - 20:12:02 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-216D9C35.pf
O45 - LFCP:[MD5.A4F4CDE58C6E5CF7ABE0FFA4E3BB5F09] - 16/10/2013 - 20:12:33 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
O45 - LFCP:[MD5.FC37DDA514A7F55C595B6AE9A158EBFF] - 16/10/2013 - 20:20:15 ---A- - C:\Windows\Prefetch\WIRELESSOFFMSG.EXE-286C32A5.pf
O45 - LFCP:[MD5.E32FE9CAA5C0AF8EFA6261C353298BFA] - 16/10/2013 - 20:21:02 ---A- - C:\Windows\Prefetch\VLC.EXE-CC6F4A79.pf
O45 - LFCP:[MD5.0215FCBC54D98B8451D3BDA10663FDB0] - 16/10/2013 - 20:25:01 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-B95715F5.pf
O45 - LFCP:[MD5.6285DC0462AD11B181FC3282B9A57A7F] - 16/10/2013 - 20:25:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf
O45 - LFCP:[MD5.8B0901C409380853CE3E3C0963C1B8BD] - 16/10/2013 - 20:30:19 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf
O45 - LFCP:[MD5.9E5832B197E6DA0291D5A3996C1D4AC7] - 16/10/2013 - 20:30:26 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-DE9673F9.pf
O45 - LFCP:[MD5.2565F3158E09125A89FBEA842EEFE69F] - 16/10/2013 - 20:31:59 ---A- - C:\Windows\Prefetch\INSTALLCLICK-CONNECTOR.EXE-A20B91AB.pf
O45 - LFCP:[MD5.7B074C8F258DDAC6EBC56375A44D8974] - 16/10/2013 - 20:32:02 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf
O45 - LFCP:[MD5.D69EE5E002C4D0EACB90665542BACABF] - 16/10/2013 - 20:32:22 ---A- - C:\Windows\Prefetch\IGFXSRVC.EXE-96A493A4.pf
O45 - LFCP:[MD5.ED03E7C9C0216B74AD2FB394DD297D47] - 16/10/2013 - 20:33:20 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.05CE1A28C78AA429A892C47E2E974579] - 16/10/2013 - 20:33:20 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.8A6ACD695ED68BA96C2F669C31C90D9D] - 16/10/2013 - 20:33:21 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.562CC51E699434369BE58E63BB67CCF7] - 16/10/2013 - 20:33:21 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.E65D5A14862F79DCFDEC79DB1EFF7481] - 16/10/2013 - 20:34:06 ---A- - C:\Windows\Prefetch\AgCx_SC2.db
O45 - LFCP:[MD5.03BD67D3108A647400B3408D71E9E40A] - 16/10/2013 - 20:37:00 ---A- - C:\Windows\Prefetch\SDCLT.EXE-E10B972A.pf
O45 - LFCP:[MD5.1BF58E471B8171A6CB95CD5F2A2873B0] - 16/10/2013 - 20:39:23 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf
O45 - LFCP:[MD5.B1F69A386B8418152626555687BCF341] - 16/10/2013 - 20:48:37 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf
O45 - LFCP:[MD5.B7DD4BE6C5E2166C3F6486EA07041011] - 16/10/2013 - 20:49:52 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf
O45 - LFCP:[MD5.D92776AF7FE472C0B46BFC87F62DDC00] - 16/10/2013 - 20:49:53 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-B0F8131B.pf
O45 - LFCP:[MD5.856691C437D07E51D6D66289935C3BE2] - 16/10/2013 - 20:51:39 ---A- - C:\Windows\Prefetch\CMD.EXE-AC113AA8.pf
O45 - LFCP:[MD5.1C8E9CC266B66115FD50E9E2E648EC42] - 16/10/2013 - 20:51:40 ---A- - C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf
O45 - LFCP:[MD5.6C83169893F8195A0BA4EA741E328BE5] - 16/10/2013 - 20:51:55 ---A- - C:\Windows\Prefetch\AVWSC.EXE-9DE67EBB.pf
O45 - LFCP:[MD5.3EFE1FEF7BFD113041C04D3F17DC69F5] - 16/10/2013 - 20:54:09 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf
O45 - LFCP:[MD5.94BD026DF65E7AD8B1B0C5F8D4010F1D] - 16/10/2013 - 20:54:17 ---A- - C:\Windows\Prefetch\CHROME.EXE-D92F9AE7.pf
O45 - LFCP:[MD5.7B289F929969A07008E2026B92C3F139] - 24/09/2013 - 05:53:38 ---A- - C:\Windows\Prefetch\AgCx_SC3_D628CBDA44CEE202.db
O45 - LFCP:[MD5.9A8F15E04C0FCB466D3BE5ECD2376440] - 27/09/2013 - 17:39:44 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-02CC9EFF.pf
O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 27/10/2224 - 17:31:36 ----D - C:\Windows\Prefetch\ReadyBoot
~ Prefetcher: 122 Scanned in 00mn 03s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{13bdc4cb-4f47-11e2-96fc-80c16e3cedf5}\AutoRun\command. (.Capcom - Remember Me Setup.) -- G:\setup.exe
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.mjpg"="bdmjpeg64.dll" . (...) -- C:\Windows\System32\bdmjpeg64.dll
O52 - TDSD: \Drivers32\"vidc.mpeg"="bdmpegv64.dll" . (...) -- C:\Windows\System32\bdmpegv64.dll
O52 - TDSD: \Drivers32\"msacm.bdmpeg"="bdmpega64.acm" . (...) -- C:\Windows\System32\bdmpega64.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"bdmjpeg64.dll"="Bandi Motion Jpeg" . (...) -- C:\Windows\System32\bdmjpeg64.dll
O52 - TDSD: \drivers.desc\"bdmpegv64.dll"="Bandi MPEG-1 Video" . (...) -- C:\Windows\System32\bdmpegv64.dll
O52 - TDSD: \drivers.desc\"bdmpega64.acm"="Bandi MPEG-1 Audio" . (...) -- C:\Windows\System32\bdmpega64.acm
~ TDSD: 8 Scanned in 00mn 01s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "HideFastUserSwitching"=0
~ MWPS: 17 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "EnableShellExecuteHooks"=1
~ MWPE Keys: 5 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [491088]
~ Drivers: 17 Scanned in 00mn 01s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 13/10/2013 - 21:55:42 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\daemon.debug.log.131013_085843.sent   [613]
O61 - LFC: 13/10/2013 - 21:55:42 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131012_235154.sent   [683]
O61 - LFC: 13/10/2013 - 21:55:42 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131013_005155.sent   [681]
O61 - LFC: 13/10/2013 - 21:55:42 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131013_085851.sent   [1246]
O61 - LFC: 13/10/2013 - 21:55:42 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131013_095852.sent   [796]
O61 - LFC: 13/10/2013 - 21:55:42 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131013_105853.sent   [682]
O61 - LFC: 13/10/2013 - 21:55:42 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131013_115854.sent   [1258]
O61 - LFC: 13/10/2013 - 21:55:42 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131013_125854.sent   [682]
O61 - LFC: 13/10/2013 - 21:55:42 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131013_135855.sent   [105]
O61 - LFC: 13/10/2013 - 21:55:42 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131013_145855.sent   [682]
O61 - LFC: 13/10/2013 - 21:55:42 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131013_155856.sent   [681]
O61 - LFC: 13/10/2013 - 21:55:42 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131013_165857.sent   [681]
O61 - LFC: 13/10/2013 - 21:55:42 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131013_175858.sent   [1257]
O61 - LFC: 13/10/2013 - 21:55:42 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131013_185858.sent   [682]
O61 - LFC: 13/10/2013 - 21:55:42 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131013_195859.sent   [681]
O61 - LFC: 13/10/2013 - 21:55:42 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131013_205859.sent   [681]
O61 - LFC: 13/10/2013 - 21:55:42 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131013_215900.sent   [930]
O61 - LFC: 13/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131013_225900.sent   [683]
O61 - LFC: 13/10/2013 - 22:00:36 ---A- . (...) -- C:\Users\Bill Gates\Documents\Triade Database\Nicolas River\Série Mr. Malone\Biographie de Mr. Malone\Biographie de Mr. Malone.docx   [54357]
O61 - LFC: 13/10/2013 - 22:00:36 ---A- . (...) -- C:\Users\Bill Gates\Documents\Triade Database\Nicolas River\Série Mr. Malone\L'Envol du Papillon\L'Envol du Papillon.docx   [80521]
O61 - LFC: 14/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131014_065345.sent   [706]
O61 - LFC: 14/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131014_173948.sent   [1199]
O61 - LFC: 14/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131014_183948.sent   [1043]
O61 - LFC: 14/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131014_193948.sent   [681]
O61 - LFC: 14/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131014_203948.sent   [681]
O61 - LFC: 14/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131014_213949.sent   [681]
O61 - LFC: 14/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131014_223950.sent   [682]
O61 - LFC: 14/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak   [226082]
O61 - LFC: 14/10/2013 - 22:00:36 ---A- . (...) -- C:\Users\Bill Gates\Documents\Triade Database\Nicolas River\Série Mr. Malone\Biographie de Mr. Malone\Mr. Malone.docx   [17476]
O61 - LFC: 14/10/2013 - 22:03:28 ---A- . (...) -- C:\Users\Bill Gates\Downloads\Eminem - Rap God (Audio).mp3   [5863289]
O61 - LFC: 15/10/2013 - 21:55:41 ---A- . (...) -- C:\Users\Bill Gates\.recently-used.xbel   [742]
O61 - LFC: 15/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131015_052258.sent   [476]
O61 - LFC: 15/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131015_131011.sent   [885]
O61 - LFC: 15/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131015_141012.sent   [105]
O61 - LFC: 15/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131015_151012.sent   [680]
O61 - LFC: 15/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131015_161012.sent   [681]
O61 - LFC: 15/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131015_171013.sent   [681]
O61 - LFC: 15/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131015_181014.sent   [681]
O61 - LFC: 15/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131015_191014.sent   [10858]
O61 - LFC: 15/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131015_201014.sent   [681]
O61 - LFC: 15/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131015_211015.sent   [1257]
O61 - LFC: 15/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131015_221016.sent   [2986]
O61 - LFC: 15/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old   [151]
O61 - LFC: 15/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old   [272]
O61 - LFC: 15/10/2013 - 21:57:07 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old   [12314]
O61 - LFC: 15/10/2013 - 21:57:07 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Shortcuts   [12288]
O61 - LFC: 15/10/2013 - 21:57:07 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal   [16384]
O61 - LFC: 15/10/2013 - 21:57:11 --HA- . (...) -- C:\Users\Bill Gates\AppData\Local\IconCache.db   [3024414]
O61 - LFC: 15/10/2013 - 21:57:12 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Temp\CVR5FDF.tmp.cvr   [0]
O61 - LFC: 15/10/2013 - 21:57:13 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Temp\msohtmlclip1\01\clip_colorschememapping.xml   [314]
O61 - LFC: 15/10/2013 - 21:57:13 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Temp\msohtmlclip1\01\clip_themedata.thmx   [3108]
O61 - LFC: 15/10/2013 - 21:57:20 ---A- . (...) -- C:\Users\Bill Gates\AppData\Roaming\Adobe\Acrobat\10.0\JSCache\GlobSettings   [24]
O61 - LFC: 15/10/2013 - 21:57:20 ---A- . (...) -- C:\Users\Bill Gates\AppData\Roaming\Adobe\Acrobat\10.0\TMDocs.sav   [36]
O61 - LFC: 15/10/2013 - 21:57:20 ---A- . (...) -- C:\Users\Bill Gates\AppData\Roaming\Adobe\Acrobat\10.0\TMGrpPrm.sav   [54]
O61 - LFC: 15/10/2013 - 21:58:01 ---A- . (...) -- C:\Users\Bill Gates\AppData\Roaming\inkscape\preferences.xml   [24253]
O61 - LFC: 15/10/2013 - 21:59:52 ---A- . (...) -- C:\Users\Bill Gates\Documents\Nicolas Dossiers\Licence 2 Sciences du Vivant\Planning et Groupes\2013_2014_L2S3_PLANNING.pdf   [221542]
O61 - LFC: 15/10/2013 - 21:59:58 ---A- . (...) -- C:\Users\Bill Gates\Documents\Nicolas Dossiers\Licence 2 Sciences du Vivant\S3F2 Structures des biomol\poly_cours_glucides_S3F2_2013-14.pdf   [565016]
O61 - LFC: 15/10/2013 - 22:00:36 ---A- . (...) -- C:\Users\Bill Gates\Documents\Triade Database\Nicolas River\Série Mr. Malone\L'Envol du Papillon\L'Envol du Papillon - Brouillon.docx   [27236]
O61 - LFC: 16/10/2013 - 21:55:41 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\euc_state.json   [583594]
O61 - LFC: 16/10/2013 - 21:55:41 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\extraroot.pem   [490796]
O61 - LFC: 16/10/2013 - 21:55:42 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\daemon.debug.log.131016_185757.sent   [560]
O61 - LFC: 16/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\Logs\debug.log.131016_185823.sent   [1247]
O61 - LFC: 16/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\readme.txt   [20228]
