Rapport de ZHPDiag v2013.4.17.96 par Nicolas Coolman, Update du 17/04/2013
Run by litzenbourger at 18/04/2013 14:56:03
State : Version à jour.
WhiteList : Disable
High Elevated Privileges : OK
UAC : Deactivate by program


---\\ Web Browser
MSIE: Internet Explorer v10.0.9200.16540
GCIE: Google Chrome v25.0.1364.152

---\\ Windows Product Information
~ Langage: Français
Windows 8 Home Premium Edition, 64-bit  (Build 9200)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : Y4DHT
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Protection
avast! Free Antivirus v8.0.1483.0
Malwarebytes Anti-Malware version 1.75.0.1300
Norton Internet Security v20.2.1.22
Windows Defender W8

---\\ System Optimizer
CCleaner v4.00

---\\ Software Update
Adobe Flash Player 11 Plugin

---\\ System Information
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3909 MB (60% free)
System Restore: Activé (Enable)
System drive C: has 402 GB (90%) free of 446 GB

---\\ Logged in mode
~ Computer Name: DOMCRIMALISA
~ User Name: litzenbourger
~ All Users Names: litzenbourger, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\litzenbourger\AppData\Roaming\
~ %Desktop% : C:\Users\litzenbourger\Desktop\
~ %Favorites% : C:\Users\litzenbourger\Favorites\
~ %LocalAppData% : C:\Users\litzenbourger\AppData\Local\
~ %StartMenu% : C:\Users\litzenbourger\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 402 Go of 446 Go)
D:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center:  Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.E13A31D5254C25406A7946BDD9B06364] - (.Microsoft Corporation - Explorateur Windows.) (.11/10/2012 - 08:35:16.) -- C:\Windows\Explorer.exe [2380944]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.753C0848AE7872A3F59663078A517293] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/02/2013 - 11:15:07.) -- C:\Windows\System32\wininet.dll [2240512]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.36D6A3201721558A8AFBCC09C2DA4C2C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.06/11/2012 - 04:53:44.) -- C:\Windows\system32\Drivers\AFD.sys [560640]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.26/07/2012 - 05:57:09.) -- C:\Windows\system32\Drivers\volsnap.sys [332016]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/219
~ Mes musiques (My Musics) : 1/5
~ Mes Favoris (My Favorites) : 1/10
~ Mes Documents (My Documents) : 1/3
~ Mon Bureau (My Desktop) : 1/16
~ Menu demarrer (Programs) : 1/26
~ Hidden Files:  Scanned in 00mn 00s



---\\ Processus lancés
[MD5.1B38F4C2BCDB133B757E22BEB61FB3FC] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe   [1176176] [PID.1232]
[MD5.88AD973CBE5E3B37E0B2A44C7949DFD7] - (...) -- C:\Program Files (x86)\Accelerer PC\PCSUNotifier.exe   [188680] [PID.4636]
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe   [4767304] [PID.888]
[MD5.F0EA603E7B91046CA48EA4B3593A007D] - (.Micro Application - Pas de description.) -- C:\Program Files (x86)\Micro Application\LauncherMA.exe   [485376] [PID.3712]
[MD5.1502417B401F5206ADE73995571AE8CB] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [1274832] [PID.3900]
[MD5.8C37F5AC3666F09AEBDE0B79ACB96B95] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [6849024] [PID.5024]
~ Processes Running:  Scanned in 00mn 01s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\litzenbourger\AppData\Roaming\Mozilla\Firefox\Profiles\xhb8l9wj.default\prefs.js
M2 - MFEP: prefs.js [litzenbourger - xhb8l9wj.default\pluswinks@PlusWinks] [] Smiley Bar for Facebook v1.0.0.0 (..)
M2 - MFEP: prefs.js [litzenbourger - xhb8l9wj.default\SpecialSavings@SpecialSavings.com] [] SpecialSavings v2.0.0.1 (..)
M2 - MFEP: prefs.js [litzenbourger - xhb8l9wj.default\{377e5d4d-77e5-476a-8716-7e70a9272da0}] [] Search-Results Toolbar v1.2.0.0 (..)
M2 - MFEP: prefs.js [litzenbourger - xhb8l9wj.default\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] [] Wajam v1.26 (..)  =>Toolbar.Wajam
M2 - MFEP: prefs.js [litzenbourger - xhb8l9wj.default\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}] [WOT] WOT v20130402 (..)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll
~ Firefox Browser: 6 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 13 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) [64Bits] - {4723AAA8-B2F9-4CC1-9E60-190976DB1FA4} Clé orpheline
O2 - BHO: Happy Lyrics [64Bits] - {59C0C5BD-2579-433A-BBB8-AFFD59642BAF} . (.Happy Productions - Happy Lyrics.) -- C:\Program Files (x86)\HappyLyrics\hppylrc.dll
O2 - BHO: Norton Identity Protection [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection [64Bits] - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\IPS\IPSBHO.dll
O2 - BHO: avast! WebRep [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
~ BHO: 5 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 
O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.) 
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe 
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe 
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe 
O4 - HKCU\..\Run: [PCSpeedUp] . (...) -- C:\Program Files (x86)\Accelerer PC\PCSUNotifier.exe 
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files (x86)\MSN Messenger\MsnMsgr.exe (.not file.) 
O4 - HKCU\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe 
O4 - HKLM\..\Wow6432Node\Run: [LManager] Clé orpheline 
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe 
O4 - HKUS\S-1-5-21-4105170967-1408492940-2512939263-1001\..\Run: [PCSpeedUp] . (...) -- C:\Program Files (x86)\Accelerer PC\PCSUNotifier.exe 
O4 - HKUS\S-1-5-21-4105170967-1408492940-2512939263-1001\..\Run: [MsnMsgr] ~"C:\Program Files (x86)\MSN Messenger\MsnMsgr.exe (.not file.) 
O4 - HKUS\S-1-5-21-4105170967-1408492940-2512939263-1001\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe 
~ Application:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop: Continue Video Performer installation.lnk . (...)  -- C:\Users\litzenbourger\AppData\Local\Temp\Video Performer63862.exe
O4 - GS\Desktop: firefox - Raccourci.lnk . (...)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (.not file.)
O4 - GS\Desktop: Google Drive.lnk . (...)  -- C:\Users\litzenbourger\Google Drive 
O4 - GS\Desktop: PhotoFiltre.lnk . (.Antonio Da Cruz - PhotoFiltre.)  -- C:\Program Files (x86)\PhotoFiltre\PhotoFiltre.exe 
O4 - GS\Desktop: RecentPlaces.lnk - Clé orpheline
~ Global Startup:  Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D62CFDD5-A6DC-460C-927A-66E54E57C51C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{FBE6AF66-71CD-476E-9235-BD376BCF340A}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{D62CFDD5-A6DC-460C-927A-66E54E57C51C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{FBE6AF66-71CD-476E-9235-BD376BCF340A}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) . (.Dritek System Inc. - Dritek WMI Service.) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: Elan Service (ETDService) . (.ELAN Microelectronics Corp. - Elan Service.) - C:\Program Files\Elantech\ETDService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service In (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service:  (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service:  (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service:  (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Norton Internet Security (NIS) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe
O23 - Service: PC Speed Up Service (PCSUService) . (...) - C:\Program Files (x86)\Accelerer PC\PCSUService.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) . (.Dritek System INC. - RfBtnSvc Application.) - C:\Windows\RfBtnSvc64.exe
O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
~ Services: 14 Scanned in 00mn 22s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 1 Scanned in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Adobe Flash Player Updater.job   [1002]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job   [1104]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1108]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Happy Lyrics Update.job   [430]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\PC Performer_UPDATES.job   [326]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\PC SpeedUp Service Deactivator.job   [386]
[MD5.EA856F4A46320389D1899B2CAA7BF40F] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe   [253656]
[MD5.97D186CEEDDBBE013AF9309CF778AEEC] [APT] [ALU] (...) -- C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe   [3331216]
[MD5.BD0BA490E0300E859DB99DA3AB024371] [APT] [ALUAgent] (...) -- C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe   [39568]
[MD5.AB3C4A3667AEAD147F175721D8719B78] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe   [250248]
[MD5.A9DA5B43CF597F83B1EB441968E24891] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe   [3497240]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [116648]
[MD5.5D3D29F26514B2EC7C16226A2909823B] [APT] [Happy Lyrics Update] (.Happy Productions.) -- C:\Program Files (x86)\HappyLyrics\HLUpdater.exe   [115200]
[MD5.255236F43012C430B99D78BCA59C9593] [APT] [Norton WSC Integration] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\WSCStub.exe   [163432]
[MD5.EB29B863B5F4FE6FDA0E01784709647E] [APT] [PC Performer] (.PerformerSoft LLC.) -- C:\Program Files (x86)\PC Performer\PCPerformer.exe   [7343792]
[MD5.EB29B863B5F4FE6FDA0E01784709647E] [APT] [PC Performer_UPDATES] (.PerformerSoft LLC.) -- C:\Program Files (x86)\PC Performer\PCPerformer.exe   [7343792]
[MD5.7F64208A1645518702A69494C6AAD7F4] [APT] [PC SpeedUp Service Deactivator] (...) -- C:\Program Files (x86)\Accelerer PC\PCSUSD.exe   [402184]
[MD5.5659ADFFA101D3AC0C62CED889991357] [APT] [Power Management] (.Acer Incorporated.) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe   [5294736]
[MD5.92B476DD52794881A4B91A5529C2706B] [APT] [{40627B28-BFD9-4807-A16D-F4EA805DE73C}] (...) -- C:\Program Files\AVAST Software\Avast\aswRundll.exe   [107568]
[MD5.00000000000000000000000000000000] [APT] [{AD5BEC3E-5D92-4AF0-BB65-3EBCE4A2E78D}] (...) -- D:\bsandwb\BSandWBdownloader.exe (.not file.)   [0]
[MD5.C82886A0C88DA48CF36DC2B9CA701E11] [APT] [Norton Error Analyzer] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\SymErr.exe   [53656]
[MD5.C82886A0C88DA48CF36DC2B9CA701E11] [APT] [Norton Error Processor] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\SymErr.exe   [53656]
~ Scheduled Task: 27 Scanned in 00mn 07s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\Drivers\aswrdr2.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Drivers: 36 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Accelerer PC - Désinstallation complète - (.Speedchecker Limited.) [HKLM][64Bits] -- PCSU-SL_is1
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Big Fish Games: Game Manager - (...) [HKLM][64Bits] -- BFGC
O42 - Logiciel: Broadcom Card Reader Driver Installer - (.Broadcom Corporation.) [HKLM][64Bits] -- {F0A7DF2F-0BE0-470F-B137-D7A19F977189}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: CyberLink PowerDVD 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: CyberLink PowerDVD 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: ETDWare PS/2-X64 11.6.11.002_WHQL - (.ELAN Microelectronic Corp..) [HKLM][64Bits] -- Elantech
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {7A21C722-F259-4976-B7AA-6658E5FDEDAF}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Happy Lyrics - (.Happy Productions.) [HKLM][64Bits] -- happylyrics@hpyproductions.net
O42 - Logiciel: Identity Card - (.Packard Bell.) [HKLM][64Bits] -- {3D9CB654-99AD-4301-89C6-0D12A790767C}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
O42 - Logiciel: Jewel Quest 5 - (...) [HKLM][64Bits] -- {AF418C48-8C2D-4673-A6C9-C6CD2E187A70}
O42 - Logiciel: Launch Manager - (.Packard Bell.) [HKLM][64Bits] -- LManager
O42 - Logiciel: LauncherMA - (.Micro Application.) [HKLM][64Bits] -- {C06EFB22-B5DB-46C5-9215-BCB5C19C0858}
O42 - Logiciel: Live Updater - (.Packard Bell.) [HKLM][64Bits] -- {EE26E302-876A-48D9-9058-3129E5B99999}
O42 - Logiciel: Lollipop - (.Lollipop Network, S.L..) [HKCU][64Bits] -- yddis  =>Adware.Lollipop
O42 - Logiciel: MSN Messenger 7.0 - (.Microsoft Corporation.) [HKLM][64Bits] -- {ABEB838C-A1A7-4C5D-B7E1-8B4314600820}
O42 - Logiciel: MSN Toolbar - (...) [HKLM][64Bits] -- MSN Toolbar
O42 - Logiciel: Mah Jong Quest II (nur deinstallation) - (...) [HKLM][64Bits] -- Mah Jong Quest II
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Nero 12 Essentials OEM.a01 - (.Nero AG.) [HKLM][64Bits] -- {9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}
O42 - Logiciel: Nero BackItUp - (.Nero AG.) [HKLM][64Bits] -- {E70B2F2C-94D1-4287-B5B0-CBBE618E2652}
O42 - Logiciel: Nero BackItUp 12 Essentials OEM.a01 - (.Nero AG.) [HKLM][64Bits] -- {B2B0EC73-AD4A-4716-A3DE-CEA8440B309B}
O42 - Logiciel: Nero BackItUp Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {EF0D1292-8FC1-41BE-9740-DBC134F66415}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {ABC88553-8770-4B97-B43E-5A90647A5B63}
O42 - Logiciel: Nero ControlCenter Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {C994C746-C6D0-4EBA-B09E-DF7B18381B69}
O42 - Logiciel: Nero Core Components - (.Nero AG.) [HKLM][64Bits] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263}