O61 - LFC: 16/10/2013 - 21:55:43 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Akamai\root.pem   [13711]
O61 - LFC: 16/10/2013 - 21:55:46 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\ATI\ACE\Manifest.Bin   [29689]
O61 - LFC: 16/10/2013 - 21:55:46 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\ATI\ACE\Manifest.xml   [21587]
O61 - LFC: 16/10/2013 - 21:55:46 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\ATI\ACE\Profiles.xml   [7371]
O61 - LFC: 16/10/2013 - 21:55:53 ----- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Archived History   [57344]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists   [263356]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Archived History-journal   [512]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Bookmarks   [226377]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Cookies   [491520]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal   [16384]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT   [16]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG   [151]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-001309   [524]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extension State\CURRENT   [16]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG   [272]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-003403   [535]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\background.js   [22394]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\block.html   [2093]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\block.js   [3118]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\firstRun.html   [6204]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\firstRun.js   [7433]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\i18n.js   [3911]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\icons\abp-128.png   [15615]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\icons\abp-16.png   [834]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\icons\abp-19-whitelisted.png   [562]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\icons\abp-19.png   [868]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\icons\abp-32.png   [2350]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\icons\abp-48.png   [3639]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\icons\notification-critical.png   [3415]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\icons\notification-information.png   [3409]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\include.postload.js   [20453]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\include.preload.js   [3577]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\jquery-ui\css\smoothness\images\ui-bg_flat_0_aaaaaa_40x100.png   [180]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\jquery-ui\css\smoothness\images\ui-bg_flat_75_ffffff_40x100.png   [178]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\jquery-ui\css\smoothness\images\ui-bg_glass_55_fbf9ee_1x400.png   [120]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\jquery-ui\css\smoothness\images\ui-bg_glass_65_ffffff_1x400.png   [105]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\jquery-ui\css\smoothness\images\ui-bg_glass_75_dadada_1x400.png   [111]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\jquery-ui\css\smoothness\images\ui-bg_glass_75_e6e6e6_1x400.png   [110]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\jquery-ui\css\smoothness\images\ui-bg_glass_95_fef1ec_1x400.png   [119]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\jquery-ui\css\smoothness\images\ui-bg_highlight-soft_75_cccccc_1x100.png   [101]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\jquery-ui\css\smoothness\images\ui-icons_222222_256x240.png   [4369]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\jquery-ui\css\smoothness\images\ui-icons_2e83ff_256x240.png   [4369]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\jquery-ui\css\smoothness\images\ui-icons_454545_256x240.png   [4369]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\jquery-ui\css\smoothness\images\ui-icons_888888_256x240.png   [4369]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\jquery-ui\css\smoothness\images\ui-icons_cd0a0a_256x240.png   [4369]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\jquery-ui\css\smoothness\jquery-ui-1.8.16.custom.css   [22785]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\jquery-ui\js\jquery-1.7.1.min.js   [93868]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\jquery-ui\js\jquery-ui-1.8.16.custom.min.js   [30148]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\lib\adblockplus.js   [106980]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\lib\basedomain.js   [6188]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\lib\compat.js   [5449]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\lib\info.js   [1113]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\lib\io.js   [5545]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\lib\jsbn.js   [17236]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\lib\publicSuffixList.js   [134254]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\lib\punycode.js   [14067]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\lib\rsa.js   [5420]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\lib\sha1.js   [3600]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\manifest.json   [1708]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\notification.html   [613]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\notification.js   [2727]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\options.html   [8140]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\options.js   [19843]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\popup.html   [4208]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\popup.js   [3830]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\popupBlocker.js   [1982]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\skin\abp-icon-big.png   [15201]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\skin\arrow-down.png   [452]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\skin\arrow-up.png   [478]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\skin\background-candomore.png   [246]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\skin\background-main.png   [260]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\skin\background-share.png   [252]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\skin\background.png   [255]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\skin\donate.png   [160]
O61 - LFC: 16/10/2013 - 21:55:53 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\skin\features\malware.png   [3335]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\ar\messages.json   [16407]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\bg\messages.json   [21056]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\bn\messages.json   [10250]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\ca\messages.json   [9270]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\cs\messages.json   [10137]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\da\messages.json   [8352]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\de\messages.json   [9192]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\el\messages.json   [23217]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\en_GB\messages.json   [5459]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\en_US\messages.json   [9955]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\es\messages.json   [9161]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\es_419\messages.json   [9410]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\et\messages.json   [3304]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\fa\messages.json   [9571]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\fi\messages.json   [9510]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\fil\messages.json   [595]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\fr\messages.json   [9572]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\he\messages.json   [17025]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\hr\messages.json   [8206]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\hu\messages.json   [10297]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\id\messages.json   [8811]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\it\messages.json   [9263]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\ja\messages.json   [13332]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\ko\messages.json   [11997]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\lt\messages.json   [8266]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\lv\messages.json   [8649]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\ms\messages.json   [4584]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\nb\messages.json   [1028]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\nl\messages.json   [8815]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\pl\messages.json   [9648]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\pt_BR\messages.json   [9399]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\pt_PT\messages.json   [9118]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\ro\messages.json   [9380]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\ru\messages.json   [21674]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\sk\messages.json   [9841]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\sl\messages.json   [5850]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\sr\messages.json   [17900]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\sv\messages.json   [8987]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\ta\messages.json   [9123]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\te\messages.json   [9934]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\th\messages.json   [14606]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\tr\messages.json   [9853]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\uk\messages.json   [21320]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\vi\messages.json   [7660]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\zh_CN\messages.json   [10390]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\_locales\zh_TW\messages.json   [10598]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\skin\features\social.png   [4260]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\skin\features\tracking.png   [3562]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\skin\firstRun.css   [13221]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\skin\fonts\CreteRound-Italic.otf   [43152]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\skin\fonts\CreteRound-Regular.otf   [40968]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\skin\social\facebook.png   [3861]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\skin\social\googleplus.png   [4009]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\skin\social\renren.png   [2619]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\skin\social\twitter.png   [3944]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\skin\social\weibo.png   [3497]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\stats.js   [3920]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\subscriptions.xml   [5439]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\utils.js   [837]
O61 - LFC: 16/10/2013 - 21:55:54 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\webrequest.js   [6072]
O61 - LFC: 16/10/2013 - 21:56:01 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Favicons   [419840]
O61 - LFC: 16/10/2013 - 21:56:01 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal   [16384]
O61 - LFC: 16/10/2013 - 21:56:01 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\.usage   [24]
O61 - LFC: 16/10/2013 - 21:56:01 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\00\00000012   [1337667]
O61 - LFC: 16/10/2013 - 21:56:02 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\Paths\CURRENT   [16]
O61 - LFC: 16/10/2013 - 21:56:02 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\Paths\LOG   [154]
O61 - LFC: 16/10/2013 - 21:56:02 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\Paths\LOG.old   [154]
O61 - LFC: 16/10/2013 - 21:56:02 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\Paths\MANIFEST-012504   [113]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT   [16]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG   [154]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG.old   [154]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-013028   [156]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\History   [282624]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-10   [471040]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-10-journal   [16384]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\History-journal   [16384]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cfhdojbkjhnklbpkdaibdccddilifddb_0.localstorage   [3072]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cfhdojbkjhnklbpkdaibdccddilifddb_0.localstorage-journal   [3608]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gighmmpiobklfepjocnamgkkbiglidom_0.localstorage   [5268480]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gighmmpiobklfepjocnamgkkbiglidom_0.localstorage-journal   [16384]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.wikipedia.org_0.localstorage   [3072]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.wikipedia.org_0.localstorage-journal   [3608]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fr.wikipedia.org_0.localstorage   [3072]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fr.wikipedia.org_0.localstorage-journal   [3608]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_leplus.nouvelobs.com_0.localstorage   [3072]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_leplus.nouvelobs.com_0.localstorage-journal   [3608]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_player.ooyala.com_0.localstorage   [3072]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_player.ooyala.com_0.localstorage-journal   [3608]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_fr-fr.facebook.com_0.localstorage   [4096]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_fr-fr.facebook.com_0.localstorage-journal   [3608]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_twitter.com_0.localstorage   [1640448]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_twitter.com_0.localstorage-journal   [16384]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage   [9216]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage-journal   [3608]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage   [3072]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage-journal   [3608]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.youtube.com_0.localstorage   [28672]
O61 - LFC: 16/10/2013 - 21:57:05 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.youtube.com_0.localstorage-journal   [6704]
O61 - LFC: 16/10/2013 - 21:57:06 ----- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor   [16384]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.canalplus.fr_0.localstorage   [3072]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.canalplus.fr_0.localstorage-journal   [3608]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage   [3072]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal   [512]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Login Data   [36864]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Login Data-journal   [16384]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Managed Mode Settings   [8]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal   [3608]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs   [23552]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs-journal   [16384]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9WE5VDMS\fr-canalplus.cdn.videoplaza.tv\com.videoplaza.adplayer.sol   [132]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9WE5VDMS\fr-canalplus.cdn.videoplaza.tv\com.videoplaza.bootloader.sol   [81]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9WE5VDMS\macromedia.com\##B9A0555D7A2D035A\00000001.sol   [192]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9WE5VDMS\macromedia.com\support\flashplayer\sys\#opf.ooyala.com\settings.sol   [84]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9WE5VDMS\macromedia.com\support\flashplayer\sys\#player.ooyala.com\settings.sol   [87]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9WE5VDMS\macromedia.com\support\flashplayer\sys\#s.ytimg.com\settings.sol   [81]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9WE5VDMS\macromedia.com\support\flashplayer\sys\settings.sol   [481]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9WE5VDMS\opf.ooyala.com\com.conviva.livePass.sol   [62]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9WE5VDMS\player.ooyala.com\auth.sol   [47]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9WE5VDMS\player.ooyala.com\auth2.sol   [637]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9WE5VDMS\player.ooyala.com\auth_id.sol   [40]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9WE5VDMS\s.ytimg.com\soundData.sol   [49]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Preferences   [112795]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\QuotaManager   [20480]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal   [9800]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT   [16]
O61 - LFC: 16/10/2013 - 21:57:06 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG   [1225]
O61 - LFC: 16/10/2013 - 21:57:07 ----- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Top Sites   [32768]
O61 - LFC: 16/10/2013 - 21:57:07 ----- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Visited Links   [131072]
O61 - LFC: 16/10/2013 - 21:57:07 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-021826   [1050]
O61 - LFC: 16/10/2013 - 21:57:07 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal   [12824]
O61 - LFC: 16/10/2013 - 21:57:07 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity   [964]
O61 - LFC: 16/10/2013 - 21:57:07 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Web Data   [204800]
O61 - LFC: 16/10/2013 - 21:57:07 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal   [12848]
O61 - LFC: 16/10/2013 - 21:57:07 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Local State   [44394]
O61 - LFC: 16/10/2013 - 21:57:08 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom   [8259624]
O61 - LFC: 16/10/2013 - 21:57:08 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set   [1603342]
O61 - LFC: 16/10/2013 - 21:57:08 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies   [6144]
O61 - LFC: 16/10/2013 - 21:57:08 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal   [4640]
O61 - LFC: 16/10/2013 - 21:57:08 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist   [135184]
O61 - LFC: 16/10/2013 - 21:57:08 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Safe Browsing Download   [741612]
O61 - LFC: 16/10/2013 - 21:57:08 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist   [19444]
O61 - LFC: 16/10/2013 - 21:57:08 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist   [6596]
O61 - LFC: 16/10/2013 - 21:57:12 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\PMB Files\cert\cert8.db   [65536] =>P2P.Pando
O61 - LFC: 16/10/2013 - 21:57:12 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\PMB Files\cert\key3.db   [16384] =>P2P.Pando
O61 - LFC: 16/10/2013 - 21:57:12 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\PMB Files\cert\secmod.db   [16384] =>P2P.Pando
O61 - LFC: 16/10/2013 - 21:57:12 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\PMB Files\pando.save   [918] =>P2P.Pando
O61 - LFC: 16/10/2013 - 21:57:12 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Temp\CRX_75DAF8CB7768\crl-set   [1767]
O61 - LFC: 16/10/2013 - 21:57:12 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.fingerprint   [12]
O61 - LFC: 16/10/2013 - 21:57:12 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.json   [34]
O61 - LFC: 16/10/2013 - 21:57:12 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Temp\au-descriptor-1.7.0_45-b18.xml   [8891]
O61 - LFC: 16/10/2013 - 21:57:13 ---A- . (...) -- C:\Users\Bill Gates\AppData\Local\Temp\WMZuneComm.etl.001   [4096]
O61 - LFC: 16/10/2013 - 21:58:18 ---A- . (...) -- C:\Users\Bill Gates\AppData\Roaming\ZHP\Log.txt   [18802]  =>.Nicolas Coolman
O61 - LFC: 16/10/2013 - 21:58:18 ---A- . (...) -- C:\Users\Bill Gates\AppData\Roaming\ZHP\TestsZHPDiag.txt   [2978]  =>.Nicolas Coolman
O61 - LFC: 16/10/2013 - 22:00:27 -SHA- . (...) -- C:\Users\Bill Gates\Documents\Triade Database\Images\Cartes Yu-Gi-Oh!\Thumbs.db   [127488]
O61 - LFC: 16/10/2013 - 22:00:27 -SHA- . (...) -- C:\Users\Bill Gates\Documents\Triade Database\Images\Eminem\Thumbs.db   [7680]
O61 - LFC: 16/10/2013 - 22:00:27 -SHA- . (...) -- C:\Users\Bill Gates\Documents\Triade Database\Images\Hollywood\Thumbs.db   [466944]
O61 - LFC: 16/10/2013 - 22:00:28 -SHA- . (...) -- C:\Users\Bill Gates\Documents\Triade Database\Images\Thumbs.db   [8524288]
O61 - LFC: 16/10/2013 - 22:00:36 --HA- . (...) -- C:\Users\Bill Gates\Documents\Triade Database\Nicolas River\Série Mr. Malone\L'Envol du Papillon\~$Envol du Papillon.docx   [162]
O61 - LFC: 16/10/2013 - 22:00:39 -SHA- . (...) -- C:\Users\Bill Gates\Documents\Triade Database\Thumbs.db   [131584]
O61 - LFC: 16/10/2013 - 22:03:15 -SHA- . (...) -- C:\Users\Bill Gates\Documents\Youcam\Thumbs.db   [237056]
O61 - LFC: 16/10/2013 - 22:03:39 ---A- . (...) -- C:\Users\Bill Gates\Downloads\RogueKiller (3).exe   [951808]
O61 - LFC: 16/10/2013 - 22:03:56 ---A- . (.Nicolas Coolman.) -- C:\Users\Bill Gates\Downloads\ZHPDiag2 (1).exe   [6836409]  =>.Nicolas Coolman
O61 - LFC: 16/10/2013 - 22:03:56 -SHA- . (...) -- C:\Users\Bill Gates\Pictures\Thumbs.db   [1485824]
O61 - LFC: 16/10/2013 - 22:03:56 -SHA- . (...) -- C:\Users\Bill Gates\Pictures\VICNESH2troll\Thumbs.db   [249856]
~ 8 Fichiers temporaires (Temporary files)
~ Files: 302 Scanned in 08mn 20s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 14/09/2013 - C:\Windows\system32\drivers\afd.sys (AFD)  .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 18/08/2011 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag)  .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\atapi.sys (atapi)  .(.Microsoft Corporation - ATAPI IDE Miniport Driver.) - LEGACY_ATAPI
O64 - Services: CurCS - 10/09/2013 - C:\Windows\System32\DRIVERS\avgntflt.sys (avgntflt)  .(.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - 10/09/2013 - C:\Windows\System32\DRIVERS\avipbb.sys (avipbb)  .(.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB
O64 - Services: CurCS - 30/03/2013 - C:\Windows\System32\DRIVERS\avkmgr.sys (avkmgr)  .(.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - LEGACY_AVKMGR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep)  .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP
O64 - Services: CurCS - 04/07/2012 - C:\Windows\system32\browser.dll (bowser)  .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs)  .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS)  .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\cng.sys (CNG)  .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\dfsc.sys (DfsC)  .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache)  .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE
O64 - Services: CurCS - 01/08/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl)  .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - 16/10/2013 - C:\Windows\system32\drivers\EagleX64.sys (EagleX64) .(...) - LEGACY_EAGLEX64
O64 - Services: CurCS - 16/10/2013 - C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys (esgiguard) .(...) - LEGACY_ESGIGUARD =>Crapware.SpyHunter