O42 - Logiciel: Nero Express - (.Nero AG.) [HKLM][64Bits] -- {848A7C68-0ADC-4193-8A89-2CEA78E56A0C}
O42 - Logiciel: Nero Express Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {0708FF30-78C0-47B0-81F0-C84604DC769C}
O42 - Logiciel: Nero Launcher - (.Nero AG.) [HKLM][64Bits] -- {0E4630AF-0AB7-440E-A978-1A78FC4F43B9}
O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM][64Bits] -- {A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}
O42 - Logiciel: Nero RescueAgent Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {0B311221-05A5-4766-8D03-7A6446794156}
O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM][64Bits] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM][64Bits] -- NIS
O42 - Logiciel: Packard Bell Device Fast-lane - (.Packard Bell.) [HKLM][64Bits] -- {3F62D2FD-13C1-49A2-8B5D-47623D9460D7}
O42 - Logiciel: Packard Bell Power Management - (.Packard Bell.) [HKLM][64Bits] -- {91F52DE4-B789-42B0-9311-A349F10E5479}
O42 - Logiciel: Packard Bell Recovery Management - (.Packard Bell.) [HKLM][64Bits] -- {07F2005A-8CAC-4A4B-83A2-DA98A722CA61}
O42 - Logiciel: PhotoFiltre - (...) [HKCU][64Bits] -- PhotoFiltre
O42 - Logiciel: Plantes contre Zombies - (...) [HKLM][64Bits] -- BFG-Plantes contre Zombies
O42 - Logiciel: REALTEK Wireless LAN Driver - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- {9D3D8C60-A55F-4123-B2B9-173F09590E16}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Snap.Do - (.ReSoft Ltd..) [HKLM][64Bits] -- {E6F38543-1C14-445C-BF30-467A23EE1091}  =>Hijacker.SmartBar
O42 - Logiciel: Snap.Do Engine - (.ReSoft Ltd..) [HKCU][64Bits] -- {f5dcede3-6ae2-4f1f-9ce6-1e707a7dd65d}  =>Hijacker.SmartBar
O42 - Logiciel: avast! Free Antivirus v8.0.1483.0 - (.AVAST Software.) [HKLM][64Bits] -- avast
O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM][64Bits] -- {A694AF57-9891-4D62-824C-7E55A1361A14}
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKLM][64Bits] -- uTorrent
~ Logic: 100 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\7Wonders Vista_16]
[HKCU\Software\AppDataLow\Software\HappyLyrics]
[HKCU\Software\AppDataLow]
[HKCU\Software\Avast Software]
[HKCU\Software\Big Fish Games]
[HKCU\Software\BigFish]
[HKCU\Software\BitTorrent]
[HKCU\Software\Brother]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Dritek]
[HKCU\Software\Elantech]
[HKCU\Software\FileScout]
[HKCU\Software\Google]
[HKCU\Software\Intel]
[HKCU\Software\Licenses]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\OEM]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SYNCJM]
[HKCU\Software\Symantec]
[HKCU\Software\Systweak]
[HKCU\Software\WildTangent]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cyberlink]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SonicFocus]
[HKLM\Software\Speedchecker Limited]
[HKLM\Software\Symantec]
[HKLM\Software\Volatile]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\1 Jeu par jour]
[HKLM\Software\Wow6432Node\7 Wonders of the Ancient World]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Big Fish Games]
[HKLM\Software\Wow6432Node\Brother]
[HKLM\Software\Wow6432Node\Bunndle]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\Dritek]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MediaCenterPaths]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\Norton]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\PopCap]
[HKLM\Software\Wow6432Node\Reallusion]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Systweak]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\iWin.com Games]
[HKLM\Software\Wow6432Node\iWinArcade]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Key Software: 151 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 09/03/2013 - 22:50:13 - [370,699] ----D C:\Program Files (x86)\1 Jeu par jour
O43 - CFD: 22/03/2013 - 14:07:08 - [3,392] ----D C:\Program Files (x86)\Accelerer PC
O43 - CFD: 06/04/2013 - 21:16:46 - [22,762] ----D C:\Program Files (x86)\bfgclient
O43 - CFD: 30/03/2013 - 21:29:06 - [63,586] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 08/09/2012 - 00:20:52 - [189,845] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 22/03/2013 - 14:06:53 - [0,277] ----D C:\Program Files (x86)\Driver Performer
O43 - CFD: 22/03/2013 - 14:06:52 - [1,161] ----D C:\Program Files (x86)\ffdshow
O43 - CFD: 22/03/2013 - 13:43:57 - [316,110] ----D C:\Program Files (x86)\Google
O43 - CFD: 12/03/2013 - 15:55:14 - [0,364] ----D C:\Program Files (x86)\HappyLyrics
O43 - CFD: 09/03/2013 - 22:50:13 - [48,771] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 16/04/2013 - 03:57:39 - [169,249] ----D C:\Program Files (x86)\Intel
O43 - CFD: 13/04/2013 - 19:05:49 - [4,621] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 12/03/2013 - 18:14:51 - [57,220] ----D C:\Program Files (x86)\iWin.com Games
O43 - CFD: 08/09/2012 - 00:15:09 - [27,936] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 13/04/2013 - 18:11:54 - [13,376] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 09/03/2013 - 22:49:16 - [0,463] ----D C:\Program Files (x86)\Micro Application
O43 - CFD: 22/03/2013 - 14:06:34 - [0,007] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 07/03/2013 - 23:09:57 - [0,023] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 13/03/2013 - 21:56:58 - [0,210] ----D C:\Program Files (x86)\mixidj
O43 - CFD: 03/08/2012 - 13:16:11 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 22/03/2013 - 14:07:13 - [11,164] ----D C:\Program Files (x86)\MSN Messenger
O43 - CFD: 22/03/2013 - 14:07:13 - [0,425] ----D C:\Program Files (x86)\MSN Toolbar
O43 - CFD: 03/08/2012 - 13:26:03 - [318,436] ----D C:\Program Files (x86)\Nero
O43 - CFD: 22/03/2013 - 14:18:23 - [111,731] ----D C:\Program Files (x86)\Norton Internet Security
O43 - CFD: 22/03/2013 - 14:07:49 - [10,918] ----D C:\Program Files (x86)\NortonInstaller
O43 - CFD: 05/01/2013 - 19:43:53 - [0,105] ----D C:\Program Files (x86)\OEM
O43 - CFD: 22/03/2013 - 14:06:34 - [0,013] ----D C:\Program Files (x86)\OnlineVault
O43 - CFD: 18/03/2013 - 20:56:32 - [100,327] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 03/08/2012 - 13:25:01 - [5,216] ----D C:\Program Files (x86)\Packard Bell
O43 - CFD: 23/03/2013 - 14:51:01 - [11,876] ----D C:\Program Files (x86)\PC Performer
O43 - CFD: 22/03/2013 - 14:06:12 - [0,098] ----D C:\Program Files (x86)\PC Speed Maximizer
O43 - CFD: 28/01/2013 - 16:03:45 - [3,526] ----D C:\Program Files (x86)\PhotoFiltre
O43 - CFD: 06/04/2013 - 21:21:53 - [44,661] ----D C:\Program Files (x86)\Plantes contre Zombies
O43 - CFD: 08/03/2013 - 15:43:46 - [3,142] ----D C:\Program Files (x86)\PopCap Games
O43 - CFD: 08/09/2012 - 00:09:48 - [3,219] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 08/09/2012 - 00:18:41 - [3,662] ----D C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver
O43 - CFD: 03/08/2012 - 13:16:11 - [36,536] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 03/08/2012 - 13:28:44 - [2,444] ----D C:\Program Files (x86)\SymSilent
O43 - CFD: 08/09/2012 - 00:10:08 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 22/03/2013 - 14:06:06 - [0,014] ----D C:\Program Files (x86)\Tiger Savings
O43 - CFD: 22/03/2013 - 14:06:06 - [38,395] ----D C:\Program Files (x86)\TuneUp Utilities 2013
O43 - CFD: 31/03/2013 - 18:55:25 - [0,951] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 08/09/2012 - 09:55:55 - [5,466] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 13/01/2013 - 06:25:49 - [3,494] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 26/07/2012 - 10:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 26/07/2012 - 10:12:59 - [7,243] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 08/09/2012 - 09:55:55 - [5,226] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 26/07/2012 - 10:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/07/2012 - 10:12:59 - [0] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 18/04/2013 - 14:56:10 - [21,588] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 08/09/2012 - 00:09:46 - [3,518] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 08/09/2012 - 00:03:22 - [0] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 30/03/2013 - 21:16:51 - [29,572] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 03/08/2012 - 13:25:45 - [20,044] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 08/09/2012 - 00:13:30 - [0,185] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 26/07/2012 - 10:13:01 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 22/03/2013 - 14:07:09 - [0,595] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 07/03/2013 - 23:06:08 - [9,670] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 29/01/2013 - 09:06:55 - [0] ----D C:\ProgramData\Adobe
O43 - CFD: 26/07/2012 - 09:22:08 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 30/03/2013 - 21:16:22 - [1935,475] ----D C:\ProgramData\AVAST Software
O43 - CFD: 06/04/2013 - 21:16:42 - [46,413] ----D C:\ProgramData\Big Fish Games
O43 - CFD: 22/01/2013 - 23:09:02 - [0,019] ----D C:\ProgramData\Brother
O43 - CFD: 05/01/2013 - 19:34:42 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 08/09/2012 - 00:22:12 - [0,000] ----D C:\ProgramData\CLSK
O43 - CFD: 17/03/2013 - 13:37:03 - [0,000] --H-D C:\ProgramData\Common Files
O43 - CFD: 22/03/2013 - 13:59:18 - [0] ----D C:\ProgramData\Datamngr  =>PUP.Datamngr
O43 - CFD: 26/07/2012 - 09:22:08 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 26/07/2012 - 09:22:08 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 08/09/2012 - 00:13:47 - [0,164] ----D C:\ProgramData\Intel
O43 - CFD: 30/03/2013 - 22:22:18 - [15,956] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 29/01/2013 - 09:06:51 - [0] ----D C:\ProgramData\McAfee
O43 - CFD: 05/01/2013 - 19:34:42 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 09/03/2013 - 22:48:37 - [0,000] ----D C:\ProgramData\Micro Application
O43 - CFD: 07/03/2013 - 23:09:06 - [228,580] -S--D C:\ProgramData\Microsoft
O43 - CFD: 07/03/2013 - 23:13:34 - [0,000] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 05/01/2013 - 19:34:42 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 07/01/2013 - 22:06:39 - [0,019] ----D C:\ProgramData\Mozilla
O43 - CFD: 03/08/2012 - 13:26:19 - [2,353] ----D C:\ProgramData\Nero
O43 - CFD: 22/03/2013 - 14:15:26 - [22,787] ----D C:\ProgramData\Norton
O43 - CFD: 05/03/2013 - 04:24:14 - [39,771] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 05/01/2013 - 19:43:37 - [0,002] ----D C:\ProgramData\OEM
O43 - CFD: 03/08/2012 - 13:25:02 - [617,904] ----D C:\ProgramData\Packard Bell
O43 - CFD: 08/03/2013 - 15:43:49 - [0] ----D C:\ProgramData\PopCap Games
O43 - CFD: 08/01/2013 - 00:19:43 - [0,038] ----D C:\ProgramData\PRICache
O43 - CFD: 26/07/2012 - 09:52:44 - [0,001] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 26/07/2012 - 09:22:08 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 16/04/2013 - 05:09:00 - [0,356] ---AD C:\ProgramData\Temp
O43 - CFD: 26/07/2012 - 09:22:08 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 17/03/2013 - 13:37:19 - [4,671] ----D C:\ProgramData\TuneUp Software
O43 - CFD: 06/01/2013 - 02:32:25 - [30,829] ----D C:\ProgramData\Wild Tangent
O43 - CFD: 05/03/2013 - 04:33:08 - [0,521] ----D C:\ProgramData\WildTangent
O43 - CFD: 18/03/2013 - 16:53:31 - [0] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 05/01/2013 - 19:43:36 - [2,637] ----D C:\Users\litzenbourger\AppData\Roaming\Adobe
O43 - CFD: 28/01/2013 - 21:23:21 - [0] R---D C:\Users\litzenbourger\AppData\Roaming\Brother
O43 - CFD: 13/03/2013 - 21:56:57 - [0,014] ----D C:\Users\litzenbourger\AppData\Roaming\CRMixiDJTB
O43 - CFD: 22/03/2013 - 13:56:29 - [0] ----D C:\Users\litzenbourger\AppData\Roaming\HoolappForAndroid
O43 - CFD: 07/01/2013 - 02:08:11 - [0] ----D C:\Users\litzenbourger\AppData\Roaming\Identities
O43 - CFD: 05/01/2013 - 19:42:56 - [0,271] ----D C:\Users\litzenbourger\AppData\Roaming\lm
O43 - CFD: 06/01/2013 - 00:06:25 - [0,001] ----D C:\Users\litzenbourger\AppData\Roaming\Macromedia
O43 - CFD: 30/03/2013 - 22:22:32 - [0,006] ----D C:\Users\litzenbourger\AppData\Roaming\Malwarebytes
O43 - CFD: 17/04/2013 - 16:34:42 - [11,674] -S--D C:\Users\litzenbourger\AppData\Roaming\Microsoft
O43 - CFD: 07/01/2013 - 22:07:34 - [25,446] ----D C:\Users\litzenbourger\AppData\Roaming\Mozilla
O43 - CFD: 03/03/2013 - 01:59:52 - [0,001] ----D C:\Users\litzenbourger\AppData\Roaming\Mud Puddle Games
O43 - CFD: 22/03/2013 - 13:56:20 - [0,211] ----D C:\Users\litzenbourger\AppData\Roaming\OnlineVault
O43 - CFD: 28/01/2013 - 16:06:07 - [12,672] ----D C:\Users\litzenbourger\AppData\Roaming\OpenOffice.org
O43 - CFD: 14/03/2013 - 22:24:33 - [0] ----D C:\Users\litzenbourger\AppData\Roaming\PC Speed Maximizer
O43 - CFD: 22/03/2013 - 14:17:35 - [0,001] ----D C:\Users\litzenbourger\AppData\Roaming\PhotoFiltre
O43 - CFD: 23/03/2013 - 14:50:33 - [0,056] ----D C:\Users\litzenbourger\AppData\Roaming\PlusWinks
O43 - CFD: 28/01/2013 - 20:03:48 - [0,000] ----D C:\Users\litzenbourger\AppData\Roaming\Reallusion
O43 - CFD: 04/03/2013 - 15:57:38 - [0,020] ----D C:\Users\litzenbourger\AppData\Roaming\Realore_Whiterra Roads Of Rome 3
O43 - CFD: 05/03/2013 - 04:31:48 - [0] ----D C:\Users\litzenbourger\AppData\Roaming\Systweak
O43 - CFD: 17/03/2013 - 13:37:19 - [0,053] ----D C:\Users\litzenbourger\AppData\Roaming\TuneUp Software
O43 - CFD: 31/03/2013 - 03:10:28 - [2,534] ----D C:\Users\litzenbourger\AppData\Roaming\uTorrent
O43 - CFD: 05/03/2013 - 04:33:08 - [0,001] ----D C:\Users\litzenbourger\AppData\Roaming\WildTangent
O43 - CFD: 13/01/2013 - 01:11:59 - [78,507] ----D C:\Users\litzenbourger\AppData\Local\7Wonders Vista
O43 - CFD: 05/01/2013 - 19:42:00 - [0] ----D C:\Users\litzenbourger\AppData\Local\Application Data
O43 - CFD: 09/04/2013 - 07:12:48 - [4,212] ----D C:\Users\litzenbourger\AppData\Local\CrashDumps
O43 - CFD: 17/03/2013 - 13:35:03 - [2,556] ----D C:\Users\litzenbourger\AppData\Local\CRE
O43 - CFD: 16/04/2013 - 03:52:29 - [0,769] ----D C:\Users\litzenbourger\AppData\Local\Diagnostics
O43 - CFD: 18/03/2013 - 16:53:31 - [0] ----D C:\Users\litzenbourger\AppData\Local\Downloaded Installations
O43 - CFD: 16/04/2013 - 03:52:31 - [0,061] ----D C:\Users\litzenbourger\AppData\Local\ElevatedDiagnostics
O43 - CFD: 22/03/2013 - 13:49:36 - [513,827] ----D C:\Users\litzenbourger\AppData\Local\Google
O43 - CFD: 05/01/2013 - 19:42:00 - [0] ----D C:\Users\litzenbourger\AppData\Local\Historique
O43 - CFD: 29/01/2013 - 09:07:51 - [0] ----D C:\Users\litzenbourger\AppData\Local\Macromedia
O43 - CFD: 22/03/2013 - 13:49:41 - [216,043] ----D C:\Users\litzenbourger\AppData\Local\Microsoft
O43 - CFD: 16/01/2013 - 21:51:23 - [0] ----D C:\Users\litzenbourger\AppData\Local\Microsoft Help
O43 - CFD: 07/01/2013 - 22:06:47 - [15,356] ----D C:\Users\litzenbourger\AppData\Local\Mozilla
O43 - CFD: 22/03/2013 - 13:52:16 - [228,802] ----D C:\Users\litzenbourger\AppData\Local\Packages
O43 - CFD: 12/03/2013 - 15:55:16 - [0] ----D C:\Users\litzenbourger\AppData\Local\Programs
O43 - CFD: 18/04/2013 - 14:55:12 - [49,304] ----D C:\Users\litzenbourger\AppData\Local\Temp
O43 - CFD: 05/01/2013 - 19:42:00 - [0] ----D C:\Users\litzenbourger\AppData\Local\Temporary Internet Files
O43 - CFD: 13/03/2013 - 21:05:24 - [0,014] ----D C:\Users\litzenbourger\AppData\Local\Tiger Savings
O43 - CFD: 18/03/2013 - 17:58:17 - [0,111] ----D C:\Users\litzenbourger\AppData\Local\VirtualStore
O43 - CFD: 07/01/2013 - 04:36:56 - [62,195] ----D C:\Users\litzenbourger\AppData\Local\Wild Tangent
O43 - CFD: 26/07/2012 - 10:13:00 - [0,004] R---D C:\Users\litzenbourger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/07/2012 - 10:13:00 - [0,001] R---D C:\Users\litzenbourger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 16/04/2013 - 04:01:48 - [0,000] R---D C:\Users\litzenbourger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 16/01/2013 - 22:13:32 - [0] ----D C:\Users\litzenbourger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 15/03/2013 - 10:12:56 - [0] ----D C:\Users\litzenbourger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
O43 - CFD: 22/03/2013 - 13:56:28 - [0] ----D C:\Users\litzenbourger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hoolapp for Android
O43 - CFD: 26/07/2012 - 10:13:00 - [0,000] ----D C:\Users\litzenbourger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 24/01/2013 - 02:50:23 - [0,001] ----D C:\Users\litzenbourger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
O43 - CFD: 28/01/2013 - 16:03:45 - [0] ----D C:\Users\litzenbourger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre
O43 - CFD: 06/04/2013 - 21:21:40 - [0,004] ----D C:\Users\litzenbourger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plantes contre Zombies
O43 - CFD: 16/04/2013 - 04:01:48 - [0,002] R---D C:\Users\litzenbourger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/07/2012 - 10:13:00 - [0,005] R---D C:\Users\litzenbourger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
~ Program Folder: 147 Scanned in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.FD2E6B050F12D4E29923BCF9335C5603] - 18/04/2013 - 13:56:34 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1373660]
O44 - LFC:[MD5.634F880CA03AA9C669C40F1E9DB4D312] - 17/04/2013 - 15:53:48 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat   [132614]
O44 - LFC:[MD5.2F5E18316BDA23B09A76A5F093C9E6C7] - 17/04/2013 - 15:53:48 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat   [155650]
O44 - LFC:[MD5.3751F9E3E20CD47AB029FEFEA2331BCE] - 17/04/2013 - 15:53:48 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat   [710244]
O44 - LFC:[MD5.F6EE9B5E0A347C50386E7C13DA6A80DE] - 17/04/2013 - 15:53:48 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat   [800978]
O44 - LFC:[MD5.634F880CA03AA9C669C40F1E9DB4D312] - 17/04/2013 - 15:53:48 RSHAD . (...) -- C:\Windows\System32\perfc009.dat   [132614]
O44 - LFC:[MD5.2F5E18316BDA23B09A76A5F093C9E6C7] - 17/04/2013 - 15:53:48 RSHAD . (...) -- C:\Windows\System32\perfc00C.dat   [155650]
O44 - LFC:[MD5.3751F9E3E20CD47AB029FEFEA2331BCE] - 17/04/2013 - 15:53:48 RSHAD . (...) -- C:\Windows\System32\perfh009.dat   [710244]
O44 - LFC:[MD5.F6EE9B5E0A347C50386E7C13DA6A80DE] - 17/04/2013 - 15:53:48 RSHAD . (...) -- C:\Windows\System32\perfh00C.dat   [800978]
O44 - LFC:[MD5.7F951215DBC953DAA9E41859332D8F0F] - 17/04/2013 - 15:53:47 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI   [1793362]
O44 - LFC:[MD5.7F951215DBC953DAA9E41859332D8F0F] - 17/04/2013 - 15:53:47 RSHAD . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1793362]
O44 - LFC:[MD5.DF1C4761BA072FD7280ADA94FA484439] - 16/04/2013 - 03:01:46 ---A- . (...) -- C:\Windows\SysNative\results.xml   [15820]
O44 - LFC:[MD5.DF1C4761BA072FD7280ADA94FA484439] - 16/04/2013 - 03:01:46 RSHAD . (...) -- C:\Windows\System32\results.xml   [15820]
O44 - LFC:[MD5.E997A39FD83EC81210229D25FCD15FF2] - 16/04/2013 - 02:58:40 ---A- . (...) -- C:\Windows\DPINST.LOG   [4892]
O44 - LFC:[MD5.BA574700B3E568CBEEC1B25533676E3E] - 16/04/2013 - 02:57:37 ---A- . (...) -- C:\Windows\setupact.log   [812]
O44 - LFC:[MD5.4E8D5177B439872F7AE6DAB7B6859B6B] - 16/04/2013 - 02:55:50 RSHAD . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys   [328592]
O44 - LFC:[MD5.C6740C5787BE0AA0EF73C798B05E77DB] - 16/04/2013 - 02:50:12 ---A- . (...) -- C:\Windows\SysNative\iglhxs64.vp   [17058]
O44 - LFC:[MD5.9D808AF03F2128D06F105DB3B2111492] - 16/04/2013 - 02:50:12 ---A- . (.Intel Corporation - Intel(R) Graphics Media Accelerator Driver.) -- C:\Windows\SysNative\igfxCoIn_v2867.dll   [116224]
O44 - LFC:[MD5.C29BBD921B6A33153C9F0CB7934E9DE3] - 16/04/2013 - 02:50:12 ---A- . (.Intel Corporation - igfxTMM Module.) -- C:\Windows\SysNative\igfxTMM.dll   [410624]
O44 - LFC:[MD5.483BAA4246B80BDE1EA562C618BBA4A1] - 16/04/2013 - 02:50:12 ---A- . (.Intel Corporation - igfxTray Module.) -- C:\Windows\SysNative\igfxtray.exe   [171040]
O44 - LFC:[MD5.B9CE485FC3BE2936F0C0D9F79F0A6BFB] - 16/04/2013 - 02:50:12 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrtha.lrc   [437248]
O44 - LFC:[MD5.D756CE7EA935949DE55E450F54E33F08] - 16/04/2013 - 02:50:12 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrtrk.lrc   [437760]
O44 - LFC:[MD5.4BC67DC2BB58DC6E2A6BCB9B4450B0B8] - 16/04/2013 - 02:50:12 ---A- . (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\SysNative\igfxsrvc.dll   [63488]
O44 - LFC:[MD5.FF3FC4BE04D01830799605B6F7B55DB0] - 16/04/2013 - 02:50:12 ---A- . (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\SysNative\igfxsrvc.exe   [509984]
O44 - LFC:[MD5.C6740C5787BE0AA0EF73C798B05E77DB] - 16/04/2013 - 02:50:12 RSHAD . (...) -- C:\Windows\System32\iglhxs64.vp   [17058]
O44 - LFC:[MD5.9D808AF03F2128D06F105DB3B2111492] - 16/04/2013 - 02:50:12 RSHAD . (.Intel Corporation - Intel(R) Graphics Media Accelerator Driver.) -- C:\Windows\System32\igfxCoIn_v2867.dll   [116224]
O44 - LFC:[MD5.C29BBD921B6A33153C9F0CB7934E9DE3] - 16/04/2013 - 02:50:12 RSHAD . (.Intel Corporation - igfxTMM Module.) -- C:\Windows\System32\igfxTMM.dll   [410624]
O44 - LFC:[MD5.483BAA4246B80BDE1EA562C618BBA4A1] - 16/04/2013 - 02:50:12 RSHAD . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe   [171040]
O44 - LFC:[MD5.B9CE485FC3BE2936F0C0D9F79F0A6BFB] - 16/04/2013 - 02:50:12 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrtha.lrc   [437248]
O44 - LFC:[MD5.D756CE7EA935949DE55E450F54E33F08] - 16/04/2013 - 02:50:12 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrtrk.lrc   [437760]
O44 - LFC:[MD5.4BC67DC2BB58DC6E2A6BCB9B4450B0B8] - 16/04/2013 - 02:50:12 RSHAD . (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\System32\igfxsrvc.dll   [63488]
O44 - LFC:[MD5.FF3FC4BE04D01830799605B6F7B55DB0] - 16/04/2013 - 02:50:12 RSHAD . (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\System32\igfxsrvc.exe   [509984]
O44 - LFC:[MD5.4EF23173A4A8696498CC3ECD5224D95B] - 16/04/2013 - 02:50:11 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrfin.lrc   [438272]
O44 - LFC:[MD5.762848AE5EADE9A86CBD40F65CDCCBE3] - 16/04/2013 - 02:50:11 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrfra.lrc   [439808]
O44 - LFC:[MD5.5FBA60062FD7146B36C2A9636FE136F1] - 16/04/2013 - 02:50:11 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrheb.lrc   [435712]
O44 - LFC:[MD5.03F7934BB55134586175C8E8401D5082] - 16/04/2013 - 02:50:11 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrhrv.lrc   [438784]
O44 - LFC:[MD5.97A188A1542354A8605EB4E7EC52224C] - 16/04/2013 - 02:50:11 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrhun.lrc   [438272]
O44 - LFC:[MD5.8792A0B70DD00EC0692BEAC30F8FFA1B] - 16/04/2013 - 02:50:11 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrita.lrc   [438784]
O44 - LFC:[MD5.2DA337465D3CA373BAB7F6439EBCE6C7] - 16/04/2013 - 02:50:11 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrjpn.lrc   [432128]
O44 - LFC:[MD5.BA244CFE6B0257AB4B4498D8C068EEF1] - 16/04/2013 - 02:50:11 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrkor.lrc   [431104]
O44 - LFC:[MD5.08724776594B2F554D50D5D7792A2617] - 16/04/2013 - 02:50:11 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrnld.lrc   [438784]
O44 - LFC:[MD5.8C6513C0DBADCEFD92A9999C5FAAA2E4] - 16/04/2013 - 02:50:11 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrnor.lrc   [437760]
O44 - LFC:[MD5.B550472F308CF3E38A841ABE142EF819] - 16/04/2013 - 02:50:11 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrplk.lrc   [438784]
O44 - LFC:[MD5.D7CA470ACBAE09E508DB899B601193B8] - 16/04/2013 - 02:50:11 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrptb.lrc   [437760]
O44 - LFC:[MD5.C02837CFF99D54F2C21F082CB05D3727] - 16/04/2013 - 02:50:11 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrptg.lrc   [438784]
O44 - LFC:[MD5.E8ED9CB221E72843546FEEE839D3E8E5] - 16/04/2013 - 02:50:11 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrrom.lrc   [439296]
O44 - LFC:[MD5.C59F9DDA1C49FF9BDEBF6E49BC476E87] - 16/04/2013 - 02:50:11 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrrus.lrc   [439296]
O44 - LFC:[MD5.4FB79C7F1D38008CA524829BD6D1E1FC] - 16/04/2013 - 02:50:11 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrsky.lrc   [438784]
O44 - LFC:[MD5.7BB87B812F9D46B83AB827352F9A3F9B] - 16/04/2013 - 02:50:11 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrslv.lrc   [437760]
O44 - LFC:[MD5.389388AFB344C4669D468131BCE4FA50] - 16/04/2013 - 02:50:11 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrsve.lrc   [437760]
O44 - LFC:[MD5.DD599A4E9F018EDD646A3060B99092CB] - 16/04/2013 - 02:50:11 ---A- . (.Intel Corporation - igfxress Module.) -- C:\Windows\SysNative\igfxress.dll   [9007616]
O44 - LFC:[MD5.4EF23173A4A8696498CC3ECD5224D95B] - 16/04/2013 - 02:50:11 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrfin.lrc   [438272]
O44 - LFC:[MD5.762848AE5EADE9A86CBD40F65CDCCBE3] - 16/04/2013 - 02:50:11 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrfra.lrc   [439808]
O44 - LFC:[MD5.5FBA60062FD7146B36C2A9636FE136F1] - 16/04/2013 - 02:50:11 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrheb.lrc   [435712]
O44 - LFC:[MD5.03F7934BB55134586175C8E8401D5082] - 16/04/2013 - 02:50:11 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrhrv.lrc   [438784]
O44 - LFC:[MD5.97A188A1542354A8605EB4E7EC52224C] - 16/04/2013 - 02:50:11 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrhun.lrc   [438272]
O44 - LFC:[MD5.8792A0B70DD00EC0692BEAC30F8FFA1B] - 16/04/2013 - 02:50:11 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrita.lrc   [438784]
O44 - LFC:[MD5.2DA337465D3CA373BAB7F6439EBCE6C7] - 16/04/2013 - 02:50:11 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrjpn.lrc   [432128]
O44 - LFC:[MD5.BA244CFE6B0257AB4B4498D8C068EEF1] - 16/04/2013 - 02:50:11 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrkor.lrc   [431104]
O44 - LFC:[MD5.08724776594B2F554D50D5D7792A2617] - 16/04/2013 - 02:50:11 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrnld.lrc   [438784]
O44 - LFC:[MD5.8C6513C0DBADCEFD92A9999C5FAAA2E4] - 16/04/2013 - 02:50:11 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrnor.lrc   [437760]
O44 - LFC:[MD5.B550472F308CF3E38A841ABE142EF819] - 16/04/2013 - 02:50:11 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrplk.lrc   [438784]
O44 - LFC:[MD5.D7CA470ACBAE09E508DB899B601193B8] - 16/04/2013 - 02:50:11 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrptb.lrc   [437760]
O44 - LFC:[MD5.C02837CFF99D54F2C21F082CB05D3727] - 16/04/2013 - 02:50:11 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrptg.lrc   [438784]
O44 - LFC:[MD5.E8ED9CB221E72843546FEEE839D3E8E5] - 16/04/2013 - 02:50:11 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrrom.lrc   [439296]