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\fastfat.sys (fastfat)  .(.Microsoft Corporation - Fast FAT File System Driver.) - LEGACY_FASTFAT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo)  .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr)  .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - 24/01/2013 - C:\Windows\system32\drivers\fvevol.sys (fvevol)  .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL
O64 - Services: CurCS - 30/12/2012 - C:\Program Files (x86)\Garena Plus\Room\safedrv.sys (GGSAFERDriver) .(...) - LEGACY_GGSAFERDRIVER
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\http.sys (HTTP)  .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy)  .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
O64 - Services: CurCS - 09/08/2011 - C:\Windows\System32\DRIVERS\igdpmd64.sys (intelkmd)  .(.Intel Corporation - Intel Graphics Kernel Mode Driver.) - LEGACY_INTELKMD
O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD)  .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg)  .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio)  .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv)  .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - 04/04/2013 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector)  .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr)  .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv)  .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb10)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\drivers\msahci.sys (msahci)  .(.Microsoft Corporation - MS AHCI 1.0 Standard Driver.) - LEGACY_MSAHCI
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv)  .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup)  .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP)  .(.Microsoft Corporation - Pilote de miniport WiFi natif.) - LEGACY_NATIVEWIFIP
O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS)  .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS
O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio)  .(.Microsoft Corporation - Pilote d’E/S du mode utilisateur NDIS.) - LEGACY_NDISUIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS)  .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT)  .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy)  .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw)  .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH)  .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\drivers\pacer.sys (Psched)  .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (rdbss)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD)  .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD)  .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP)  .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr)  .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr)  .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\srvsvc.dll (srv)  .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\srvsvc.dll (srv2)  .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2
O64 - Services: CurCS - 04/11/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet)  .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\tcpipcfg.dll (Tcpip)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP
O64 - Services: CurCS - 03/10/2012 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg)  .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\tcpipcfg.dll (tdx)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX
O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\DRIVERS\udfs.sys (udfs)  .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave)  .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx)  .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX
O64 - Services: CurCS - 04/11/2011 - C:\Windows\System32\drivers\volsnap.sys (volsnap)  .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\vwififlt.sys (vwififlt)  .(.Microsoft Corporation - Virtual WiFi Filter Driver.) - LEGACY_VWIFIFLT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6)  .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
O64 - Services: CurCS - 25/06/2013 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000)  .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf)  .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF
O64 - Services: CurCS - 01/11/2010 - C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys (WinRing0_1_2_0)  .(.OpenLibSys.org - WinRing0.) - LEGACY_WINRING0_1_2_0
O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\WudfPf.sys (WudfPf)  .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF
O64 - Services: CurCS - 16/10/2013 - C:\Users\BILLGA~1\AppData\Local\Temp\005B19E.tmp (X6va005) .(...) - LEGACY_X6VA005
~ Legacy: 95 Scanned in 00mn 19s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <jsfile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <jsfile>[HKCR\..\open\Command] (.Adobe Systems, Inc. - Adobe Dreamweaver CS6.) -- C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ FASS Keys: 19 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <Google Chrome.OA> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\OA\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
~ Keys:  Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [853504]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll   [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll   [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [100864]
~ Services: 32 Scanned in 00mn 01s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.A2B0924D50F4435FD389499047CE553A] [SPRF][29/08/2013] (.Microsoft Corporation - NT Layer DLL.) -- C:\Users\Bill Gates\AppData\Local\Temp\ntdll_dump.dll   [1292192]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll   [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe   [196608]
[MD5.7DC70A3D7F132D369017A9C44158C6D5] [SPRF][15/08/2003] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll   [282624]
~ Files: 4 Scanned in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{767A6340-1197-4E49-908C-414FF97BCD26}" | In - None - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe  =>.Skype Technologies S.A.
O87 - FAEL: "{31A6CD4D-FB3D-41DA-897A-FF208604C6AE}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
O87 - FAEL: "{E6D77454-631C-4E1E-935F-26923C69B060}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O87 - FAEL: "{86A8C2FD-2D10-4BB4-8AF4-24EA99C7D1B0}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Mesh Operating Environment.) -- C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
O87 - FAEL: "{FAB67A1D-1222-4988-890D-61A1B36BA95A}" |In - Domain - P6 - TRUE | .(...) -- C:\Windows\system32\ezSharedSvcHost.exe (.not file.)
O87 - FAEL: "{984C8E6D-DE50-4104-8998-B157881D0C75}" | In - Domain - P6 - TRUE | .(.EasyBits Software AS - EasyBits Magic Desktop for Kids.) -- C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe  =>.EasyBits Software AS
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-Prov-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe
O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-McrMgr-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Media Center Extender Manager.) -- C:\Windows\ehome\mcrmgr.exe
O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{857FD51D-667C-465C-A571-AA2C4EF47C4E}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{6CE74941-2FA4-410B-9E65-31A68C1B71A3}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{398C4484-169B-4B52-BEA5-6CA9C0234A91}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{36D79A70-6B86-4C52-8F7A-227875F62B11}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{F3CE2D5E-DB4E-426F-90DD-3FA906673628}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{867B9408-7252-4CD5-BF7E-A092B25E026F}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{1AEC62AD-4A90-4C44-B375-B154C8CB191F}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{A99BF543-E615-4965-9640-F60240DC1D30}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{EF458B4A-F4B9-40B4-B212-0594F495F4BE}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{F130CE0A-B9E1-4DD7-93C3-6EE516415BB7}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{D7B9259D-19EB-4BFB-AF9D-CBC4A0395027}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{7456CB7B-889E-48A5-A943-7E0688EC8572}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{BA433918-7CA3-4C15-A886-8A85574B024B}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "{986AB633-66A3-4D19-A611-B361864B5714}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "{FA437906-3CD2-4D1F-98F5-B391F7BF9D6F}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "{86B10DE5-E903-432C-BF03-6832F784699B}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "{5A08B80D-6717-4B43-A1D7-0D60EB6F55AA}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{F96C8F07-4885-4EF7-A5C4-C2C5673E5B09}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "{FDF86B62-D563-428E-9C39-BDE10CD6E422}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{3FE0516F-DF46-47B3-BB4C-F2048F03D612}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{C8AED8C5-D212-417D-8E1E-A234D54DFE91}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "TCP Query User{DA550944-9B5D-4A4B-9738-975C118B3C82}C:\program files (x86)\ogplanet\zone4\zone4_na.exe" | In - Private - P6 - TRUE | .(.Infovine - Zone4.) -- C:\program files (x86)\ogplanet\zone4\zone4_na.exe
O87 - FAEL: "UDP Query User{958D7F9A-6211-4E3C-A39E-99235F20A8DD}C:\program files (x86)\ogplanet\zone4\zone4_na.exe" | In - Private - P17 - TRUE | .(.Infovine - Zone4.) -- C:\program files (x86)\ogplanet\zone4\zone4_na.exe
O87 - FAEL: "{003CA0B8-E8BB-4154-BE4E-4C9D6D03D9F8}" | In - Private - P6 - TRUE | .(.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Bill Gates\AppData\Local\Akamai\netsession_win.exe
O87 - FAEL: "{E467DC23-8A4C-48BC-B36D-0C0376417E1A}" | In - Private - P17 - TRUE | .(.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Bill Gates\AppData\Local\Akamai\netsession_win.exe
O87 - FAEL: "TCP Query User{C59CFFD2-FA10-4219-BB22-24176698BEB6}C:\users\bill gates\appdata\local\akamai\netsession_win.exe" | In - Public - P6 - TRUE | .(.Akamai Technologies, Inc..) -- C:\users\bill gates\appdata\local\akamai\netsession_win.exe
O87 - FAEL: "UDP Query User{D50362CF-3E14-48FB-BE68-AB674652F658}C:\users\bill gates\appdata\local\akamai\netsession_win.exe" | In - Public - P17 - TRUE | .(.Akamai Technologies, Inc..) -- C:\users\bill gates\appdata\local\akamai\netsession_win.exe
O87 - FAEL: "TCP Query User{E9998FE5-44CB-4A7F-AF51-90F3C74CD8B3}C:\users\bill gates\documents\pes 2012\program files\konami\pro evolution soccer 2012\pes2012.exe" | In - Private - P6 - TRUE | .(.Konami Digital Entertainment Co., Ltd..) -- C:\users\bill gates\documents\pes 2012\program files\konami\pro evolution soccer 2012\pes2012.exe
O87 - FAEL: "UDP Query User{2E324BF7-FF5D-4389-8A1E-37FA290A761B}C:\users\bill gates\documents\pes 2012\program files\konami\pro evolution soccer 2012\pes2012.exe" | In - Private - P17 - TRUE | .(.Konami Digital Entertainment Co., Ltd..) -- C:\users\bill gates\documents\pes 2012\program files\konami\pro evolution soccer 2012\pes2012.exe
O87 - FAEL: "{CED20910-2742-4FED-882E-4265DF621F1A}" | In - Private - P6 - TRUE | .(.Hewlett-Packard Co. - USBSetup.exe.) -- C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
O87 - FAEL: "{BA13252D-0E9F-4AB5-B14C-8CECB916AB83}" | In - Private - P17 - TRUE | .(.Hewlett-Packard Co. - USBSetup.exe.) -- C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
O87 - FAEL: "{6C654A61-BA7B-4B84-9445-A55F700FDE43}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{B9A923D9-DBE8-4E56-AB1B-9349FDA8991D}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TCP Query User{CC34DEB2-C9C4-4D27-8BEE-BF0C58CE3744}C:\users\bill gates\desktop\client moustikk\dkmt2 lenceur.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\bill gates\desktop\client moustikk\dkmt2 lenceur.exe (.not file.)