O44 - LFC:[MD5.C59F9DDA1C49FF9BDEBF6E49BC476E87] - 16/04/2013 - 02:50:11 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrrus.lrc   [439296]
O44 - LFC:[MD5.4FB79C7F1D38008CA524829BD6D1E1FC] - 16/04/2013 - 02:50:11 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrsky.lrc   [438784]
O44 - LFC:[MD5.7BB87B812F9D46B83AB827352F9A3F9B] - 16/04/2013 - 02:50:11 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrslv.lrc   [437760]
O44 - LFC:[MD5.389388AFB344C4669D468131BCE4FA50] - 16/04/2013 - 02:50:11 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrsve.lrc   [437760]
O44 - LFC:[MD5.DD599A4E9F018EDD646A3060B99092CB] - 16/04/2013 - 02:50:11 RSHAD . (.Intel Corporation - igfxress Module.) -- C:\Windows\System32\igfxress.dll   [9007616]
O44 - LFC:[MD5.809AF6BE77627260D2CC2FD0E8B01662] - 16/04/2013 - 02:50:10 ---A- . (...) -- C:\Windows\SysNative\IGFXDEVLib.dll   [9728]
O44 - LFC:[MD5.2A4388209A68545BD01E8DB27135A97A] - 16/04/2013 - 02:50:10 ---A- . (.Intel Corporation - igfxcpl Module.) -- C:\Windows\SysNative\igfxcpl.cpl   [126976]
O44 - LFC:[MD5.A3C74AB32273776E077E6C98BAC97E44] - 16/04/2013 - 02:50:10 ---A- . (.Intel Corporation - igfxdev Module.) -- C:\Windows\SysNative\igfxdev.dll   [441856]
O44 - LFC:[MD5.DA106090C5884A36FA0BADD647DEAA55] - 16/04/2013 - 02:50:10 ---A- . (.Intel Corporation - igfxdo Module.) -- C:\Windows\SysNative\igfxdo.dll   [142336]
O44 - LFC:[MD5.1D8C97EA71A8124D1DA1C0B0DAE7FE7D] - 16/04/2013 - 02:50:10 ---A- . (.Intel Corporation - igfxext Module.) -- C:\Windows\SysNative\igfxexps.dll   [28672]
O44 - LFC:[MD5.8A6909152203FE482EDDD269E8E203BC] - 16/04/2013 - 02:50:10 ---A- . (.Intel Corporation - igfxext Module.) -- C:\Windows\SysNative\igfxext.exe   [252448]
O44 - LFC:[MD5.3AC8E9252E48D0AD680962717846987C] - 16/04/2013 - 02:50:10 ---A- . (.Intel Corporation - igfxpph Module.) -- C:\Windows\SysNative\igfxpph.dll   [386048]
O44 - LFC:[MD5.EDF17D03C07B43C60FA58B1D079680CD] - 16/04/2013 - 02:50:10 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrara.lrc   [435712]
O44 - LFC:[MD5.D5159D4FE9431BA8A161B10342AC2FB1] - 16/04/2013 - 02:50:10 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrchs.lrc   [428544]
O44 - LFC:[MD5.3F31FD53902A0D4CBE049239BA3C106B] - 16/04/2013 - 02:50:10 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrcht.lrc   [429056]
O44 - LFC:[MD5.67A81407E41739C1298C8D31B8CFC21D] - 16/04/2013 - 02:50:10 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrcsy.lrc   [438272]
O44 - LFC:[MD5.A5F5473E4CA6CA5686448AF2CA6DE050] - 16/04/2013 - 02:50:10 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrdan.lrc   [437248]
O44 - LFC:[MD5.8149539FABEF4B00AACAC77C6F040C05] - 16/04/2013 - 02:50:10 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrdeu.lrc   [438784]
O44 - LFC:[MD5.5604F1DDAEC994DD08E1A323C2745A04] - 16/04/2013 - 02:50:10 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrell.lrc   [440320]
O44 - LFC:[MD5.EAF8AE414501EFE47BAF02E673EEE350] - 16/04/2013 - 02:50:10 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxrenu.lrc   [286208]
O44 - LFC:[MD5.B7C282AC3185AA2A119AC6709D5ABED7] - 16/04/2013 - 02:50:10 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\SysNative\igfxresn.lrc   [439808]
O44 - LFC:[MD5.C88B01661694F2013F8DF1BD66B8B39E] - 16/04/2013 - 02:50:10 ---A- . (.Intel Corporation - persistence Module.) -- C:\Windows\SysNative\igfxpers.exe   [441888]
O44 - LFC:[MD5.809AF6BE77627260D2CC2FD0E8B01662] - 16/04/2013 - 02:50:10 RSHAD . (...) -- C:\Windows\System32\IGFXDEVLib.dll   [9728]
O44 - LFC:[MD5.2A4388209A68545BD01E8DB27135A97A] - 16/04/2013 - 02:50:10 RSHAD . (.Intel Corporation - igfxcpl Module.) -- C:\Windows\System32\igfxcpl.cpl   [126976]
O44 - LFC:[MD5.A3C74AB32273776E077E6C98BAC97E44] - 16/04/2013 - 02:50:10 RSHAD . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll   [441856]
O44 - LFC:[MD5.DA106090C5884A36FA0BADD647DEAA55] - 16/04/2013 - 02:50:10 RSHAD . (.Intel Corporation - igfxdo Module.) -- C:\Windows\System32\igfxdo.dll   [142336]
O44 - LFC:[MD5.1D8C97EA71A8124D1DA1C0B0DAE7FE7D] - 16/04/2013 - 02:50:10 RSHAD . (.Intel Corporation - igfxext Module.) -- C:\Windows\System32\igfxexps.dll   [28672]
O44 - LFC:[MD5.8A6909152203FE482EDDD269E8E203BC] - 16/04/2013 - 02:50:10 RSHAD . (.Intel Corporation - igfxext Module.) -- C:\Windows\System32\igfxext.exe   [252448]
O44 - LFC:[MD5.3AC8E9252E48D0AD680962717846987C] - 16/04/2013 - 02:50:10 RSHAD . (.Intel Corporation - igfxpph Module.) -- C:\Windows\System32\igfxpph.dll   [386048]
O44 - LFC:[MD5.EDF17D03C07B43C60FA58B1D079680CD] - 16/04/2013 - 02:50:10 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrara.lrc   [435712]
O44 - LFC:[MD5.D5159D4FE9431BA8A161B10342AC2FB1] - 16/04/2013 - 02:50:10 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrchs.lrc   [428544]
O44 - LFC:[MD5.3F31FD53902A0D4CBE049239BA3C106B] - 16/04/2013 - 02:50:10 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrcht.lrc   [429056]
O44 - LFC:[MD5.67A81407E41739C1298C8D31B8CFC21D] - 16/04/2013 - 02:50:10 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrcsy.lrc   [438272]
O44 - LFC:[MD5.A5F5473E4CA6CA5686448AF2CA6DE050] - 16/04/2013 - 02:50:10 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrdan.lrc   [437248]
O44 - LFC:[MD5.8149539FABEF4B00AACAC77C6F040C05] - 16/04/2013 - 02:50:10 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrdeu.lrc   [438784]
O44 - LFC:[MD5.5604F1DDAEC994DD08E1A323C2745A04] - 16/04/2013 - 02:50:10 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrell.lrc   [440320]
O44 - LFC:[MD5.EAF8AE414501EFE47BAF02E673EEE350] - 16/04/2013 - 02:50:10 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrenu.lrc   [286208]
O44 - LFC:[MD5.B7C282AC3185AA2A119AC6709D5ABED7] - 16/04/2013 - 02:50:10 RSHAD . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxresn.lrc   [439808]
O44 - LFC:[MD5.C88B01661694F2013F8DF1BD66B8B39E] - 16/04/2013 - 02:50:10 RSHAD . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe   [441888]
O44 - LFC:[MD5.FAC8EC602E5C5C4D41BAB6255F2ECF5E] - 16/04/2013 - 02:50:09 ---A- . (.Intel Corporation - LDDM User Mode Driver for Intel(R) Graphics.) -- C:\Windows\SysNative\igdumd64.dll   [12604416]
O44 - LFC:[MD5.FAC8EC602E5C5C4D41BAB6255F2ECF5E] - 16/04/2013 - 02:50:09 RSHAD . (.Intel Corporation - LDDM User Mode Driver for Intel(R) Graphics.) -- C:\Windows\System32\igdumd64.dll   [12604416]
O44 - LFC:[MD5.A1CF07D24EDCDC6870535471654D957C] - 16/04/2013 - 02:50:07 RSHAD . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys   [5343584]
O44 - LFC:[MD5.B31A78D5150502B4FFC1FA0AE0B6BAD1] - 16/04/2013 - 02:50:04 ---A- . (...) -- C:\Windows\SysNative\igdde64.dll   [80384]
O44 - LFC:[MD5.B31A78D5150502B4FFC1FA0AE0B6BAD1] - 16/04/2013 - 02:50:04 RSHAD . (...) -- C:\Windows\System32\igdde64.dll   [80384]
O44 - LFC:[MD5.EFA67664E181EAF2DEA190EE71C0C9AB] - 16/04/2013 - 02:50:03 ---A- . (.Intel Corporation - LDDM User Mode Driver for Intel(R) Graphics.) -- C:\Windows\SysNative\igd10umd64.dll   [12836864]
O44 - LFC:[MD5.EFA67664E181EAF2DEA190EE71C0C9AB] - 16/04/2013 - 02:50:03 RSHAD . (.Intel Corporation - LDDM User Mode Driver for Intel(R) Graphics.) -- C:\Windows\System32\igd10umd64.dll   [12836864]
O44 - LFC:[MD5.C916D55684C349B568DB5FD4D9B5A004] - 16/04/2013 - 02:50:02 ---A- . (...) -- C:\Windows\SysNative\igcodeckrng600.bin   [963452]
O44 - LFC:[MD5.C916D55684C349B568DB5FD4D9B5A004] - 16/04/2013 - 02:50:02 ---A- . (...) -- C:\Windows\System32\igcodeckrng600.bin   [963452]
O44 - LFC:[MD5.82E64F8A695EFBE2C45BD8449F77B463] - 16/04/2013 - 02:50:00 ---A- . (.Intel Corporation - OpenGL(R) Driver for Intel(R) Graphics Acce.) -- C:\Windows\SysNative\ig4icd64.dll   [12887040]
O44 - LFC:[MD5.82E64F8A695EFBE2C45BD8449F77B463] - 16/04/2013 - 02:50:00 RSHAD . (.Intel Corporation - OpenGL(R) Driver for Intel(R) Graphics Acce.) -- C:\Windows\System32\ig4icd64.dll   [12887040]
O44 - LFC:[MD5.BB85F19B427924B1EFD69EF08811E586] - 16/04/2013 - 02:49:59 ---A- . (...) -- C:\Windows\SysNative\GfxUI.exe.config   [259]
O44 - LFC:[MD5.4D5235B076E7FFC53193D02C374BB54A] - 16/04/2013 - 02:49:59 ---A- . (.Intel Corporation - GfxUI.) -- C:\Windows\SysNative\GfxUI.exe   [5903392]
O44 - LFC:[MD5.2A9EF6CD0489FC6D1F4F7CF9FB237276] - 16/04/2013 - 02:49:59 ---A- . (.Intel Corporation - Pas de description.) -- C:\Windows\SysNative\gfxSrvc.dll   [173568]
O44 - LFC:[MD5.F1288E4CE82EE9F3A00E164BDFA54130] - 16/04/2013 - 02:49:59 ---A- . (.Intel Corporation - hccutils Module.) -- C:\Windows\SysNative\hccutils.dll   [110592]
O44 - LFC:[MD5.40CAEC9DBC892ED1915704CC54CB382E] - 16/04/2013 - 02:49:59 ---A- . (.Intel Corporation - hkcmd Module.) -- C:\Windows\SysNative\hkcmd.exe   [399392]
O44 - LFC:[MD5.BB85F19B427924B1EFD69EF08811E586] - 16/04/2013 - 02:49:59 RSHAD . (...) -- C:\Windows\System32\GfxUI.exe.config   [259]
O44 - LFC:[MD5.4D5235B076E7FFC53193D02C374BB54A] - 16/04/2013 - 02:49:59 RSHAD . (.Intel Corporation - GfxUI.) -- C:\Windows\System32\GfxUI.exe   [5903392]
O44 - LFC:[MD5.2A9EF6CD0489FC6D1F4F7CF9FB237276] - 16/04/2013 - 02:49:59 RSHAD . (.Intel Corporation - Pas de description.) -- C:\Windows\System32\gfxSrvc.dll   [173568]
O44 - LFC:[MD5.F1288E4CE82EE9F3A00E164BDFA54130] - 16/04/2013 - 02:49:59 RSHAD . (.Intel Corporation - hccutils Module.) -- C:\Windows\System32\hccutils.dll   [110592]
O44 - LFC:[MD5.40CAEC9DBC892ED1915704CC54CB382E] - 16/04/2013 - 02:49:59 RSHAD . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe   [399392]
O44 - LFC:[MD5.DD8C619664E94EC2623459E0E106F9F2] - 16/04/2013 - 02:49:58 ---A- . (...) -- C:\Windows\SysNative\Gfxres.nb-NO.resources   [137534]
O44 - LFC:[MD5.D989BC747C0CBE3AD51B00F670637D00] - 16/04/2013 - 02:49:58 ---A- . (...) -- C:\Windows\SysNative\Gfxres.ro-RO.resources   [145715]
O44 - LFC:[MD5.53CFCAE83763F30266BD49FCDCABD798] - 16/04/2013 - 02:49:58 ---A- . (...) -- C:\Windows\SysNative\Gfxres.sk-SK.resources   [141574]
O44 - LFC:[MD5.F6160AD6E68759DB0770594D87E9B4B4] - 16/04/2013 - 02:49:58 ---A- . (.Intel Corporation - 64 bit driver installer.) -- C:\Windows\SysNative\difx64.exe   [185376]
O44 - LFC:[MD5.DD8C619664E94EC2623459E0E106F9F2] - 16/04/2013 - 02:49:58 RSHAD . (...) -- C:\Windows\System32\Gfxres.nb-NO.resources   [137534]
O44 - LFC:[MD5.D989BC747C0CBE3AD51B00F670637D00] - 16/04/2013 - 02:49:58 RSHAD . (...) -- C:\Windows\System32\Gfxres.ro-RO.resources   [145715]
O44 - LFC:[MD5.53CFCAE83763F30266BD49FCDCABD798] - 16/04/2013 - 02:49:58 RSHAD . (...) -- C:\Windows\System32\Gfxres.sk-SK.resources   [141574]
O44 - LFC:[MD5.F6160AD6E68759DB0770594D87E9B4B4] - 16/04/2013 - 02:49:58 RSHAD . (.Intel Corporation - 64 bit driver installer.) -- C:\Windows\System32\difx64.exe   [185376]
O44 - LFC:[MD5.78543C48D98EF201F8604EDB21BC7E0D] - 15/04/2013 - 13:42:34 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT   [353376]
O44 - LFC:[MD5.78543C48D98EF201F8604EDB21BC7E0D] - 15/04/2013 - 13:42:34 RSHAD . (...) -- C:\Windows\System32\FNTCACHE.DAT   [353376]
O44 - LFC:[MD5.79F95469604B77296346DE7DB463EA2A] - 14/04/2013 - 18:33:45 ---A- . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\SysNative\wuaueng.dll   [3240448]
O44 - LFC:[MD5.79F95469604B77296346DE7DB463EA2A] - 14/04/2013 - 18:33:45 RSHAD . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll   [3240448]
O44 - LFC:[MD5.F162757540A3307AF777C056544AE871] - 14/04/2013 - 18:33:42 ---A- . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\SysNative\shell32.dll   [19748864]
O44 - LFC:[MD5.F162757540A3307AF777C056544AE871] - 14/04/2013 - 18:33:42 ---A- . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll   [19748864]
O44 - LFC:[MD5.5DF7FCCCCC71E230883DC30AF3FE0203] - 14/04/2013 - 18:33:39 ---A- . (.Microsoft Corporation - Software Protection Platform Plugins.) -- C:\Windows\SysNative\sppobjs.dll   [1161728]
O44 - LFC:[MD5.5DF7FCCCCC71E230883DC30AF3FE0203] - 14/04/2013 - 18:33:39 RSHAD . (.Microsoft Corporation - Software Protection Platform Plugins.) -- C:\Windows\System32\sppobjs.dll   [1161728]
O44 - LFC:[MD5.B6D52E2C38B49A156E58FF5B9C6CA8BE] - 14/04/2013 - 18:33:32 RSHAD . (.Microsoft Corporation - Pilote TCP/IP.) -- C:\Windows\System32\Drivers\tcpip.sys   [2231528]
O44 - LFC:[MD5.6587EB86E32C49AC726817220390CFFE] - 14/04/2013 - 18:33:31 ---A- . (.Microsoft Corporation - Microsoft Windows Codecs Library.) -- C:\Windows\SysNative\WindowsCodecs.dll   [1627648]
O44 - LFC:[MD5.6587EB86E32C49AC726817220390CFFE] - 14/04/2013 - 18:33:31 ---A- . (.Microsoft Corporation - Microsoft Windows Codecs Library.) -- C:\Windows\System32\WindowsCodecs.dll   [1627648]
O44 - LFC:[MD5.3D1E4E187270B03BA28F8CF0C7C66C22] - 14/04/2013 - 18:33:29 ---A- . (.Microsoft Corporation - TWINUI.) -- C:\Windows\SysNative\twinui.dll   [10116608]
O44 - LFC:[MD5.3D1E4E187270B03BA28F8CF0C7C66C22] - 14/04/2013 - 18:33:29 ---A- . (.Microsoft Corporation - TWINUI.) -- C:\Windows\System32\twinui.dll   [10116608]
O44 - LFC:[MD5.0E8924B51839B0CC8AB4B9C456220683] - 14/04/2013 - 18:33:21 ---A- . (.Microsoft Corporation - Media Foundation ASF Source and Sink DLL.) -- C:\Windows\SysNative\mfasfsrcsnk.dll   [1048576]
O44 - LFC:[MD5.0E8924B51839B0CC8AB4B9C456220683] - 14/04/2013 - 18:33:21 ---A- . (.Microsoft Corporation - Media Foundation ASF Source and Sink DLL.) -- C:\Windows\System32\mfasfsrcsnk.dll   [1048576]