O87 - FAEL: "UDP Query User{DBEBB94F-7CE9-442B-9FED-E31F3D9B4782}C:\users\bill gates\desktop\client moustikk\dkmt2 lenceur.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\bill gates\desktop\client moustikk\dkmt2 lenceur.exe (.not file.)
O87 - FAEL: "TCP Query User{0BA650F3-15AB-48A0-9E46-92CFDF38BEC7}C:\users\bill gates\documents\client moustikk\dkmt2 lenceur.exe" | In - Private - P6 - TRUE | .(...) -- C:\users\bill gates\documents\client moustikk\dkmt2 lenceur.exe
O87 - FAEL: "UDP Query User{26D128FB-0E23-4F1B-AD1D-15B22CC74574}C:\users\bill gates\documents\client moustikk\dkmt2 lenceur.exe" | In - Private - P17 - TRUE | .(...) -- C:\users\bill gates\documents\client moustikk\dkmt2 lenceur.exe
O87 - FAEL: "TCP Query User{197DD8D4-45B8-4F12-9E4E-8F2A2170AD17}C:\users\bill gates\documents\darknessmt2 renaissance\darknessmt2.exe" | In - Private - P6 - TRUE | .(...) -- C:\users\bill gates\documents\darknessmt2 renaissance\darknessmt2.exe
O87 - FAEL: "UDP Query User{0DBD452A-191E-45DB-903E-2E881A210A45}C:\users\bill gates\documents\darknessmt2 renaissance\darknessmt2.exe" | In - Private - P17 - TRUE | .(...) -- C:\users\bill gates\documents\darknessmt2 renaissance\darknessmt2.exe
O87 - FAEL: "TCP Query User{62DD00A3-9793-4571-AFFD-0D5B61F5ECBA}C:\users\bill gates\desktop\vv-game\binaries\win32\udk.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\bill gates\desktop\vv-game\binaries\win32\udk.exe (.not file.)
O87 - FAEL: "UDP Query User{E825BB2E-62EE-48C7-BA25-3300AC1D7E8E}C:\users\bill gates\desktop\vv-game\binaries\win32\udk.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\bill gates\desktop\vv-game\binaries\win32\udk.exe (.not file.)
O87 - FAEL: "{8E798262-7DD1-430E-9574-08C3B5A3A5DF}" | In - Public - P6 - TRUE | .(.Konami Digital Entertainment Co., Ltd..) -- C:\Users\Bill Gates\Documents\PES 2012\program files\KONAMI\Pro Evolution Soccer 2012\pes2012.exe
O87 - FAEL: "{BAB58906-4880-4C4E-8251-7E7B03794E97}" | In - Public - P17 - TRUE | .(.Konami Digital Entertainment Co., Ltd..) -- C:\Users\Bill Gates\Documents\PES 2012\program files\KONAMI\Pro Evolution Soccer 2012\pes2012.exe
O87 - FAEL: "TCP Query User{3EC62E89-758C-4604-B61C-F7A073D83D76}C:\users\bill gates\desktop\client mt2 begins\mt2 begins.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\bill gates\desktop\client mt2 begins\mt2 begins.exe (.not file.)
O87 - FAEL: "UDP Query User{E48F882F-FF72-4AB2-ABF5-C57C802D98D5}C:\users\bill gates\desktop\client mt2 begins\mt2 begins.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\bill gates\desktop\client mt2 begins\mt2 begins.exe (.not file.)
O87 - FAEL: "TCP Query User{B76F5A8E-051F-44EB-9250-E5B35ADB29C0}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" |In - Private - P6 - TRUE | .(...) -- C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe (.not file.)
O87 - FAEL: "UDP Query User{861C8DA6-4FC7-493B-8DAE-F7A59C567E92}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" |In - Private - P17 - TRUE | .(...) -- C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe (.not file.)
O87 - FAEL: "{4750C475-BBC4-4A07-868A-96B8FDF8ABB4}" | In - Private - P6 - TRUE | .(.Nexon - Nexon Game Manager.) -- C:\ProgramData\NexonEU\NGM\NGM.exe
O87 - FAEL: "{E4AB64F0-D7CD-4254-940B-492B71A13903}" | In - Private - P17 - TRUE | .(.Nexon - Nexon Game Manager.) -- C:\ProgramData\NexonEU\NGM\NGM.exe
O87 - FAEL: "{4D5ABBAF-26DC-434E-93D9-2C1FBEA16548}" |In - Private - P6 - TRUE | .(...) -- C:\Nexon\Vindictus EU\en-EU\NMService.exe (.not file.)
O87 - FAEL: "{D484C47B-E1F9-4ED5-949B-27E064339CE6}" |In - Private - P17 - TRUE | .(...) -- C:\Nexon\Vindictus EU\en-EU\NMService.exe (.not file.)
O87 - FAEL: "TCP Query User{E6D424A3-35DC-4D06-8515-6AEAB28EDF82}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" |In - Public - P6 - TRUE | .(...) -- C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe (.not file.)
O87 - FAEL: "UDP Query User{9890B9BE-2CD7-41F0-95EF-5CACD83ACBB8}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" |In - Public - P17 - TRUE | .(...) -- C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe (.not file.)
O87 - FAEL: "{CDA333BD-6C27-48DD-842B-4523245E3521}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\SysWOW64\msiexec.exe
O87 - FAEL: "{9D613C54-BA8F-41B1-82B3-B2BEC6F37919}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\SysWOW64\msiexec.exe
O87 - FAEL: "TCP Query User{41596258-4710-40F6-8B08-A7E8CC53DEDD}C:\program files (x86)\java\jre7\bin\java.exe" | In - Private - P6 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre7\bin\java.exe
O87 - FAEL: "UDP Query User{0363E563-3B61-4444-8E24-15C3830461AB}C:\program files (x86)\java\jre7\bin\java.exe" | In - Private - P17 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre7\bin\java.exe
O87 - FAEL: "TCP Query User{B405B829-EDAB-4FE3-8A9D-6F598C5F0645}C:\windows\keygen.exe" |In - Private - P6 - TRUE | .(...) -- C:\windows\keygen.exe (.not file.)
O87 - FAEL: "UDP Query User{E6315427-C79A-4549-9A10-57C9CC0CB56A}C:\windows\keygen.exe" |In - Private - P17 - TRUE | .(...) -- C:\windows\keygen.exe (.not file.)
O87 - FAEL: "{C2B8EC36-ECCC-4FD0-9829-F08B0C369851}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{60770037-E356-46E9-AF55-B00539306FA7}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{A8C77BE1-1BC5-4604-896E-A7CCA80BB583}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe (.not file.)
O87 - FAEL: "{9AE690A3-C6D4-453C-8110-C047CAE5670C}" |In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe (.not file.)
O87 - FAEL: "{474061A6-0CF5-48F5-9303-809C974AFBF2}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{3AAE5BCA-78ED-4B6F-BB90-039ECC38803C}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{2B5DE785-FC22-49AF-B28D-17539E6C293A}" |In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe (.not file.)
O87 - FAEL: "{080ABA42-6D13-4113-A489-258DFE09EEE7}" |In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe (.not file.)
O87 - FAEL: "TCP Query User{343C3B55-5F29-4295-BD55-74A18A09A710}C:\users\bill gates\appdata\local\google\chrome\application\chrome.exe" | In - Private - P6 - TRUE | .(.Google Inc..) -- C:\users\bill gates\appdata\local\google\chrome\application\chrome.exe
O87 - FAEL: "UDP Query User{B94EC66A-FD19-4F99-AE52-2F2AEEA3B545}C:\users\bill gates\appdata\local\google\chrome\application\chrome.exe" | In - Private - P17 - TRUE | .(.Google Inc..) -- C:\users\bill gates\appdata\local\google\chrome\application\chrome.exe
O87 - FAEL: "{187160C2-85A8-4CEE-B7BD-878FDA7A9E25}" | In - Private - P6 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
O87 - FAEL: "{6A899C5D-8D43-4121-83EF-4F7DB0E03F76}" | In - Private - P17 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
O87 - FAEL: "{69D1D0A6-680F-4416-A5C4-7333E0B80ED5}" | In - Private - P6 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
O87 - FAEL: "{9E6E425B-98C3-4F14-876A-D7A5B8560F93}" | In - Private - P17 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
O87 - FAEL: "{D14E960D-8A87-41A4-8F35-99B9F197E169}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\StarCraft II\StarCraft II.exe (.not file.)
O87 - FAEL: "{3F2D8919-864E-40DB-88DA-DFB56C577A6C}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\StarCraft II\StarCraft II.exe (.not file.)
O87 - FAEL: "{7865F595-7D52-491D-8FF3-2EED40618649}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe (.not file.)
O87 - FAEL: "{2D59351B-B513-4BFB-BCDA-D0AF161F8A89}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe (.not file.)