O44 - LFC:[MD5.C911D9E6BDE318D513D9168F947E1800] - 14/04/2013 - 18:33:19 ---A- . (.Microsoft Corporation - DLL du Gestionnaire de processus d’arrière-.) -- C:\Windows\SysNative\ubpm.dll   [328192]
O44 - LFC:[MD5.C911D9E6BDE318D513D9168F947E1800] - 14/04/2013 - 18:33:19 ---A- . (.Microsoft Corporation - DLL du Gestionnaire de processus d’arrière-.) -- C:\Windows\System32\ubpm.dll   [328192]
O44 - LFC:[MD5.01344DD46C95BC2A478B52AF07336F4A] - 14/04/2013 - 18:33:18 ---A- . (.Microsoft Corporation - Client ActiveX des services Bureau à distan.) -- C:\Windows\SysNative\mstscax.dll   [5978624]
O44 - LFC:[MD5.01344DD46C95BC2A478B52AF07336F4A] - 14/04/2013 - 18:33:18 ---A- . (.Microsoft Corporation - Client ActiveX des services Bureau à distan.) -- C:\Windows\System32\mstscax.dll   [5978624]
O44 - LFC:[MD5.C7E0C8B888B034D1A66840A5E34D61FC] - 14/04/2013 - 18:33:16 ---A- . (.Microsoft Corporation - BCP47 Language Classes.) -- C:\Windows\SysNative\BCP47Langs.dll   [389120]
O44 - LFC:[MD5.C7E0C8B888B034D1A66840A5E34D61FC] - 14/04/2013 - 18:33:16 ---A- . (.Microsoft Corporation - BCP47 Language Classes.) -- C:\Windows\System32\BCP47Langs.dll   [389120]
O44 - LFC:[MD5.110B70302AC6EC29FE013C5BB99BA559] - 14/04/2013 - 18:33:16 ---A- . (.Microsoft Corporation - WMPMDE DLL.) -- C:\Windows\SysNative\wmpmde.dll   [1101824]
O44 - LFC:[MD5.9531E7D938912F315F8161B5DA5DAD13] - 14/04/2013 - 18:33:16 RSHAD . (.Microsoft Corporation - SCSI Class System Dll.) -- C:\Windows\System32\Drivers\Classpnp.sys   [327912]
O44 - LFC:[MD5.110B70302AC6EC29FE013C5BB99BA559] - 14/04/2013 - 18:33:16 RSHAD . (.Microsoft Corporation - WMPMDE DLL.) -- C:\Windows\System32\wmpmde.dll   [1101824]
O44 - LFC:[MD5.D608E0955BF3623B54CFA1A90FCA59FD] - 14/04/2013 - 18:33:14 ---A- . (.Microsoft Corporation - WinMDE DLL.) -- C:\Windows\SysNative\winmde.dll   [1149952]
O44 - LFC:[MD5.D608E0955BF3623B54CFA1A90FCA59FD] - 14/04/2013 - 18:33:14 ---A- . (.Microsoft Corporation - WinMDE DLL.) -- C:\Windows\System32\winmde.dll   [1149952]
O44 - LFC:[MD5.76E6465F3153FCA20F07928BBA62D7B8] - 14/04/2013 - 18:33:14 ---A- . (.Microsoft Corporation - Windows Globalization.) -- C:\Windows\SysNative\Windows.Globalization.dll   [951808]
O44 - LFC:[MD5.76E6465F3153FCA20F07928BBA62D7B8] - 14/04/2013 - 18:33:14 ---A- . (.Microsoft Corporation - Windows Globalization.) -- C:\Windows\System32\Windows.Globalization.dll   [951808]
O44 - LFC:[MD5.C15FF2B4C82792230CD9742253C68CF1] - 14/04/2013 - 18:33:13 ---A- . (.Microsoft Corporation - API du client Windows Update.) -- C:\Windows\SysNative\wuapi.dll   [760320]
O44 - LFC:[MD5.C15FF2B4C82792230CD9742253C68CF1] - 14/04/2013 - 18:33:13 ---A- . (.Microsoft Corporation - API du client Windows Update.) -- C:\Windows\System32\wuapi.dll   [760320]
O44 - LFC:[MD5.D10587D957CFED8CC3B9B3D017C69003] - 14/04/2013 - 18:33:13 ---A- . (.Microsoft Corporation - Windows Runtime OnlineId Authentication DLL.) -- C:\Windows\SysNative\Windows.Security.Authentication.OnlineId.dll   [645120]
O44 - LFC:[MD5.D10587D957CFED8CC3B9B3D017C69003] - 14/04/2013 - 18:33:13 ---A- . (.Microsoft Corporation - Windows Runtime OnlineId Authentication DLL.) -- C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll   [645120]
O44 - LFC:[MD5.F8E1CA7D41BC44662D7F8936A9588201] - 14/04/2013 - 18:33:11 ---A- . (.Microsoft Corporation - Interface utilisateur d’authentification Wi.) -- C:\Windows\SysNative\authui.dll   [2302464]
O44 - LFC:[MD5.F8E1CA7D41BC44662D7F8936A9588201] - 14/04/2013 - 18:33:11 ---A- . (.Microsoft Corporation - Interface utilisateur d’authentification Wi.) -- C:\Windows\System32\authui.dll   [2302464]
O44 - LFC:[MD5.6FB88606C4A71E1BFAF97D63A676C673] - 14/04/2013 - 18:33:11 ---A- . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll   [180224]
O44 - LFC:[MD5.6FB88606C4A71E1BFAF97D63A676C673] - 14/04/2013 - 18:33:11 RSHAD . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll   [180224]
O44 - LFC:[MD5.4515B9E4140F04FB3907692DF89FCA87] - 14/04/2013 - 18:33:10 ---A- . (.Microsoft Corporation - Service Broker pour les événements horaires.) -- C:\Windows\SysNative\TimeBrokerServer.dll   [171008]
O44 - LFC:[MD5.36E2B5A5AC7688FFB3270F57103507D2] - 14/04/2013 - 18:33:10 RSHAD . (.Microsoft Corporation - FWP/IPsec Kernel-Mode API.) -- C:\Windows\System32\Drivers\FWPKCLNT.SYS   [411880]
O44 - LFC:[MD5.091607B272C5E7BE2DCEF2D5463A407B] - 14/04/2013 - 18:33:10 RSHAD . (.Microsoft Corporation - Microsoft Storage Port Driver.) -- C:\Windows\System32\Drivers\storport.sys   [332520]
O44 - LFC:[MD5.4515B9E4140F04FB3907692DF89FCA87] - 14/04/2013 - 18:33:10 RSHAD . (.Microsoft Corporation - Service Broker pour les événements horaires.) -- C:\Windows\System32\TimeBrokerServer.dll   [171008]
O44 - LFC:[MD5.D3CD3034E2292DBECCD3161DC29D8E07] - 14/04/2013 - 18:33:08 ---A- . (.Microsoft Corporation - Objets de configuration du réseau.) -- C:\Windows\SysNative\netcfgx.dll   [455168]
O44 - LFC:[MD5.D3CD3034E2292DBECCD3161DC29D8E07] - 14/04/2013 - 18:33:08 ---A- . (.Microsoft Corporation - Objets de configuration du réseau.) -- C:\Windows\System32\netcfgx.dll   [455168]
O44 - LFC:[MD5.116FBD7F3F98CB90680BCB5E5CBD0715] - 14/04/2013 - 18:33:08 ---A- . (.Microsoft Corporation - Synchronisation des paramètres.) -- C:\Windows\SysNative\SettingSync.dll   [448512]
O44 - LFC:[MD5.116FBD7F3F98CB90680BCB5E5CBD0715] - 14/04/2013 - 18:33:08 ---A- . (.Microsoft Corporation - Synchronisation des paramètres.) -- C:\Windows\System32\SettingSync.dll   [448512]
O44 - LFC:[MD5.BE611E28DD9AF75A6B904B55F5D6E6C3] - 14/04/2013 - 18:33:07 ---A- . (.Microsoft Corporation - DLL du moniteur de port d’impression dynami.) -- C:\Windows\SysNative\usbmon.dll   [245248]
O44 - LFC:[MD5.3013658A4D327854BEEC4A08D9655194] - 14/04/2013 - 18:33:07 ---A- . (.Microsoft Corporation - Énumérateur d’appareil mobile.) -- C:\Windows\SysNative\wpdbusenum.dll   [103936]
O44 - LFC:[MD5.BE611E28DD9AF75A6B904B55F5D6E6C3] - 14/04/2013 - 18:33:07 RSHAD . (.Microsoft Corporation - DLL du moniteur de port d’impression dynami.) -- C:\Windows\System32\usbmon.dll   [245248]
O44 - LFC:[MD5.3013658A4D327854BEEC4A08D9655194] - 14/04/2013 - 18:33:07 RSHAD . (.Microsoft Corporation - Énumérateur d’appareil mobile.) -- C:\Windows\System32\wpdbusenum.dll   [103936]
O44 - LFC:[MD5.5EE6D3195E6470DB22F480CCF5F5FF4A] - 14/04/2013 - 18:33:05 ---A- . (.Microsoft Corporation - ActiveX Interface Marshaling Library.) -- C:\Windows\SysNative\actxprxy.dll   [2146304]
O44 - LFC:[MD5.5EE6D3195E6470DB22F480CCF5F5FF4A] - 14/04/2013 - 18:33:05 ---A- . (.Microsoft Corporation - ActiveX Interface Marshaling Library.) -- C:\Windows\System32\actxprxy.dll   [2146304]
O44 - LFC:[MD5.500BE6B2E49883720D0AE8BB859ED7A3] - 14/04/2013 - 18:33:05 RSHAD . (.Microsoft Corporation - VHD Miniport Driver.) -- C:\Windows\System32\Drivers\vhdmp.sys   [495336]
O44 - LFC:[MD5.A6B742C6B8CF9A37E0EF470DF890F74B] - 14/04/2013 - 18:33:04 ---A- . (.Microsoft Corporation - Driver Store API.) -- C:\Windows\SysNative\drvstore.dll   [703488]
O44 - LFC:[MD5.A6B742C6B8CF9A37E0EF470DF890F74B] - 14/04/2013 - 18:33:04 ---A- . (.Microsoft Corporation - Driver Store API.) -- C:\Windows\System32\drvstore.dll   [703488]
O44 - LFC:[MD5.3426BE7D0ED8888ACFE04BA6BB9AF83B] - 14/04/2013 - 18:33:02 ---A- . (.Microsoft Corporation - Processus hôte pour Tâches Windows.) -- C:\Windows\SysNative\taskhost.exe   [77824]
O44 - LFC:[MD5.821D79C4602C5BF6C8183630D301638A] - 14/04/2013 - 18:33:02 ---A- . (.Microsoft Corporation - Tâche d’analyse de l’intégrité des données.) -- C:\Windows\SysNative\discan.dll   [150016]
O44 - LFC:[MD5.69A7C97D2FF3252039F18EB36B4AF76B] - 14/04/2013 - 18:33:02 ---A- . (.Microsoft Corporation - Windows Update client proxy stub.) -- C:\Windows\SysNative\wups.dll   [43520]
O44 - LFC:[MD5.69A7C97D2FF3252039F18EB36B4AF76B] - 14/04/2013 - 18:33:02 ---A- . (.Microsoft Corporation - Windows Update client proxy stub.) -- C:\Windows\System32\wups.dll   [43520]
O44 - LFC:[MD5.3426BE7D0ED8888ACFE04BA6BB9AF83B] - 14/04/2013 - 18:33:02 RSHAD . (.Microsoft Corporation - Processus hôte pour Tâches Windows.) -- C:\Windows\System32\taskhost.exe   [77824]
O44 - LFC:[MD5.821D79C4602C5BF6C8183630D301638A] - 14/04/2013 - 18:33:02 RSHAD . (.Microsoft Corporation - Tâche d’analyse de l’intégrité des données.) -- C:\Windows\System32\discan.dll   [150016]
O44 - LFC:[MD5.739A739DCC5D02FE30EDEADEBD7B9898] - 14/04/2013 - 18:33:01 RSHAD . (.Microsoft Corporation - Storage Spaces Driver.) -- C:\Windows\System32\Drivers\spaceport.sys   [283880]
O44 - LFC:[MD5.ED84544A18C02EE2DF436A94436168BA] - 14/04/2013 - 18:33:00 ---A- . (.Microsoft Corporation - Expérience utilisateur du client Windows Up.) -- C:\Windows\SysNative\wucltux.dll   [1619968]
O44 - LFC:[MD5.25FD6AB608C7CFDEAAC24BA882AC4052] - 14/04/2013 - 18:33:00 ---A- . (.Microsoft Corporation - Ndis IM Platform MUX Notify Object.) -- C:\Windows\SysNative\NdisImPlatform.dll   [117248]
O44 - LFC:[MD5.3C39BF7BBD73C3D862F5266D316D88D0] - 14/04/2013 - 18:33:00 ---A- . (.Microsoft Corporation - Windows Update.) -- C:\Windows\SysNative\wuauclt.exe   [58288]
O44 - LFC:[MD5.ED84544A18C02EE2DF436A94436168BA] - 14/04/2013 - 18:33:00 RSHAD . (.Microsoft Corporation - Expérience utilisateur du client Windows Up.) -- C:\Windows\System32\wucltux.dll   [1619968]
O44 - LFC:[MD5.B240874B2CA0CD02E8CD11E140B14C57] - 14/04/2013 - 18:33:00 RSHAD . (.Microsoft Corporation - MS AHCI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\storahci.sys   [77544]
O44 - LFC:[MD5.25FD6AB608C7CFDEAAC24BA882AC4052] - 14/04/2013 - 18:33:00 RSHAD . (.Microsoft Corporation - Ndis IM Platform MUX Notify Object.) -- C:\Windows\System32\NdisImPlatform.dll   [117248]
O44 - LFC:[MD5.6F0BFF80EE2A5BC841286A51F893CBAD] - 14/04/2013 - 18:33:00 RSHAD . (.Microsoft Corporation - Pilote de périphérique TPM.) -- C:\Windows\System32\Drivers\tpm.sys   [148712]
O44 - LFC:[MD5.047315E75392CEA447ACC86257824C16] - 14/04/2013 - 18:33:00 RSHAD . (.Microsoft Corporation - Pilote du bus numérique sécurisé (SD).) -- C:\Windows\System32\Drivers\sdbus.sys   [194792]
O44 - LFC:[MD5.7D0570A2C678116523BB4932A6D71020] - 14/04/2013 - 18:33:00 RSHAD . (.Microsoft Corporation - SD Crashdump Port Driver.) -- C:\Windows\System32\Drivers\dumpsd.sys   [125160]
O44 - LFC:[MD5.11C0CF143D246E2F0E9BDBF17A0CC70B] - 14/04/2013 - 18:33:00 RSHAD . (.Microsoft Corporation - USB XHCI Driver.) -- C:\Windows\System32\Drivers\USBXHCI.SYS   [337128]
O44 - LFC:[MD5.3C39BF7BBD73C3D862F5266D316D88D0] - 14/04/2013 - 18:33:00 RSHAD . (.Microsoft Corporation - Windows Update.) -- C:\Windows\System32\wuauclt.exe   [58288]
O44 - LFC:[MD5.3A014B98C45AA8C0E4ABF2AB764F9AAC] - 14/04/2013 - 18:32:59 ---A- . (.Microsoft Corporation - Function Discovery Printer Proxy Dll.) -- C:\Windows\SysNative\WSDPrintProxy.DLL   [71168]
O44 - LFC:[MD5.F5BB165DD4C8B784E06E3F0324150E0F] - 14/04/2013 - 18:32:59 ---A- . (.Microsoft Corporation - Panneau de configuration - Gestion de l’ali.) -- C:\Windows\SysNative\powercfg.cpl   [156160]
O44 - LFC:[MD5.F5BB165DD4C8B784E06E3F0324150E0F] - 14/04/2013 - 18:32:59 ---A- . (.Microsoft Corporation - Panneau de configuration - Gestion de l’ali.) -- C:\Windows\System32\powercfg.cpl   [156160]
O44 - LFC:[MD5.0899BF12B2142213630D49E645B8A507] - 14/04/2013 - 18:32:59 ---A- . (.Microsoft Corporation - Processus hôte pour Tâches Windows.) -- C:\Windows\SysNative\taskhostex.exe   [72192]
O44 - LFC:[MD5.EF9A6AA4956FCD2D0EECD48ECC54B303] - 14/04/2013 - 18:32:59 ---A- . (.Microsoft Corporation - Windows Update Modern WuApp.) -- C:\Windows\SysNative\WUSettingsProvider.dll   [251904]
O44 - LFC:[MD5.3A014B98C45AA8C0E4ABF2AB764F9AAC] - 14/04/2013 - 18:32:59 RSHAD . (.Microsoft Corporation - Function Discovery Printer Proxy Dll.) -- C:\Windows\System32\WSDPrintProxy.DLL   [71168]
O44 - LFC:[MD5.0698DEDEAD6A00AD0D468C687D830FBF] - 14/04/2013 - 18:32:59 RSHAD . (.Microsoft Corporation - Power Dependency Coordinator Driver.) -- C:\Windows\System32\Drivers\pdc.sys   [69864]
O44 - LFC:[MD5.0899BF12B2142213630D49E645B8A507] - 14/04/2013 - 18:32:59 RSHAD . (.Microsoft Corporation - Processus hôte pour Tâches Windows.) -- C:\Windows\System32\taskhostex.exe   [72192]
O44 - LFC:[MD5.EF9A6AA4956FCD2D0EECD48ECC54B303] - 14/04/2013 - 18:32:59 RSHAD . (.Microsoft Corporation - Windows Update Modern WuApp.) -- C:\Windows\System32\WUSettingsProvider.dll   [251904]
O44 - LFC:[MD5.79CE97524CEC063C9A2750CCFE253847] - 14/04/2013 - 18:32:58 ---A- . (.Microsoft Corporation - Authentication Provider.) -- C:\Windows\SysNative\storewuauth.dll   [173568]
O44 - LFC:[MD5.50361572A98348A6E780FFE231B55D49] - 14/04/2013 - 18:32:58 ---A- . (.Microsoft Corporation - DeviceItem inproc devquery subsystem.) -- C:\Windows\SysNative\DevDispItemProvider.dll   [49152]
O44 - LFC:[MD5.50361572A98348A6E780FFE231B55D49] - 14/04/2013 - 18:32:58 ---A- . (.Microsoft Corporation - DeviceItem inproc devquery subsystem.) -- C:\Windows\System32\DevDispItemProvider.dll   [49152]
O44 - LFC:[MD5.3AF11BF2AA45E222D5923E59596AC984] - 14/04/2013 - 18:32:58 ---A- . (.Microsoft Corporation - Setting Synchronization Information.) -- C:\Windows\SysNative\SettingSyncInfo.dll   [128512]
O44 - LFC:[MD5.3AF11BF2AA45E222D5923E59596AC984] - 14/04/2013 - 18:32:58 ---A- . (.Microsoft Corporation - Setting Synchronization Information.) -- C:\Windows\System32\SettingSyncInfo.dll   [128512]
O44 - LFC:[MD5.05677EEFA7E6AAF414F4C31FD9EBF2C0] - 14/04/2013 - 18:32:58 ---A- . (.Microsoft Corporation - Windows Update Vista Web Control.) -- C:\Windows\SysNative\wuwebv.dll   [141824]
O44 - LFC:[MD5.05677EEFA7E6AAF414F4C31FD9EBF2C0] - 14/04/2013 - 18:32:58 ---A- . (.Microsoft Corporation - Windows Update Vista Web Control.) -- C:\Windows\System32\wuwebv.dll   [141824]
O44 - LFC:[MD5.E781EB5E43013C358B9A335103C2B9AE] - 14/04/2013 - 18:32:58 ---A- . (.Microsoft Corporation - Windows Update WUDriver Stub.) -- C:\Windows\SysNative\wudriver.dll   [98304]
O44 - LFC:[MD5.E781EB5E43013C358B9A335103C2B9AE] - 14/04/2013 - 18:32:58 ---A- . (.Microsoft Corporation - Windows Update WUDriver Stub.) -- C:\Windows\System32\wudriver.dll   [98304]
O44 - LFC:[MD5.79CE97524CEC063C9A2750CCFE253847] - 14/04/2013 - 18:32:58 RSHAD . (.Microsoft Corporation - Authentication Provider.) -- C:\Windows\System32\storewuauth.dll   [173568]
O44 - LFC:[MD5.C0ADEBED913295803B579ED288936CBB] - 14/04/2013 - 18:32:58 RSHAD . (.Microsoft Corporation - Pilote de filtre souris HID.) -- C:\Windows\System32\Drivers\mouhid.sys   [26112]
O44 - LFC:[MD5.750082FFD280AD15DA524379CD863721] - 14/04/2013 - 18:32:57 ---A- . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\SysNative\wuapp.exe   [39424]
O44 - LFC:[MD5.750082FFD280AD15DA524379CD863721] - 14/04/2013 - 18:32:57 ---A- . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\System32\wuapp.exe   [39424]
O44 - LFC:[MD5.EA8EAD3F5B762F889CC7F3966625B48B] - 14/04/2013 - 18:32:57 RSHAD . (.Microsoft Corporation - Monitor Driver.) -- C:\Windows\System32\Drivers\monitor.sys   [30720]
O44 - LFC:[MD5.4FD2E5BDBBBAB094B65E76908F9FADB3] - 14/04/2013 - 18:32:56 ---A- . (...) -- C:\Windows\SysNative\ApnDatabase.xml   [387867]
O44 - LFC:[MD5.4FD2E5BDBBBAB094B65E76908F9FADB3] - 14/04/2013 - 18:32:56 RSHAD . (...) -- C:\Windows\System32\ApnDatabase.xml   [387867]
O44 - LFC:[MD5.D5B800C7E730BDAFF36FE6FC64EB34A1] - 13/04/2013 - 17:40:37 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\SysNative\MRT.exe   [72702784]
O44 - LFC:[MD5.D5B800C7E730BDAFF36FE6FC64EB34A1] - 13/04/2013 - 17:40:37 RSHAD . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe   [72702784]
O44 - LFC:[MD5.79CAB096514C381152F4306BC87A7B29] - 11/04/2013 - 11:27:47 ---A- . (.Microsoft Corporation - Moteur de réinitialisation Microsoft Window.) -- C:\Windows\SysNative\reseteng.dll   [1011200]
O44 - LFC:[MD5.79CAB096514C381152F4306BC87A7B29] - 11/04/2013 - 11:27:47 RSHAD . (.Microsoft Corporation - Moteur de réinitialisation Microsoft Window.) -- C:\Windows\System32\reseteng.dll   [1011200]
O44 - LFC:[MD5.394ECD933CD66BADF97EA85A183B9E1E] - 11/04/2013 - 11:26:44 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysNative\mshtml.dll   [19230208]
O44 - LFC:[MD5.394ECD933CD66BADF97EA85A183B9E1E] - 11/04/2013 - 11:26:44 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll   [19230208]
O44 - LFC:[MD5.D744D5B8145C2303B19A288AF695E9AD] - 11/04/2013 - 11:26:26 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\SysNative\ieframe.dll   [15404544]
O44 - LFC:[MD5.D744D5B8145C2303B19A288AF695E9AD] - 11/04/2013 - 11:26:26 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll   [15404544]
O44 - LFC:[MD5.DE3C3B1B4FA5FBF1F17BCD3B3AE1ED15] - 11/04/2013 - 11:26:24 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\SysNative\jscript9.dll   [3958784]
O44 - LFC:[MD5.DE3C3B1B4FA5FBF1F17BCD3B3AE1ED15] - 11/04/2013 - 11:26:24 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll   [3958784]
O44 - LFC:[MD5.753C0848AE7872A3F59663078A517293] - 11/04/2013 - 11:26:21 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\SysNative\wininet.dll   [2240512]
O44 - LFC:[MD5.753C0848AE7872A3F59663078A517293] - 11/04/2013 - 11:26:21 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll   [2240512]
O44 - LFC:[MD5.85F1FE2D5EDBFD26066F5ABB9504A69C] - 11/04/2013 - 11:26:20 ---A- . (.Microsoft Corporation - Utilitaire à l’exécution pour Internet Expl.) -- C:\Windows\SysNative\iertutil.dll   [2647040]
O44 - LFC:[MD5.85F1FE2D5EDBFD26066F5ABB9504A69C] - 11/04/2013 - 11:26:20 ---A- . (.Microsoft Corporation - Utilitaire à l’exécution pour Internet Expl.) -- C:\Windows\System32\iertutil.dll   [2647040]
O44 - LFC:[MD5.11B62706B48F8D8F624F39C4F6E98B5C] - 11/04/2013 - 11:26:18 ---A- . (.Microsoft Corporation - Bibliothèque de thèmes Ux Microsoft.) -- C:\Windows\SysNative\uxtheme.dll   [915968]
O44 - LFC:[MD5.11B62706B48F8D8F624F39C4F6E98B5C] - 11/04/2013 - 11:26:18 ---A- . (.Microsoft Corporation - Bibliothèque de thèmes Ux Microsoft.) -- C:\Windows\System32\uxtheme.dll   [915968]
O44 - LFC:[MD5.29812E9971077BE3F8B9DC225CF9D454] - 11/04/2013 - 11:26:18 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysNative\urlmon.dll   [1365504]
O44 - LFC:[MD5.29812E9971077BE3F8B9DC225CF9D454] - 11/04/2013 - 11:26:18 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll   [1365504]
O44 - LFC:[MD5.8C1EFE99D4C9462EF2E10E7140B44D4A] - 11/04/2013 - 11:26:18 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\SysNative\jscript.dll   [855552]
O44 - LFC:[MD5.8C1EFE99D4C9462EF2E10E7140B44D4A] - 11/04/2013 - 11:26:18 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll   [855552]
O44 - LFC:[MD5.268E23EAEDF3FAF87A7A87F0257C9E87] - 11/04/2013 - 11:26:17 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\SysNative\msfeeds.dll   [603136]
O44 - LFC:[MD5.268E23EAEDF3FAF87A7A87F0257C9E87] - 11/04/2013 - 11:26:17 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll   [603136]
O44 - LFC:[MD5.A89103864B67CE1ED3BB5D48569D3D94] - 11/04/2013 - 11:26:16 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\SysNative\ie4uinit.exe   [51712]
O44 - LFC:[MD5.A89103864B67CE1ED3BB5D48569D3D94] - 11/04/2013 - 11:26:16 RSHAD . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe   [51712]
O44 - LFC:[MD5.38BEBBC4CF9FE6566262F0037DF843BF] - 11/04/2013 - 11:26:15 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\SysNative\iesysprep.dll   [136704]
O44 - LFC:[MD5.38BEBBC4CF9FE6566262F0037DF843BF] - 11/04/2013 - 11:26:15 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\System32\iesysprep.dll   [136704]
O44 - LFC:[MD5.194125E7839D4902F2490A70049E8F78] - 11/04/2013 - 11:26:15 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\SysNative\jsproxy.dll   [53248]
O44 - LFC:[MD5.194125E7839D4902F2490A70049E8F78] - 11/04/2013 - 11:26:15 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll   [53248]
O44 - LFC:[MD5.9E93469F299BBCB4ECD1378403C9B8CD] - 11/04/2013 - 11:26:01 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\SysNative\win32k.sys   [4041728]
O44 - LFC:[MD5.9E93469F299BBCB4ECD1378403C9B8CD] - 11/04/2013 - 11:26:01 RSHAD . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys   [4041728]
O44 - LFC:[MD5.299F354F0808017F6927B35C8FB6EFCD] - 11/04/2013 - 11:26:00 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\SysNative\ntoskrnl.exe   [6991592]
O44 - LFC:[MD5.299F354F0808017F6927B35C8FB6EFCD] - 11/04/2013 - 11:26:00 RSHAD . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe   [6991592]
O44 - LFC:[MD5.0BB97D43299910CBFBA59C461B99B910] - 04/04/2013 - 13:50:32 RSHAD . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys   [25928]
~ Files: 262 Scanned in 00mn 33s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.22139227C666E43CDA8FC77C10594147] - 01/04/2013 - 12:40:48 ---A- - C:\Windows\Prefetch\AgCx_SC2.db
O45 - LFCP:[MD5.5C304E493AF798B84BE09CA6DEB4E21B] - 01/04/2013 - 12:40:56 ---A- - C:\Windows\Prefetch\ROGUEKILLERX64.EXE-BEF0C8AD.pf
O45 - LFCP:[MD5.1102DDE8FDE7EDE79E57ED153418B58F] - 01/04/2013 - 12:44:51 ---A- - C:\Windows\Prefetch\ADWCLEANER.EXE-80B60860.pf
O45 - LFCP:[MD5.CE7FF4368B2BDF6606E152C00DC90503] - 02/04/2013 - 15:13:40 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-98677702.pf
O45 - LFCP:[MD5.B9E1E04468CB55617FE5BD4BB74CB35A] - 03/04/2013 - 18:58:44 ---A- - C:\Windows\Prefetch\MAP.EXE-FB3E44B4.pf
O45 - LFCP:[MD5.38F71800F6A026523BE55CF9413A0ACF] - 03/04/2013 - 19:03:34 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-38161C81.pf
O45 - LFCP:[MD5.0F9006EA2AAEEDCD43B943FC11C3B180] - 03/04/2013 - 19:15:11 ---A- - C:\Windows\Prefetch\MAKECAB.EXE-E962779E.pf
O45 - LFCP:[MD5.492577FC993C8A0853CD767231095D00] - 03/04/2013 - 19:22:32 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-4F60B70E.pf
O45 - LFCP:[MD5.9A9B553E0EF43983B7851618C0DDCCE5] - 03/04/2013 - 19:22:32 ---A- - C:\Windows\Prefetch\WINSAT.EXE-A854C4D0.pf
O45 - LFCP:[MD5.7F0AEF2D76342525B4DA2A276E8F8386] - 03/04/2013 - 19:44:02 ---A- - C:\Windows\Prefetch\dynreservedpri.db
O45 - LFCP:[MD5.B64EBBF158AFCCEEECA6CC2C08BA8AE3] - 04/04/2013 - 01:23:01 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-C43BAF4E.pf
O45 - LFCP:[MD5.7FA06135768CBDFE762B25D41558D5E6] - 04/04/2013 - 01:23:12 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-B331F1D0.pf
O45 - LFCP:[MD5.CAF914EF5E36E8131E7EE7E0D6C9621D] - 04/04/2013 - 16:55:22 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-3C40F7FB.pf
O45 - LFCP:[MD5.073BA17D4B5ED05B68C7C4145848745C] - 04/04/2013 - 16:55:22 ---A- - C:\Windows\Prefetch\SPOOLSV.EXE-AC422BB0.pf
O45 - LFCP:[MD5.D38DDB9AEB262DF100E777FE86F78E6F] - 04/04/2013 - 16:55:22 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-D926A5CA.pf
O45 - LFCP:[MD5.3715EE39462F4C95F207BAB227002B5D] - 06/04/2013 - 12:37:58 ---A- - C:\Windows\Prefetch\DASHOST.EXE-38AAABF0.pf
O45 - LFCP:[MD5.C3EF20F4EC157CE4DDBCC6DB5BB39213] - 06/04/2013 - 12:37:58 ---A- - C:\Windows\Prefetch\DSIWMIS.EXE-238692B9.pf
O45 - LFCP:[MD5.873E43B33D8A2FAD9269A0D873FAD62E] - 06/04/2013 - 13:04:55 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-465FAC7E.pf
O45 - LFCP:[MD5.CD19ECF7C34E1818D1909AE5E4ED4FB0] - 06/04/2013 - 13:14:38 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-B98D9700.pf
O45 - LFCP:[MD5.CF6BD62477E5AFA76473AF7C18AF34B6] - 06/04/2013 - 20:04:37 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-5F7F692E.pf
O45 - LFCP:[MD5.A3FEAA0CB1760F7BB5C7F48365400A24] - 06/04/2013 - 20:04:41 ---A- - C:\Windows\Prefetch\LIVECOMM.EXE-F1928578.pf
O45 - LFCP:[MD5.DFFF3E52055B422BC782FDDD5C129576] - 06/04/2013 - 20:07:09 ---A- - C:\Windows\Prefetch\WSCRIPT.EXE-2D1A9206.pf
O45 - LFCP:[MD5.6148686388D1165665E77DDE01D8F74B] - 06/04/2013 - 20:11:10 ---A- - C:\Windows\Prefetch\PLANTES-CONTRE-ZOMBIES_S5_L4_-0D143F2C.pf
O45 - LFCP:[MD5.A05F6F52763553EA4280AA94ED5298CA] - 06/04/2013 - 20:11:15 ---A- - C:\Windows\Prefetch\PLANTES-CONTRE-ZOMBIES_S5_L4_-CD30A4DE.pf
O45 - LFCP:[MD5.94D502609EBB883BCA39284DB5CC19B5] - 06/04/2013 - 20:15:49 ---A- - C:\Windows\Prefetch\BFGSETUP_S5_L4.EXE-B85A885E.pf
O45 - LFCP:[MD5.EA0B774BCD6274A836F477AD476E7CA3] - 06/04/2013 - 20:15:52 ---A- - C:\Windows\Prefetch\BFGSETUP_S5_L4.EXE-0644937D.pf
O45 - LFCP:[MD5.AAC0B9D5E6365376E8E43AFB3D4E1C4A] - 06/04/2013 - 20:21:50 ---A- - C:\Windows\Prefetch\SETUP_GF5038T1L4_D2041618931_-3B7FD9F8.pf
O45 - LFCP:[MD5.B37688432F0706E7B4A7A453C56556A6] - 06/04/2013 - 20:33:26 ---A- - C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-E510713D.pf
O45 - LFCP:[MD5.C96B93AF0B5AD440A811D927A5A1904F] - 06/04/2013 - 20:33:28 ---A- - C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_6_602_18-54979347.pf
O45 - LFCP:[MD5.D7C932B3541FBD16EA79F6D19E4C641C] - 07/04/2013 - 04:51:59 ---A- - C:\Windows\Prefetch\BACKGROUNDTRANSFERHOST.EXE-9145C254.pf
O45 - LFCP:[MD5.6830CA66C8DC19CA446ABC55947A7FAF] - 08/04/2013 - 16:37:00 ---A- - C:\Windows\Prefetch\HECISERVER.EXE-AD396A6A.pf
O45 - LFCP:[MD5.948EBD37AC24C28ACD7CD2418BE33039] - 09/04/2013 - 00:28:15 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3F8.pf
O45 - LFCP:[MD5.9230826AC9224E1D6FCDAF30ACDBAA91] - 09/04/2013 - 14:25:44 ---A- - C:\Windows\Prefetch\PHOTOFILTRE.EXE-714CEA23.pf
O45 - LFCP:[MD5.6F00685F00B18C9DE2BAAC55FB9B20FE] - 11/04/2013 - 11:27:58 ---A- - C:\Windows\Prefetch\WUDFHOST.EXE-0D78D366.pf
O45 - LFCP:[MD5.F21D99C99D5D6F3A200F4E37CC5DF064] - 11/04/2013 - 11:32:24 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-276AC160.pf
O45 - LFCP:[MD5.1536BED7918B808709FC77E81AF529BB] - 11/04/2013 - 12:16:12 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-23477062.pf
O45 - LFCP:[MD5.0705598C94AD12A4E1F38F3344A1CDED] - 11/04/2013 - 12:47:20 ---A- - C:\Windows\Prefetch\DXPSERVER.EXE-E3812E71.pf
O45 - LFCP:[MD5.7F15C63E23106474308D156DFB2FDF37] - 11/04/2013 - 12:47:24 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-024CCF9B.pf
O45 - LFCP:[MD5.9A94329FBFC9FA5D1E7A0730B28097C0] - 12/04/2013 - 19:20:02 ---A- - C:\Windows\Prefetch\MAHJONGQUEST2.EXE-D004834C.pf
O45 - LFCP:[MD5.24404412B4E881FD5D473D553D487874] - 13/04/2013 - 17:08:24 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-3BF9CDB0.pf
O45 - LFCP:[MD5.6DD9CB7788695ED13344B60CD5EA4555] - 13/04/2013 - 17:08:37 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-DACB5D4F.pf
O45 - LFCP:[MD5.CD0256F4B296BC76FAC42E9C64E66C1B] - 13/04/2013 - 17:11:23 ---A- - C:\Windows\Prefetch\MBAM-SETUP.EXE-0E733B33.pf
O45 - LFCP:[MD5.32E3537D79A524CECB8ABC3DDC50A6DA] - 13/04/2013 - 17:11:24 ---A- - C:\Windows\Prefetch\MBAM-SETUP.TMP-689554BC.pf
O45 - LFCP:[MD5.2874494D1A431C3685EC3F928FCCAEE6] - 13/04/2013 - 17:11:50 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-E1DBB6D8.pf
O45 - LFCP:[MD5.9A8A21A0D9054B8FE729C60FA257B59F] - 13/04/2013 - 17:12:28 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-210D3DBE.pf