O87 - FAEL: "{DCD1F3EC-C3FD-488F-A952-92D6DA7024CF}" |In - Private - P6 - TRUE | .(...) -- C:\Users\Bill Gates\Downloads\Blackshot_GarenaPlus_Installer.exe (.not file.)
O87 - FAEL: "{18C2916E-B548-43E8-8BE7-E4F07CE8BF4C}" |In - Private - P17 - TRUE | .(...) -- C:\Users\Bill Gates\Downloads\Blackshot_GarenaPlus_Installer.exe (.not file.)
O87 - FAEL: "{BC49E06C-DEF0-4799-A790-72384F0B2C5F}" | In - Private - P6 - TRUE | .(.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2013.) -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
O87 - FAEL: "{AB72249D-2499-43B9-B63C-982A2969F31F}" | In - Private - P17 - TRUE | .(.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2013.) -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
O87 - FAEL: "{B04329DA-9D95-4543-91D3-EDA345738B2D}" | In - None - P6 - FALSE | .(.Microsoft Corporation - SMSvcHost.exe.) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
O87 - FAEL: "{222F007D-AA01-4BAF-B7E2-A151736FBD9C}" | In - Domain - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{F31F97BE-E090-4939-9C76-C39AEB68C1FD}" | In - Domain - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{8A52D5C1-89C7-4AE0-BF10-07AC82246703}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{65006C03-4F2A-4CCF-8D57-4962CA43171D}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{2EED5603-CF1B-4DA6-A3E1-62D4700B32CD}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{E6B7C35E-11BD-4917-B920-9C35DFB4B83A}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
O87 - FAEL: "{68A54608-B4F6-4475-9CE2-E95312FAABE8}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
O87 - FAEL: "{C7F920C7-E3A2-46AC-879B-669A25948447}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe
O87 - FAEL: "{7DCB2565-C4A5-47CA-B14C-2E85D9B74B28}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe
O87 - FAEL: "{746C400E-4D09-482D-8062-006B05666BC6}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe
O87 - FAEL: "{CB31FDDE-0133-4413-B751-63EB2F2FB6E8}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe
O87 - FAEL: "{C0BF38C0-5738-4D54-8CAB-011C858B33C1}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
O87 - FAEL: "{BAE33FD1-1C5E-4920-8B07-EFA678142007}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
O87 - FAEL: "{E6E063F6-D13B-483C-8E75-D78526E72DAE}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
O87 - FAEL: "{605BBC44-6012-4B19-ABDE-3D5ECA229F63}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
O87 - FAEL: "{70D96D9E-7CF1-4DCB-89E4-25BAC8061554}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
O87 - FAEL: "{4B39FC20-6537-4A07-8751-06EDE68DFE88}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
O87 - FAEL: "{6212482E-6136-4CC5-8BCF-EE0FD20BDD7A}" | In - Private - P6 - TRUE | .(.Ubisoft Entertainment - UPlayBrowser Application.) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
O87 - FAEL: "{393BBEC8-87FF-4003-868A-6B011A926222}" | In - Private - P17 - TRUE | .(.Ubisoft Entertainment - UPlayBrowser Application.) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
O87 - FAEL: "TCP Query User{C01A0C9D-8502-4224-B394-2C3E834BB9B5}C:\program files (x86)\java\jre7\bin\java.exe" | In - Public - P6 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre7\bin\java.exe
O87 - FAEL: "UDP Query User{2D34DAB1-247A-40A7-A10B-DE3358E4D8B3}C:\program files (x86)\java\jre7\bin\java.exe" | In - Public - P17 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre7\bin\java.exe
O87 - FAEL: "TCP Query User{E0D46613-FFBE-491A-ADCF-C23FCB522D2B}C:\program files (x86)\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe
O87 - FAEL: "UDP Query User{7B904592-2B08-4067-B452-F7C0D77A745E}C:\program files (x86)\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe
O87 - FAEL: "TCP Query User{BD797861-4D22-4E50-8EB7-C9C69F84337C}C:\program files (x86)\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe
O87 - FAEL: "UDP Query User{B080342E-83A4-4316-8B67-6C9676216CAA}C:\program files (x86)\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe
O87 - FAEL: "TCP Query User{EBB5CE39-1CEA-4ED5-A573-45A30FAF2AAF}C:\program files\internet explorer\iexplore.exe" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe
O87 - FAEL: "UDP Query User{1C87FB46-2D3B-4ECC-97C4-1EE8AB85C0D3}C:\program files\internet explorer\iexplore.exe" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe
O87 - FAEL: "{E29EA38A-4B83-459F-B761-44400D074BD0}" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{E12EE976-99F3-4E76-B379-CE74E083D3D9}" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{88426DF9-3234-4FAE-83DE-4E4442CAB8D9}" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{3C8FA770-D69E-4F36-B018-F319AAC07310}" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{A37D4BCA-00AF-43FF-8A0B-CE6A80BED4BB}" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Zune\ZuneNSS.exe (.not file.)
O87 - FAEL: "{F3CE43B4-4890-4A23-93F9-4C8C3B565A7B}" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Zune\ZuneNSS.exe (.not file.)
O87 - FAEL: "{979D4039-E65F-4C83-B2E1-E6575E4867C3}" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Zune\ZuneNSS.exe (.not file.)
O87 - FAEL: "{B6041514-6B98-4B24-A5A2-49E94E45A3ED}" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Zune\ZuneNSS.exe (.not file.)
O87 - FAEL: "{DB74CFD9-3F38-44CE-AC75-92819C7969C0}" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{54E883BA-8F37-4D64-B255-1D1C1460CA00}" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{655931C4-573D-4C6F-9F75-450E3DC80AEA}" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{D8BB5ABD-BAEC-456D-A7E0-5FD2EF6D93FE}" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{CAF7DB1A-A077-445A-93BB-998BD8CA95C7}" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{463B4B93-01DA-48E6-9ED9-78AC1A2B22B9}" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{9490D14B-A66D-41B9-A793-19E28B94A40E}" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Zune\ZuneNSS.exe (.not file.)
O87 - FAEL: "{1CAA1DB8-CEEA-4C9C-A552-B496B0925085}" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Zune\ZuneNSS.exe (.not file.)
O87 - FAEL: "{7EBB6A77-E9CC-42D8-9883-166C501E5686}" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Zune\ZuneNSS.exe (.not file.)
O87 - FAEL: "{26D5EC85-13F8-49FC-9ACE-37D8C6E96AD9}" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Zune\ZuneNSS.exe (.not file.)
O87 - FAEL: "{85487655-9E48-4883-8109-E649810E7729}" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TCP Query User{546E9E84-018B-40F4-9463-B7899FCF46FB}C:\users\bill gates\appdata\local\temp\rar$exa0.384\fun\ultima-online.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\bill gates\appdata\local\temp\rar$exa0.384\fun\ultima-online.exe (.not file.)
O87 - FAEL: "UDP Query User{6959EB80-F7F3-44F9-92DC-BF9543D750AC}C:\users\bill gates\appdata\local\temp\rar$exa0.384\fun\ultima-online.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\bill gates\appdata\local\temp\rar$exa0.384\fun\ultima-online.exe (.not file.)
O87 - FAEL: "TCP Query User{DB0D8383-7863-4503-A53E-353874C7C7AE}C:\users\bill gates\appdata\local\temp\rar$exa0.449\fun\ultima-online.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\bill gates\appdata\local\temp\rar$exa0.449\fun\ultima-online.exe (.not file.)
O87 - FAEL: "UDP Query User{467F8AA0-A208-4073-A009-15CF0A367F3F}C:\users\bill gates\appdata\local\temp\rar$exa0.449\fun\ultima-online.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\bill gates\appdata\local\temp\rar$exa0.449\fun\ultima-online.exe (.not file.)
O87 - FAEL: "TCP Query User{E2383A4C-BF5C-4DAE-8110-0C3945F003DB}C:\users\bill gates\desktop\mt\ultima-online.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\bill gates\desktop\mt\ultima-online.exe (.not file.)
O87 - FAEL: "UDP Query User{5838708A-2897-46DF-B385-D4C991415DEE}C:\users\bill gates\desktop\mt\ultima-online.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\bill gates\desktop\mt\ultima-online.exe (.not file.)
O87 - FAEL: "TCP Query User{C2F70444-C7ED-4A8B-8014-351FBB42132A}C:\users\bill gates\desktop\ultra\ultima-online.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\bill gates\desktop\ultra\ultima-online.exe (.not file.)
O87 - FAEL: "UDP Query User{6A2F399F-1879-43AD-896B-E1A7A812620C}C:\users\bill gates\desktop\ultra\ultima-online.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\bill gates\desktop\ultra\ultima-online.exe (.not file.)
O87 - FAEL: "{1D64B2D4-407B-4B0B-B6E5-7EF14FD7E570}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\ARFC\wrtc.exe (.not file.)
O87 - FAEL: "{200EA0D6-E364-45F9-B7F6-EAB613AB61A1}" |In - Private - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\ARFC\wrtc.exe (.not file.)
O87 - FAEL: "{923DF779-54F2-4293-9E9C-EB1A555D4F05}" |In - Public - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\ARFC\wrtc.exe (.not file.)
O87 - FAEL: "{33A22CD0-87DE-4F23-A9D2-77BA104C3D77}" |In - Public - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\ARFC\wrtc.exe (.not file.)