O45 - LFCP:[MD5.7CFA78A270547A66E76FC824FF8AC7C2] - 13/04/2013 - 17:39:19 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-D687BE54.pf
O45 - LFCP:[MD5.F67F82F0E50A7C31D6DC2067ADF9BFF8] - 13/04/2013 - 17:40:13 ---A- - C:\Windows\Prefetch\SRTASKS.EXE-29C2E869.pf
O45 - LFCP:[MD5.A7D80733CD903FBA1DADCC0D313BFF9A] - 13/04/2013 - 17:40:36 ---A- - C:\Windows\Prefetch\MRTSTUB.EXE-DC25B37F.pf
O45 - LFCP:[MD5.E67F707F9ECC50564C055F3218B74188] - 13/04/2013 - 17:40:42 ---A- - C:\Windows\Prefetch\WINDOWS-KB890830-X64-V4.19-DE-F3E14590.pf
O45 - LFCP:[MD5.7EC877BC3AE0E7C672F385D0AEFF0DD1] - 13/04/2013 - 17:40:52 ---A- - C:\Windows\Prefetch\MRT.EXE-07B7D631.pf
O45 - LFCP:[MD5.A42131D5886AB6BEDAF5FF64FB388507] - 14/04/2013 - 18:32:15 ---A- - C:\Windows\Prefetch\SPLWOW64.EXE-853292E2.pf
O45 - LFCP:[MD5.73DDE3289E5FAAB9AEA8259AAFBC1DEE] - 15/04/2013 - 13:45:41 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-7AAE3A0B.pf
O45 - LFCP:[MD5.560F6128C269C7B4A330898B560F363B] - 15/04/2013 - 13:45:46 ---A- - C:\Windows\Prefetch\OPENWITH.EXE-BA0DC300.pf
O45 - LFCP:[MD5.AABCD1F46B16DBD016424B1CBAF6690F] - 15/04/2013 - 13:47:08 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EE2FB4D9.pf
O45 - LFCP:[MD5.808EA1E2EBDA8EA7B02AAF7978BCC44E] - 15/04/2013 - 13:49:54 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-BAE57A74.pf
O45 - LFCP:[MD5.666F7B39BF7EF44A0E352847324B0B3F] - 15/04/2013 - 14:01:11 ---A- - C:\Windows\Prefetch\PCPERFORMER.EXE-72493C95.pf
O45 - LFCP:[MD5.FC31D2873C3103B9D5FF1F29CE5E2BB7] - 16/04/2013 - 02:51:40 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EA0A52C8.pf
O45 - LFCP:[MD5.1EBCBA1B8B3929487FC9106CAEA3846D] - 16/04/2013 - 02:51:50 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-3C5D03F7.pf
O45 - LFCP:[MD5.414D68D8E562C75990F82E46D5437272] - 16/04/2013 - 02:51:52 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C92CB267.pf
O45 - LFCP:[MD5.C9D8B1CE799563850CDDA54DFEE66419] - 16/04/2013 - 02:51:52 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-9E940D77.pf
O45 - LFCP:[MD5.A85B06E16E4739A1DA30B94ED0BB58C2] - 16/04/2013 - 02:51:53 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-D593A5D9.pf
O45 - LFCP:[MD5.C3FF2E903BE1A11210C6F74F6E6FEDC8] - 16/04/2013 - 02:51:53 ---A- - C:\Windows\Prefetch\NGEN.EXE-383F81D5.pf
O45 - LFCP:[MD5.CAB6CB6CDC9C17CA198B00AEC50928A6] - 16/04/2013 - 02:51:54 ---A- - C:\Windows\Prefetch\NGEN.EXE-A8DBB043.pf
O45 - LFCP:[MD5.E06B47DC70358EC7CC2DD5111659465B] - 16/04/2013 - 02:51:54 ---A- - C:\Windows\Prefetch\SETTINGSYNCHOST.EXE-DD400067.pf
O45 - LFCP:[MD5.CB3F54F1E4193D049E314FA302DA046B] - 16/04/2013 - 02:51:55 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-CD4E002C.pf
O45 - LFCP:[MD5.DBC06EEC37D86ED8C6AA5B1857898D50] - 16/04/2013 - 02:51:56 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-4DB88ADA.pf
O45 - LFCP:[MD5.2AFAA1C4636A951B2A38B4A23D6F3215] - 16/04/2013 - 02:51:58 ---A- - C:\Windows\Prefetch\SDIAGNHOST.EXE-D8BC1DC6.pf
O45 - LFCP:[MD5.6E04515948C7A0D5DBAE60B00D2614C6] - 16/04/2013 - 02:52:00 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-55FE3087.pf
O45 - LFCP:[MD5.E6850D528D0AF29486709131EF2951FD] - 16/04/2013 - 02:52:09 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5511E724.pf
O45 - LFCP:[MD5.10C40B78D925B12510539F7BF848248C] - 16/04/2013 - 02:52:13 ---A- - C:\Windows\Prefetch\W32TM.EXE-78C041DB.pf
O45 - LFCP:[MD5.EAC0B45687093A56865AE652D87A8FA2] - 16/04/2013 - 02:52:19 ---A- - C:\Windows\Prefetch\VSSVC.EXE-206E55B3.pf
O45 - LFCP:[MD5.B66B7D5BAB66138B549989DC88E470FB] - 16/04/2013 - 02:52:28 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-574A519D.pf
O45 - LFCP:[MD5.834A4333AF344DF15DC2447ED339CCA6] - 16/04/2013 - 02:52:36 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.161C7740FFB28F16CDCBDF134E2EB3EF] - 16/04/2013 - 02:52:39 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-22AD8A37.pf
O45 - LFCP:[MD5.232761648725F2438D8ECE2924A8C1A7] - 16/04/2013 - 02:53:04 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-4A7CF88B.pf
O45 - LFCP:[MD5.4CBBFEC2005A094F79507587BB4B6A47] - 16/04/2013 - 02:58:31 ---A- - C:\Windows\Prefetch\DRVINST.EXE-26FFA444.pf
O45 - LFCP:[MD5.6B6E193A8C40AA67D527D0AA2BBEB7FA] - 16/04/2013 - 02:59:38 ---A- - C:\Windows\Prefetch\POQEXEC.EXE-43A49B23.pf
O45 - LFCP:[MD5.65CE3C1C492F35F08B0454E775F6CB66] - 16/04/2013 - 03:02:05 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B865F023.pf
O45 - LFCP:[MD5.A98B4C061D9EF22BBC57504AA07D4D40] - 16/04/2013 - 03:02:17 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-D35BF5AF.pf
O45 - LFCP:[MD5.898CB695849FAF78F8C4D4CC6DAFE5EC] - 16/04/2013 - 03:02:30 ---A- - C:\Windows\Prefetch\CREDENTIALUIBROKER.EXE-E9F92FD0.pf
O45 - LFCP:[MD5.8A183477298B94397175210E831DF0DE] - 16/04/2013 - 03:02:37 ---A- - C:\Windows\Prefetch\EPOWERSVC.EXE-76E124E6.pf
O45 - LFCP:[MD5.15A40CC0C74B899C649D269119D9E84E] - 16/04/2013 - 03:03:07 ---A- - C:\Windows\Prefetch\BACKGROUNDTRANSFERHOST.EXE-05224ED5.pf
O45 - LFCP:[MD5.5E0F586631ED2F4A5696A6D10F2E89EF] - 16/04/2013 - 03:07:39 ---A- - C:\Windows\Prefetch\BFGPROCESS.EXE-F82DDBBF.pf
O45 - LFCP:[MD5.841F9FDE6E8734A29800040304D425CB] - 16/04/2013 - 03:07:43 ---A- - C:\Windows\Prefetch\ZSXZZZZ.EXE-C6925F93.pf
O45 - LFCP:[MD5.FC22D5479E20FF873A9EAF7A2E659536] - 16/04/2013 - 03:07:49 ---A- - C:\Windows\Prefetch\BFGGAMESERVICES.EXE-8A69C4A2.pf
O45 - LFCP:[MD5.7EBABC079267E4405B11EBA79E1AA374] - 16/04/2013 - 03:07:55 ---A- - C:\Windows\Prefetch\PLANTSVSZOMBIES.EXE-202D653E.pf
O45 - LFCP:[MD5.CF73BF88E8ADE78AD35BD313C33F8AAE] - 16/04/2013 - 04:09:12 ---A- - C:\Windows\Prefetch\BFGCLIENT.EXE-1BB4B44F.pf
O45 - LFCP:[MD5.049057BB98B7D361854ACEA5F89E88EE] - 16/04/2013 - 04:09:20 ---A- - C:\Windows\Prefetch\EPOWERBUTTON.EXE-80D380BE.pf
O45 - LFCP:[MD5.FB1AD07016FACA85A44727CF228C5C07] - 17/04/2013 - 15:32:55 ---A- - C:\Windows\Prefetch\JHI_SERVICE.EXE-9CD021CB.pf
O45 - LFCP:[MD5.464D2F36644DF8E72FA91A983EB7C864] - 17/04/2013 - 15:32:55 ---A- - C:\Windows\Prefetch\MBAMSCHEDULER.EXE-E0C395DC.pf
O45 - LFCP:[MD5.11A914E4ACFEDDC6502E0D1852FE2AAD] - 17/04/2013 - 15:32:55 ---A- - C:\Windows\Prefetch\MBAMSERVICE.EXE-5C46DB66.pf
O45 - LFCP:[MD5.C710CD46DB2932FE7AEFFBCA13AE72DC] - 17/04/2013 - 15:32:55 ---A- - C:\Windows\Prefetch\MQSVC.EXE-E07120CC.pf
O45 - LFCP:[MD5.026343F7766D70CA50E03FF24DF3A733] - 17/04/2013 - 15:33:49 ---A- - C:\Windows\Prefetch\PRINTISOLATIONHOST.EXE-9AE42873.pf
O45 - LFCP:[MD5.76014C334E7F745A095FC506503CF8E0] - 17/04/2013 - 15:34:46 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-05B3EDF6.pf
O45 - LFCP:[MD5.9F613FACD857D782303751C91C3252DA] - 17/04/2013 - 15:35:10 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-7779B832.pf
O45 - LFCP:[MD5.EE327E274B93248E3D2D81E571F7D68C] - 17/04/2013 - 15:36:03 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-528BC649.pf
O45 - LFCP:[MD5.20C4404C6A32B30BDDE3B71A20ED6244] - 17/04/2013 - 15:38:15 ---A- - C:\Windows\Prefetch\HELPER.EXE-FDD78328.pf
O45 - LFCP:[MD5.DFF5118A1F2F5AF9655FC6A212890B36] - 17/04/2013 - 15:38:20 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-7242160E.pf
O45 - LFCP:[MD5.2E0964BA7E915EDF69C952E97F0BB705] - 17/04/2013 - 15:41:44 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-4492B02F.pf
O45 - LFCP:[MD5.2E94A401E13EEA7F47B01CB7F89A8ECA] - 17/04/2013 - 15:45:43 ---A- - C:\Windows\Prefetch\DKRUN32.EXE-8583E6AC.pf
O45 - LFCP:[MD5.295D35E2489AA2ED7FCCB9818C8B07A7] - 17/04/2013 - 15:45:53 ---A- - C:\Windows\Prefetch\LMANAGER.EXE-49876884.pf
O45 - LFCP:[MD5.98246884078BFCC8C0AACB60DE347431] - 17/04/2013 - 15:45:54 ---A- - C:\Windows\Prefetch\IGFXEXT.EXE-B04096D5.pf
O45 - LFCP:[MD5.1C9574FAB46FC39422295324313B5C76] - 17/04/2013 - 15:45:54 ---A- - C:\Windows\Prefetch\MMDX64FX.EXE-4C9473D7.pf
O45 - LFCP:[MD5.8EBAF056A1C4B31808E83A16E4398A8F] - 17/04/2013 - 15:46:03 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.42F3A52158565AB58592CAEBB415228A] - 17/04/2013 - 15:47:54 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-EF8503D3.pf
O45 - LFCP:[MD5.1FB9693649429A02EA71F55A2E029E5F] - 17/04/2013 - 15:47:58 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-E874B0D0.pf
O45 - LFCP:[MD5.00B80D51972D14BB4EB9984DE3149B8F] - 17/04/2013 - 15:48:08 ---A- - C:\Windows\Prefetch\AVASTUI.EXE-DC11C262.pf
O45 - LFCP:[MD5.8086883564181D0A013AB89F18CB282D] - 17/04/2013 - 15:48:08 ---A- - C:\Windows\Prefetch\LAUNCHERMA.EXE-B4B56FB9.pf
O45 - LFCP:[MD5.5017B4959AD4BA8BA51491543E61B5C8] - 17/04/2013 - 15:48:09 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-B28CC291.pf
O45 - LFCP:[MD5.A141841C417C016C9153D5F7000E27BF] - 17/04/2013 - 15:49:01 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-3290E8FC.pf
O45 - LFCP:[MD5.EE214609B9EE9558343C0B6BA6A0C2A2] - 17/04/2013 - 15:49:10 ---A- - C:\Windows\Prefetch\MBAM.EXE-125A28F9.pf
O45 - LFCP:[MD5.7ED4B5636D37FAADE7AAC5C05807A877] - 17/04/2013 - 15:49:26 ---A- - C:\Windows\Prefetch\UNS.EXE-9B1279FB.pf
O45 - LFCP:[MD5.49C3A7D42FC3A77EB2BD0A36597363F7] - 17/04/2013 - 15:49:28 ---A- - C:\Windows\Prefetch\LMS.EXE-409EDB07.pf
O45 - LFCP:[MD5.2DA427460A5B234A504D6232436139CB] - 17/04/2013 - 15:49:30 ---A- - C:\Windows\Prefetch\NASVC.EXE-314DC6C9.pf
O45 - LFCP:[MD5.89BBBDA0CB3CA01F0A470F118A8F4E2A] - 17/04/2013 - 15:49:31 ---A- - C:\Windows\Prefetch\CCSVCHST.EXE-A988759B.pf
O45 - LFCP:[MD5.224D5F97BE434B192A809136C685013D] - 17/04/2013 - 15:49:57 ---A- - C:\Windows\Prefetch\CCLEANER64.EXE-1137D9AC.pf
O45 - LFCP:[MD5.A9E4A8C8D061ACD3AA776174487FB6AE] - 17/04/2013 - 15:51:11 ---A- - C:\Windows\Prefetch\MBAMGUI.EXE-9FF23AE2.pf
O45 - LFCP:[MD5.DCF714C6A7B2D1EAF7E86AEF9E77A709] - 17/04/2013 - 15:51:23 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-7D63BB4C.pf
O45 - LFCP:[MD5.78B2EA048CF2DFA34F48CC9B698DBAB4] - 17/04/2013 - 15:51:28 ---A- - C:\Windows\Prefetch\CONTROL.EXE-5BCB0217.pf
O45 - LFCP:[MD5.9DC091D3A1A14E36465FAA2CE1978AF3] - 17/04/2013 - 15:51:29 ---A- - C:\Windows\Prefetch\Op-EXPLORER.EXE-03C49D11-000000F5.pf
O45 - LFCP:[MD5.5E3E158DCD9514D418BF19ACB3FF02BA] - 17/04/2013 - 15:51:36 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C7028A70.pf
O45 - LFCP:[MD5.27B2CA6ACBB14F7F536B1C9828240C32] - 17/04/2013 - 16:16:42 ---A- - C:\Windows\Prefetch\THUMBNAILEXTRACTIONHOST.EXE-C3FB8861.pf
O45 - LFCP:[MD5.BED794705717D4852C2C939896ACAB84] - 17/04/2013 - 16:44:05 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-E35F76FB.pf
O45 - LFCP:[MD5.21E917A58C1AEE3E1F15C1E8A79B5859] - 17/04/2013 - 17:25:13 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-E9FE1791.pf
O45 - LFCP:[MD5.2A15B8E7C4DE4532D1A6871B5570281A] - 17/04/2013 - 17:29:51 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50DEE1CF.pf
O45 - LFCP:[MD5.BC2D701E5CD4647370A8A6CDCFAD38D1] - 17/04/2013 - 18:05:02 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-E0E5E52F.pf
O45 - LFCP:[MD5.F2FAE46837FC398C421F054FDFECDF74] - 17/04/2013 - 18:08:32 ---A- - C:\Windows\Prefetch\AVASTSVC.EXE-E895EC10.pf
O45 - LFCP:[MD5.6B31B934C188A3042B356D53181A790D] - 17/04/2013 - 18:12:41 ---A- - C:\Windows\Prefetch\ETDANICONF.EXE-9A216E63.pf
O45 - LFCP:[MD5.A2348FFCD3C79DC5DA0761AA9A69D3B2] - 17/04/2013 - 18:17:12 ---A- - C:\Windows\Prefetch\TASKENG.EXE-23205583.pf
O45 - LFCP:[MD5.8EDC8A2302723DF913BEBB4265814568] - 17/04/2013 - 18:22:35 ---A- - C:\Windows\Prefetch\PCSUSD.EXE-023F0582.pf
O45 - LFCP:[MD5.FD9087F97D2D4193C7F6FC87B8672321] - 17/04/2013 - 19:09:31 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.727BA095634CE2977C6C083396A1D546] - 17/04/2013 - 19:10:32 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.9EFE85DF3C11021888E0400911E273CE] - 17/04/2013 - 19:13:44 ---A- - C:\Windows\Prefetch\ROGUEKILLERX64 (1).EXE-467AE9EF.pf
O45 - LFCP:[MD5.112F8EDB86BCB0E62D8484AF02FFF037] - 17/04/2013 - 19:16:40 ---A- - C:\Windows\Prefetch\RFBTNSVC64.EXE-4CA3F3BE.pf
O45 - LFCP:[MD5.ADF7D9C8AB886E25A56B5C735D1840E1] - 17/04/2013 - 19:19:54 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-1A4CC1C3.pf
O45 - LFCP:[MD5.BF3A8388B36B36C065871B9962A5F81D] - 17/04/2013 - 19:20:50 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.9DA851D3ED7B2920632632D0E19AF1F2] - 17/04/2013 - 19:20:51 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.8A795072EF651DC069836C02D952AD9A] - 17/04/2013 - 19:20:51 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.44AAFC857F336F63CB76113BB3EF4E59] - 17/04/2013 - 19:20:51 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.93D7062A96538680E7F3068E023B9AB8] - 17/04/2013 - 19:21:53 ---A- - C:\Windows\Prefetch\SMSS.EXE-81AD91F0.pf
O45 - LFCP:[MD5.EA4B52BC76DD649A4B193B6B20BED66D] - 17/04/2013 - 19:22:03 ---A- - C:\Windows\Prefetch\CSRSS.EXE-A7A2B218.pf
O45 - LFCP:[MD5.40EA65077FA84AE31C56935C13348DB6] - 17/04/2013 - 19:22:03 ---A- - C:\Windows\Prefetch\WINLOGON.EXE-0D9AB72B.pf
O45 - LFCP:[MD5.F96E3BC1EE781EB55FA9C67E50C04AD8] - 17/04/2013 - 19:22:04 ---A- - C:\Windows\Prefetch\DWM.EXE-F29FE9E2.pf
O45 - LFCP:[MD5.FDF72E5C3ECFDB4900C0E689426BCE0E] - 18/04/2013 - 13:46:31 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-F2C7AEBC.pf
O45 - LFCP:[MD5.5D4DC1EB9657E8EE456F2F4E42DD3334] - 18/04/2013 - 13:46:32 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-94CE7668.pf
O45 - LFCP:[MD5.E296ACA85B96665B84AE58CB5D10842B] - 18/04/2013 - 13:46:33 ---A- - C:\Windows\Prefetch\ATBROKER.EXE-8B8F7F7C.pf