O87 - FAEL: "TCP Query User{EEFA3BEA-E634-4C09-B134-CCE4A37313B5}C:\users\bill gates\downloads\ultra\ultima-online.exe" | In - Private - P6 - TRUE | .(...) -- C:\users\bill gates\downloads\ultra\ultima-online.exe
O87 - FAEL: "UDP Query User{F750A17D-2EE6-4140-9578-1D2EDA7B5F4C}C:\users\bill gates\downloads\ultra\ultima-online.exe" | In - Private - P17 - TRUE | .(...) -- C:\users\bill gates\downloads\ultra\ultima-online.exe
O87 - FAEL: "TCP Query User{BD4649EF-03F6-4D07-9252-B903A5C53698}C:\users\bill gates\desktop\sevenonline\sevenonline.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\bill gates\desktop\sevenonline\sevenonline.exe (.not file.)
O87 - FAEL: "UDP Query User{80548FA8-03AC-4A22-B485-BAABEAECE451}C:\users\bill gates\desktop\sevenonline\sevenonline.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\bill gates\desktop\sevenonline\sevenonline.exe (.not file.)
O87 - FAEL: "TCP Query User{0ADD628E-9650-4C6B-AE27-8F4DE355F032}C:\program files (x86)\pc remote\pc remote\pcremote.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\pc remote\pc remote\pcremote.exe (.not file.)
O87 - FAEL: "UDP Query User{DA4E18E3-A38E-48C6-B7D3-A7CE7B5B7407}C:\program files (x86)\pc remote\pc remote\pcremote.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\pc remote\pc remote\pcremote.exe (.not file.)
O87 - FAEL: "{2AB75BCF-616C-45E7-87D0-274F3905E1F2}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\Bill Gates\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe  =>.Microsoft Corporation
O87 - FAEL: "{70CDDB79-BB70-4637-8DE3-545602C2FF77}" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{59AFF34C-ACC1-4878-8E8D-C99C9E507FBF}" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{DAA4B0E7-7B43-4871-BBB9-98D79D2FE08B}" |In - Domain - P17 - TRUE | .(...) -- C:\Program Files (x86)\Zune\Zune.exe (.not file.)
O87 - FAEL: "{40E7CC73-561B-421D-8B8F-05D555C3E4EA}" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{B637CD7C-4B35-41F0-B399-73E327AC82A3}" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "{B2251737-BA7C-46B1-9162-58213AF06F87}" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "TCP Query User{6C29D9CF-7E10-4171-9143-39EC0F7683CA}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\videolan\vlc\vlc.exe
O87 - FAEL: "UDP Query User{313516AA-A16C-40F2-8661-93EA01F85CB0}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\videolan\vlc\vlc.exe
O87 - FAEL: "{4898FDC2-5C5A-4053-B836-85B64C3F4E47}" | In - Public - P6 - TRUE | .(.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2013.) -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
O87 - FAEL: "{EA1055AE-5276-4FA6-AE97-2A3D7F232FD9}" | In - Public - P17 - TRUE | .(.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2013.) -- C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
O87 - FAEL: "{3E426F39-7165-4C25-8BC1-263915A92115}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.exe  =>.Microsoft Corporation
O87 - FAEL: "{8C1C73C8-DAAE-41D7-BA14-0CC2ADB5AB42}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.exe  =>.Microsoft Corporation
O87 - FAEL: "{F0DAA524-DE13-4A1A-B11C-74D85866E606}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Microsoft SharePoint Workspace.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.exe
O87 - FAEL: "{F22AD183-55BF-40AE-BCFB-A2EE64F1C0F5}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft SharePoint Workspace.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.exe
O87 - FAEL: "{80BCEB8A-3265-428D-9966-46AD21BD37DE}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.exe  =>.Microsoft Corporation
O87 - FAEL: "{FC4395C9-2F91-48FD-B892-CFC8F134CD71}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.exe  =>.Microsoft Corporation
O87 - FAEL: "{669A4D72-C203-4AC9-B5BF-A880A2CA7CFE}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files (x86)\Microsoft Office\Office14\outlook.exe
O87 - FAEL: "TCP Query User{DA89ACED-2C16-4203-9F3B-379C620C397E}H:\microsoft toolkit.exe" |In - Private - P6 - TRUE | .(...) -- H:\microsoft toolkit.exe (.not file.)
O87 - FAEL: "UDP Query User{47E72881-D8E6-46BC-A83F-C7B9D7839DB9}H:\microsoft toolkit.exe" |In - Private - P17 - TRUE | .(...) -- H:\microsoft toolkit.exe (.not file.)
O87 - FAEL: "TCP Query User{6EEC9803-BD34-48F1-89DA-BDE61A68CC33}C:\users\bill gates\documents\µtorrent\utorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\users\bill gates\documents\µtorrent\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "UDP Query User{0C6525C7-E3CE-4FE3-9C72-A5ABE30381C4}C:\users\bill gates\documents\µtorrent\utorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\users\bill gates\documents\µtorrent\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{6E57753A-C93F-42B4-992F-DFC68E845852}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Bill Gates\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{9BAB1F4A-666C-40B9-B8AD-F3368E802855}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Bill Gates\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{24C62ECF-D675-4B24-9DDC-6690201D8C51}" | In - None - P17 - TRUE | .(.Hewlett-Packard Company - HP Device Detection.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
~ Firewall: 338 Scanned in 00mn 08s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "0694AF70830BBE9498B1F95939A05A44" . (.HP Customer Experience Enhancements.) -- C:\Windows\Installer\{07FA4960-B038-49EB-891B-9F95930AA544}\ARPPRODUCTICON.exe
O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico
O90 - PUC: "07D55F07F5E719269442F267041FB9EF" . (.AMD Catalyst Install Manager.) -- C:\Windows\Installer\{70F55D70-7E5F-6291-4924-2F7640F19BFE}\ARPPRODUCTICON.exe
O90 - PUC: "0D57E1FBFA7EAEB4F9CB65F7C045DB9F" . (.HP Launch Box.) -- C:\Windows\Installer\{BF1E75D0-E7AF-4BEA-9FBC-567F0C54BDF9}\_853F67D554F05449430E7E.exe
O90 - PUC: "114202EE62C28E947948B11CBD7FED69" . (.HP Support Assistant.) -- C:\Windows\Installer\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\ARPPRODUCTICON.exe  =>.Hewlett-Packard Co
O90 - PUC: "11F12B5E3396B0E42AC597363E0CD711" . (.Windows Live Messenger.) -- C:\Windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe
O90 - PUC: "133F36CA64D8CB640AADB9D39F72DFA3" . (.Pro Evolution Soccer 6 DEMO.) -- C:\Windows\Installer\{AC63F331-8D46-46BC-A0DA-9B3DF927FD3A}\ARPPRODUCTICON.exe
O90 - PUC: "1689C8F4FCDD8EE479C8536B194C603B" . (.OpenOffice 4.0.0.) -- C:\Windows\Installer\{4F8C9861-DDCF-4EE8-978C-35B691C406B3}\soffice.ico
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon
O90 - PUC: "2C1A65825C073CE4FA7F5E5BE155032A" . (.HP Client Services.) -- C:\Windows\Installer\{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}\ARPPRODUCTICON.exe
O90 - PUC: "2E3FF4DF1A35A095FAFF166001B479FC" . (.Catalyst Control Center InstallProxy.) -- C:\Windows\Installer\{FD4FF3E2-53A1-590A-AFFF-6106104B97CF}\ARPPRODUCTICON.exe
O90 - PUC: "3128052F989958E40A8727EB849371FE" . (.Microsoft Games for Windows - LIVE Redistributable.) -- c:\Windows\Installer\{F2508213-9989-4E85-A078-72BE483917EF}\GameForWindowsLiveRedist.exe
O90 - PUC: "37739C399C76074A26FA984137722F13" . (.Catalyst Control Center Graphics Previews Common.) -- C:\Windows\Installer\{93C93773-67C9-A470-62AF-89147327F231}\ARPPRODUCTICON.exe
O90 - PUC: "3E2D8E8CA6FED1B40AE9B772BE2E3FEC" . (.RealDownloader.) -- C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\AddRemoveProgramsIcon
O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico  =>.Apple Inc
O90 - PUC: "46E5DCBD973784644944A85685CD6B41" . (.HP Recovery Manager.) -- C:\Windows\Installer\{DBCD5E64-7379-4648-9444-8A6558DCB614}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "4D3EA2BCD892E1A49989DE4EA77BE400" . (.Logiciel de base du périphérique HP Deskjet 1050 J410 series.) -- C:\Windows\Installer\{CB2AE3D4-298D-4A1E-9998-EDE47AB74E00}\ARP_Icon  =>.Hewlett-Packard Co
O90 - PUC: "58362A4CFBFA3B12686E64EC58C5327B" . (.Catalyst Control Center Profiles Mobile.) -- C:\Windows\Installer\{C4A26385-AFBF-21B3-86E6-46CE855C23B7}\ARPPRODUCTICON.exe
O90 - PUC: "68AB67CA7DA7FFFFB744AA0000000010" . (.Adobe Reader X (10.1.8) MUI.) -- C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico
O90 - PUC: "6EA3252C533FB0D4CB51C1704ECA6E92" . (.Pro Evolution Soccer 2013.) -- C:\Windows\Installer\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}\ARPPRODUCTICON.exe
O90 - PUC: "701043F6AA9F6C745BC43C1AF91155F3" . (.Hewlett-Packard ACLM.NET v1.2.1.1.) -- C:\Windows\Installer\{6F340107-F9AA-47C6-B54C-C3A19F11553F}\ARPPRODUCTICON.exe
O90 - PUC: "78B82B66083ACAF6B1208218A10227E0" . (.Catalyst Control Center Localization All.) -- C:\Windows\Installer\{66B28B87-A380-6FAC-1B02-28811A20720E}\ARPPRODUCTICON.exe
O90 - PUC: "7B65D4CC81F6B0747843BADC57CB4F1F" . (.HP Auto.) -- C:\Windows\Installer\{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}\ARPPRODUCTICON.exe
O90 - PUC: "7BBC47D9889CDBF43AB43A96CB63A64D" . (.HP Deskjet 1050 J410 series - Enquête sur l'amélioration du produit.) -- C:\Windows\Installer\{9D74CBB7-C988-4FBD-A34B-A369BC366AD4}\ARP_Icon
O90 - PUC: "7C43C21609E58D74B9C5F017D78D7262" . (.swMSM.) -- C:\Windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe
O90 - PUC: "7C87544E76644214B82C1116CB5A9487" . (.HP Power Manager.) -- C:\Windows\Installer\{E44578C7-4667-4124-8BC2-1161BCA54978}\_853F67D554F05449430E7E.exe
O90 - PUC: "82532580F2ABBB34783E52C28081279B" . (.Catalyst Control Center - Branding.) -- C:\Windows\Installer\{08523528-BA2F-43BB-87E3-252C081872B9}\ARPPRODUCTICON.exe
O90 - PUC: "883658EADAFA357418FD9DB6910D1AC7" . (.HP Setup Manager.) -- C:\Windows\Installer\{AE856388-AFAD-4753-81DF-D96B19D0A17C}\ARPPRODUCTICON.exe
O90 - PUC: "890A737E161FF6B4FA2268AA3EF4F6DB" . (.Pro Evolution Soccer 2012.) -- C:\Windows\Installer\{E737A098-F161-4B6F-AF22-86AAE34F6FBD}\ARPPRODUCTICON.exe
O90 - PUC: "8994BF104C33134458DE70E9E3FE7ED5" . (.YouCam.) -- C:\Windows\Installer\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\ARPPRODUCTICON.exe
O90 - PUC: "89A71B350FB5CB04AAFF58A0539757CA" . (.HP Quick Launch.) -- C:\Windows\Installer\{53B17A98-5BF0-40BC-AAFF-850A357975AC}\_853F67D554F05449430E7E.exe
O90 - PUC: "8D4D77630E5ECF948BE66045C10FB0EB" . (.opensource.) -- C:\Windows\Installer\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}\ARPPRODUCTICON.exe
O90 - PUC: "95731AF9B2C57714D9CD00838F5BEBDF" . (.Bing Bar.) -- C:\Windows\Installer\{9FA13759-5C2B-4177-9DDC-0038F8B5BEFD}\icon_installer_ico =>Toolbar.Bing
O90 - PUC: "994BC6CB92F914B4B8B8AF2784252565" . (.HP Documentation.) -- C:\Windows\Installer\{BC6CB499-9F29-4B41-8B8B-FA7248525256}\NotebookDocs.exe
O90 - PUC: "A96DB1DE3E70C814191F8D65855218FB" . (.HP On Screen Display.) -- C:\Windows\Installer\{ED1BD69A-07E3-418C-91F1-D856582581BF}\_853F67D554F05449430E7E.exe
O90 - PUC: "AF5A5D893AA1EBC42BC67A732EF0A8D6" . (.HP Software Framework.) -- C:\Windows\Installer\{98D5A5FA-1AA3-4CBE-B26C-A737E20F8A6D}\app_1.exe
O90 - PUC: "B846977CE014ABB47BB58551CBFE7ED1" . (.Safari.) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\Installer.ico
O90 - PUC: "C7030BC4E565144468EBD02F4EBF28C8" . (.Microsoft Games for Windows Marketplace.) -- c:\Windows\Installer\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}\GameForWindowsLiveDash.exe
O90 - PUC: "C953167FDEC9EA54A915D96650DC554C" . (.Evernote v. 4.2.3.) -- C:\Windows\Installer\{F761359C-9CED-45AE-9A51-9D6605CD55C4}\Evernote.ico
O90 - PUC: "CC10D83D8007F80570544049C79288AC" . (.ccc-utility64.) -- C:\Windows\Installer\{D38D01CC-7008-508F-0745-04947C2988CA}\ARPPRODUCTICON.exe
O90 - PUC: "D276F30548C6A844F8F8B43CA58C4314" . (.AMD APP SDK Runtime.) -- C:\Windows\Installer\{503F672D-6C84-448A-8F8F-4BC35AC83441}\ARPPRODUCTICON.exe
O90 - PUC: "D6D5014976DA164919EE5167F9ACD1F5" . (.Catalyst Control Center.) -- C:\Windows\Installer\{94105D6D-AD67-9461-91EE-15769FCA1D5F}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "DA2CF4BB21FD1EE4A87AC2A0625B2EBF" . (.HP QuickWeb.) -- C:\Windows\Installer\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}\ARPPRODUCTICON.exe
O90 - PUC: "E7FF67E4ABEA78C47B88DC745E24B5D9" . (.Skype™ 6.3.) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O90 - PUC: "EF80626515028844FB22C84E0C0364CA" . (.HP Security Assistant.) -- C:\Windows\Installer\{562608FE-2051-4488-BF22-8CE4C03046AC}\_853F67D554F05449430E7E.exe
O90 - PUC: "FA9D7E5F6F0603A4783EE49AD423C21E" . (.HP Setup.) -- C:\Windows\Installer\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}\ARPPRODUCTICON.exe
O90 - PUC: "FC8D09C5A21F6C140970B356A1F1D087" . (.HP Deskjet 1050 J410 series Aide.) -- C:\Windows\Installer\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}\ARP_Icon
~ Update Products: 207 Scanned in 00mn 01s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.A672E4C77ED7CCC851575B10B46CC8AD] [WIS][12/05/2012] (.IMinent - IMinent Toolbar.) -- C:\Windows\Installer\768306.msi   [1019392]  =>Adware.IMBooster
[MD5.C96789B27720247AE396EB1AD8E0B50C] [WIS][11/05/2012] (.D-Jix - D-Jix Media LE.) -- C:\Windows\Installer\7ea661.msi   [1487360]
[MD5.0B4FF20DAB0F2257138B37E3A89063AD] [WIS][09/08/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\cca9010.msi   [20586496]
~ WIS: 214 Scanned in 00mn 39s



---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 09/05/2013 65640 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 09/10/2013 257416 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 14/07/2009 27136 | c:\program files (x86)\common files\akamai\netsession_win_8fa3539.dll (Akamai) . (.Akamai Technologies, Inc..) - C:\Windows\System32\svchost.exe
SR - | Auto 18/08/2011 204288 |  (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 10/09/2013 84024 |  (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 10/09/2013 108088 |  (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SS - | Demand 01/08/2011 195320 |  (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe
SR - | Auto 20/07/2011 249648 |  (BBUpdate) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe
SR - | Auto 10/07/1658 0 |  (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe  =>.EasyBits Software AS
SS - | Demand 12/10/2010 206072 |  (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 05/07/2012 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 05/07/2012 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 27/09/2012 86528 |  (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe  =>.Hewlett-Packard Co
SR - | Auto 16/02/2011 682040 |  (HPAuto) . (.Hewlett-Packard.) - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
SR - | Auto 11/10/2010 346168 |  (HPClientSvc) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
SR - | Auto 06/09/2012 197536 |  (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
SR - | Demand 06/09/2012 1001376 |  (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SR - | Auto 05/03/2012 35200 |  (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
SS - | Auto 30/04/2011 13592 |  (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SS - | Auto 01/09/2011 2425960 |  (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SS - | Demand 14/11/2005 69632 |  (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
SR - | Auto 06/06/2012 149872 |  (InstallClick) . (...) - C:\Program Files (x86)\RIFT Technologies\InstallClick Connector\installclick.exe
SR - | Auto 01/02/2011 326168 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 04/04/2013 418376 |  (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 |  (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 07/07/2013 117144 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 10/07/1658 0 |  (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SR - | Auto 14/08/2013 39056 |  (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
SS - | Auto 01/03/2013 161384 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 08/09/2011 305152 |  (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe
SR - | Auto 01/02/2011 2656280 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Demand 10/07/1658 0 |  (X6va005) . (...) - C:\Users\BILLGA~1\AppData\Local\Temp\005B19E.tmp
~ Services:  Scanned in 00mn 45s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Bill Gates at 16/10/2013 22:09:13
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Bill Gates at 16/10/2013 22:09:15

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR:  Scanned in 00mn 02s



---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite  =>.DT Soft Ltd
~ Emulateurs:  Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 12948 - (16/10/2013)
Clés trouvées (Keys found) : 6
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 3

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}]   =>Toolbar.Bing^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9FA13759-5C2B-4177-9DDC-0038F8B5BEFD}]   =>Toolbar.Bing^
[HKLM\Software\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}]   =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS]   =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32]   =>Toolbar.Bing
[HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ESGIGUARD]   =>Crapware.SpyHunter
C:\Windows\AutoKMS\AutoKMS.exe   =>Trojan.Keygen^
[HKCU\Software\AppDataLow\Software\LyricsPal]   =>Adware.AddLyrics^
C:\Windows\Installer\768306.msi   =>Adware.IMBooster^
~ Additionnel Scan: 395753 Items scanned in 02mn 39s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27480243-adware-socialskinz   =>Adware.SocialSkinz
~ http://nicolascoolman.webs.com/apps/blog/show/31536787-toolbar-bing    =>Toolbar.Bing
~ http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics  =>Adware.AddLyrics
~ http://nicolascoolman.webs.com/apps/blog/show/26609241-crapware-spyhunter   =>Crapware.SpyHunter
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster  =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask   =>Toolbar.Ask
~ MSI: 6 link(s) detected in 02mn 40s



End of the scan (2661 lines in 22mn 28s)(0)