O45 - LFCP:[MD5.4F5458CB1F1178162E7D89FF1D7379EA] - 18/04/2013 - 13:46:34 ---A- - C:\Windows\Prefetch\SYMSILENTBOOTSTRAP.EXE-2F1083F1.pf
O45 - LFCP:[MD5.AA5999B203AE3A4B8F96405448C3AFC7] - 18/04/2013 - 13:46:37 ---A- - C:\Windows\Prefetch\HLUPDATER.EXE-C73D8338.pf
O45 - LFCP:[MD5.3170B63421965B36058B34D9DE3AF92B] - 18/04/2013 - 13:46:39 ---A- - C:\Windows\Prefetch\AVBUGREPORT.EXE-E4EA699E.pf
O45 - LFCP:[MD5.4C8E93C4BADDC39A3FCDDF934BAF6739] - 18/04/2013 - 13:46:41 ---A- - C:\Windows\Prefetch\CONHOST.EXE-F98A1078.pf
O45 - LFCP:[MD5.4EF48A788B1E66C0E1BC0D8BE68DE9EB] - 18/04/2013 - 13:46:41 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-6520183E.pf
O45 - LFCP:[MD5.0D14215C9F08968D7A618B773AFB7FC8] - 18/04/2013 - 13:46:42 ---A- - C:\Windows\Prefetch\ETDCTRL.EXE-91BAE8DE.pf
O45 - LFCP:[MD5.AB96CA3B3E92F4DA9DE50C8B59A15272] - 18/04/2013 - 13:46:42 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf
O45 - LFCP:[MD5.A203A233A5524C0300AF8AD4BB30E468] - 18/04/2013 - 13:46:42 ---A- - C:\Windows\Prefetch\LMUTILPS32.EXE-9827F12C.pf
O45 - LFCP:[MD5.3FC615EA145C6513F739DA91FC6C07AE] - 18/04/2013 - 13:46:42 ---A- - C:\Windows\Prefetch\USERINIT.EXE-7FD17ED1.pf
O45 - LFCP:[MD5.88FFA4FF59C85D919271DE053F00E5E8] - 18/04/2013 - 13:46:47 ---A- - C:\Windows\Prefetch\ETDCTRLHELPER.EXE-6A174316.pf
O45 - LFCP:[MD5.8340ECADBA8B6EB66476339E2AD06731] - 18/04/2013 - 13:46:54 ---A- - C:\Windows\Prefetch\AVAST.SETUP-50B30900.pf
O45 - LFCP:[MD5.E33AA692906F30BAA284BBFFB369FC4C] - 18/04/2013 - 13:47:00 ---A- - C:\Windows\Prefetch\RUNTIMEBROKER.EXE-17E2786F.pf
O45 - LFCP:[MD5.E4F54952083F3D2C486CD0643AF534B5] - 18/04/2013 - 13:47:01 ---A- - C:\Windows\Prefetch\AVASTEMUPDATE.EXE-0DD1597D.pf
O45 - LFCP:[MD5.155CCD7C6CF3A391416E010B80487995] - 18/04/2013 - 13:47:02 ---A- - C:\Windows\Prefetch\IGFXSRVC.EXE-F41E6E8E.pf
O45 - LFCP:[MD5.B9619F0689D91EB48E52D21BC8E469C7] - 18/04/2013 - 13:47:02 ---A- - C:\Windows\Prefetch\RAVCPL64.EXE-C0BB540D.pf
O45 - LFCP:[MD5.E6822A5D329ECC67C693325DCB3521E0] - 18/04/2013 - 13:47:04 ---A- - C:\Windows\Prefetch\IGFXTRAY.EXE-21BDFE68.pf
O45 - LFCP:[MD5.FC60D1AA12F6E56EF06B21594728612A] - 18/04/2013 - 13:47:05 ---A- - C:\Windows\Prefetch\HKCMD.EXE-15DC91D5.pf
O45 - LFCP:[MD5.C28DC3BDC5465CD4B5981718CF38A74B] - 18/04/2013 - 13:47:06 ---A- - C:\Windows\Prefetch\IGFXPERS.EXE-82C794F2.pf
O45 - LFCP:[MD5.17BECA1BB0828F70FB022BE758DBC75F] - 18/04/2013 - 13:47:08 ---A- - C:\Windows\Prefetch\PCSUNOTIFIER.EXE-9B7EC34F.pf
O45 - LFCP:[MD5.A8FDD2CBBC7B108145DCF09A1CCE744C] - 18/04/2013 - 13:47:08 ---A- - C:\Windows\Prefetch\SETAPM.EXE-9D9BA1F2.pf
O45 - LFCP:[MD5.3A4D88129238B71F94503614C1567567] - 18/04/2013 - 13:47:13 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6AA5D6C5.pf
O45 - LFCP:[MD5.BA3B021E43B78DE9168EC74F8AFCD8DC] - 18/04/2013 - 13:47:17 ---A- - C:\Windows\Prefetch\EPOWEREVENT.EXE-57DB0DA4.pf
O45 - LFCP:[MD5.176EDB0A8A2BBA341F01BC4F058C06D6] - 18/04/2013 - 13:47:17 ---A- - C:\Windows\Prefetch\UNSECAPP.EXE-454AB5C0.pf
O45 - LFCP:[MD5.DEA33C17D89DA40793D046002854827C] - 18/04/2013 - 13:47:27 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-7D20CFB0.pf
O45 - LFCP:[MD5.3230E664B4194A32AF1EFB28FBC84C59] - 18/04/2013 - 13:47:33 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-9848A323.pf
O45 - LFCP:[MD5.E8DFDD9E091C5C22E15E3BDAC3B8A3D9] - 18/04/2013 - 13:47:35 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-29D61DAB.pf
O45 - LFCP:[MD5.2363EDA56B636BA7F7570881DC76F434] - 18/04/2013 - 13:47:35 ---A- - C:\Windows\Prefetch\TIWORKER.EXE-D3BFD41F.pf
O45 - LFCP:[MD5.48E1D1436DA8D5811D7774C7509561A0] - 18/04/2013 - 13:47:35 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-B018CCBF.pf
O45 - LFCP:[MD5.A502B1D43D9115FA8FE338DC81917FFC] - 18/04/2013 - 13:47:36 ---A- - C:\Windows\Prefetch\DELEGATE_EXECUTE.EXE-0094E886.pf
O45 - LFCP:[MD5.90D356A44B2B06FF91BFA1A5BE4BE09F] - 18/04/2013 - 13:47:42 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3FB.pf
O45 - LFCP:[MD5.123E349542CFA7F4C6AB0CC94BFE0D40] - 18/04/2013 - 13:47:46 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3F4.pf
O45 - LFCP:[MD5.10E22EAABC545502253918B7E46DE32D] - 18/04/2013 - 13:47:47 ---A- - C:\Windows\Prefetch\AgCx_SC5.db
O45 - LFCP:[MD5.98BA7BE9D46B8D789AD77972CB6A1F58] - 18/04/2013 - 13:47:48 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3F7.pf
O45 - LFCP:[MD5.A759B6DA54C19F7238E3A204CE999512] - 18/04/2013 - 13:49:25 ---A- - C:\Windows\Prefetch\TASKHOSTEX.EXE-7356AAC0.pf
O45 - LFCP:[MD5.6B7844648B44F5F2B0051169E0E5A063] - 18/04/2013 - 13:49:32 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-985C34E6.pf
O45 - LFCP:[MD5.F7AF24E53C032EB436CAE1CEBF8DE4AC] - 18/04/2013 - 13:49:37 ---A- - C:\Windows\Prefetch\CONSENT.EXE-2D674CE4.pf
O45 - LFCP:[MD5.ED7041B5862EFC808A4E5CAE5510E2DA] - 18/04/2013 - 13:49:43 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50AF0BCC.pf
O45 - LFCP:[MD5.F2E774D77CEDDF56A38FB5447F3F6F44] - 18/04/2013 - 13:49:47 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-BB49B536.pf
O45 - LFCP:[MD5.FA4088F507BF71A5503E84E55E282DAB] - 18/04/2013 - 13:49:48 ---A- - C:\Windows\Prefetch\ADWCLEANER (1).EXE-9C677C42.pf
O45 - LFCP:[MD5.761AE2DA0B2A6A4291E6A68707735825] - 18/04/2013 - 13:49:50 ---A- - C:\Windows\Prefetch\PING.EXE-167FE968.pf
O45 - LFCP:[MD5.ADAE6DD5B65499F97E9A202ADD2046AF] - 18/04/2013 - 13:49:51 ---A- - C:\Windows\Prefetch\CMD.EXE-CD245F9E.pf
O45 - LFCP:[MD5.D46FCC9F3FFDB816B3842404CF9833DE] - 18/04/2013 - 13:49:51 ---A- - C:\Windows\Prefetch\REG.EXE-6A8B6960.pf
O45 - LFCP:[MD5.A4AF4AF7698D90687BE485758A0C2082] - 18/04/2013 - 13:50:07 ---A- - C:\Windows\Prefetch\SYMERR.EXE-85F7934F.pf
O45 - LFCP:[MD5.A70133ECACB01E857C4906A8F050C497] - 18/04/2013 - 13:50:19 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-38926D07.pf
O45 - LFCP:[MD5.F11F3B12B269524DA7CB260AFE05DEAA] - 18/04/2013 - 13:50:51 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4105170967-1408492940-2512939263-1001.db
O45 - LFCP:[MD5.59D5711196B2C8AE7C5011E096CEDEDC] - 18/04/2013 - 13:50:51 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-4105170967-1408492940-2512939263-1001.db
O45 - LFCP:[MD5.92813F0AC80E41AA57BBE5B8AE148671] - 18/04/2013 - 13:54:34 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-A81D648B.pf
O45 - LFCP:[MD5.2C403CB56D1000743C2DD61F909E48B3] - 18/04/2013 - 13:54:34 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-F0DC10FC.pf
O45 - LFCP:[MD5.35CB91D3B9EF2243154FB01D0D45398F] - 18/04/2013 - 13:54:49 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-10E4267C.pf
O45 - LFCP:[MD5.DC383D846C59FD2AD99AA43B2E4AAF3D] - 18/04/2013 - 13:54:49 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-C6CFE2A8.pf
O45 - LFCP:[MD5.6B43EAB4515BBBDDB25616084D24A7B3] - 18/04/2013 - 13:55:00 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-62E5E10F.pf
O45 - LFCP:[MD5.5F3C5AED61E29B66CD1AA79AE333D4BF] - 18/04/2013 - 13:55:06 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-6368FF25.pf
O45 - LFCP:[MD5.27DCA0073C6A27208F07F8B2663D875F] - 18/04/2013 - 13:55:17 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-5F2753B1.pf
O45 - LFCP:[MD5.EE840A80F75E23A22987AAA2F0F51F66] - 18/04/2013 - 13:55:27 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-C7289479.pf
O45 - LFCP:[MD5.1F1162662EF14FCE851EAE647BD7D5CE] - 18/04/2013 - 13:56:07 ---A- - C:\Windows\Prefetch\CMD.EXE-2EB3E6E2.pf
O45 - LFCP:[MD5.88A7ED34F06A785677ED4F5DBD72FA92] - 18/04/2013 - 13:56:07 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-E9FF6526.pf
O45 - LFCP:[MD5.253DC0CBE5BD1AADDED03C4D199D12BA] - 18/04/2013 - 13:56:10 ---A- - C:\Windows\Prefetch\PV.EXE-D9D90B9C.pf
O45 - LFCP:[MD5.4FD97AA78ACC6D0D0042D51CF09828EC] - 18/04/2013 - 13:56:12 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-D08B2113.pf
O45 - LFCP:[MD5.4A282DAED1693AF7C82A3461FE9FDA68] - 18/04/2013 - 13:56:15 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-7B160CA5.pf
O45 - LFCP:[MD5.74E8B1FDAA46CD1F0E69E900B499EDCA] - 18/04/2013 - 13:56:15 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-0C8A533A.pf
O45 - LFCP:[MD5.7EDAB31DE5FCFF1831BEFFD1FF3E8861] - 18/04/2013 - 13:56:41 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-0AD36442.pf
O45 - LFCP:[MD5.F643C85FB50FEBEAAC675B28C6166ECA] - 18/04/2013 - 13:56:56 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5B401A7E.pf
O45 - LFCP:[MD5.F4EEE742464D634F5B767B7E7B614070] - 18/04/2013 - 13:57:07 ---A- - C:\Windows\Prefetch\PCSULAUNCHER.EXE-78887829.pf
O45 - LFCP:[MD5.9A16A42BA1E2FCCBBB92845E9737D415] - 20/03/2013 - 19:03:40 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-DBE13B61.pf
O45 - LFCP:[MD5.D84C63CFB2D557B1398D21A8217484E5] - 22/03/2013 - 11:44:43 ---A- - C:\Windows\Prefetch\SPMREMINDER.EXE-46F72303.pf
O45 - LFCP:[MD5.8E31EA330BFADA6182BCBAD0EDC54C31] - 22/03/2013 - 11:50:01 ---A- - C:\Windows\Prefetch\OV.EXE-48107AD1.pf
O45 - LFCP:[MD5.02ECF74ACFE668841BF50FAAE01B34A8] - 22/03/2013 - 12:40:15 ---A- - C:\Windows\Prefetch\RSTRUI.EXE-F76EBF17.pf
O45 - LFCP:[MD5.F917466F6D6D87967E691A3200902772] - 22/03/2013 - 13:23:42 ---A- - C:\Windows\Prefetch\SWEETPACKSUPDATEMANAGER.EXE-4BA95FDA.pf  =>PUP.SweetIM
O45 - LFCP:[MD5.686CF3D27A34156BB8EE074EA3088C26] - 22/03/2013 - 14:05:54 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-902D44A5.pf
O45 - LFCP:[MD5.8CC8FDC15BA4973DFC7002015F580589] - 23/03/2013 - 13:49:35 ---A- - C:\Windows\Prefetch\PCPERFORMERSETUP.EXE-3193B7F4.pf
O45 - LFCP:[MD5.CF4FEEE1B1ABC8609BBEE1BAB094EF0D] - 23/03/2013 - 13:49:48 ---A- - C:\Windows\Prefetch\FILESCOUT.EXE-6D8F1F9F.pf
O45 - LFCP:[MD5.171CB7A01F564F01956D1C71F6F8A359] - 23/03/2013 - 13:50:12 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-91514A33.pf
O45 - LFCP:[MD5.26EE274F4448103AA284A8C704AB4680] - 23/03/2013 - 13:50:20 ---A- - C:\Windows\Prefetch\SPEEDANALYSIS.EXE-2967783D.pf
O45 - LFCP:[MD5.906E4A72D508B5430FAC3338B9B35341] - 23/03/2013 - 13:50:23 ---A- - C:\Windows\Prefetch\CCP.EXE-0128F051.pf
O45 - LFCP:[MD5.2A701C79465917F887E4A651476FB013] - 23/03/2013 - 13:50:30 ---A- - C:\Windows\Prefetch\TASKKILL.EXE-3D8A2F61.pf
O45 - LFCP:[MD5.E764C91BEAD298484400C29F29694F3B] - 24/03/2013 - 12:31:48 ---A- - C:\Windows\Prefetch\MSNMSGR.EXE-97D0C771.pf
O45 - LFCP:[MD5.BB8B3354EBF1E9017AED54C1CB2C62C8] - 27/03/2013 - 21:43:24 ---A- - C:\Windows\Prefetch\AUTHHOST.EXE-44C90B62.pf
O45 - LFCP:[MD5.098117C2A9D5B7EBB451C256EFC82CDC] - 30/03/2013 - 19:49:17 ---A- - C:\Windows\Prefetch\IMINENT.MESSENGERS.EXE-71459735.pf  =>Adware.IMBooster
O45 - LFCP:[MD5.926497628B75DC1FF2F329D2A26E6CDA] - 30/03/2013 - 20:02:00 ---A- - C:\Windows\Prefetch\UPDATER.EXE-8B6750DD.pf
O45 - LFCP:[MD5.5D3A5BB36A1131E9E6C7238D0129956D] - 30/03/2013 - 20:02:15 ---A- - C:\Windows\Prefetch\GUNINSTALLER.EXE-2C903D24.pf
O45 - LFCP:[MD5.5AF3744642E89A59039A6CAC55024039] - 30/03/2013 - 20:02:29 ---A- - C:\Windows\Prefetch\AU_.EXE-09A05A98.pf
O45 - LFCP:[MD5.E671DF621E6A72F7AEB4DFD4B3C147E7] - 30/03/2013 - 20:02:33 ---A- - C:\Windows\Prefetch\UNINST1.EXE-70626DF6.pf
O45 - LFCP:[MD5.96C9F1C0A5D59BFAA67BA49B7AFF1A3C] - 30/03/2013 - 20:11:51 ---A- - C:\Windows\Prefetch\UPT4PC_FR_24.EXE-D5FD3820.pf
O45 - LFCP:[MD5.C200B90E047FD03E5E15774FF887E749] - 30/03/2013 - 20:15:44 ---A- - C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP.EX-6E143A86.pf
O45 - LFCP:[MD5.F23D334A686F7C518C343FB6FE7FB2BB] - 30/03/2013 - 20:15:54 ---A- - C:\Windows\Prefetch\AVAST.SETUP-DBBE2FCE.pf
O45 - LFCP:[MD5.023C07A83ABE0401711C5236F8C9F202] - 30/03/2013 - 20:16:52 ---A- - C:\Windows\Prefetch\VCREDIST_X86_SP1.EXE-9A7CACCD.pf
O45 - LFCP:[MD5.E91B0101B1B2B400D9AAD9E4B9BED200] - 30/03/2013 - 20:21:47 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf
O45 - LFCP:[MD5.D640CE9888CEE41AC36DAFD342C024F8] - 30/03/2013 - 20:24:39 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf
O45 - LFCP:[MD5.FBA929BDB2DCC0FD7FEB1FA3A371509A] - 30/03/2013 - 21:16:06 ---A- - C:\Windows\Prefetch\CCSETUP400.EXE-7ECE3199.pf
O45 - LFCP:[MD5.CD3DD781E2C829AB5242727AB146DEE9] - 30/03/2013 - 21:21:18 ---A- - C:\Windows\Prefetch\LOGICIEL-FREE_POUR_MALWAREBYT-D6E292FA.pf
O45 - LFCP:[MD5.273298EB2B74100409F44F0B48A077CB] - 30/03/2013 - 21:21:54 ---A- - C:\Windows\Prefetch\MBAM-SETUP-1.70.0.1100.TMP-D9D22FEA.pf
O45 - LFCP:[MD5.8905EF9030839CDDB11A4460C23A1FD8] - 30/03/2013 - 21:21:56 ---A- - C:\Windows\Prefetch\MBAM-SETUP-1.70.0.1100.TMP-24BE5830.pf
O45 - LFCP:[MD5.C5428D87A2AD79B55CF63609496A09EF] - 30/03/2013 - 21:21:56 ---A- - C:\Windows\Prefetch\MBAM-SETUP-1.70.0.1100.TMP-D1427B7A.pf
O45 - LFCP:[MD5.9F10FD76C44E1E0DE327F74C846B8A20] - 30/03/2013 - 21:21:58 ---A- - C:\Windows\Prefetch\MBAM-SETUP-1.70.0.1100.TMP-CB180043.pf
O45 - LFCP:[MD5.70EED8B8DFE9CD367053DE1D6A97DC55] - 30/03/2013 - 21:28:37 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-E875A140.pf
O45 - LFCP:[MD5.72A5ABEF7BD25FB5C316D32C86DC721C] - 30/03/2013 - 22:44:43 ---A- - C:\Windows\Prefetch\JEWELQUESTSLEEPLESSSTAR.EXE-5697E47C.pf
O45 - LFCP:[MD5.6406E282C14879ECFCB492759958B8A4] - 31/03/2013 - 00:28:10 ---A- - C:\Windows\Prefetch\UTORRENT.EXE-CF291A41.pf
O45 - LFCP:[MD5.4B4C34E3CEA1A94E96843029B207C4C4] - 31/03/2013 - 00:34:35 ---A- - C:\Windows\Prefetch\UTORRENT.EXE-E69D8B81.pf
O45 - LFCP:[MD5.CED9BB046373ADA5C475FDA046982951] - 31/03/2013 - 00:50:31 ---A- - C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP.EX-A0F0D171.pf
O45 - LFCP:[MD5.3BCE21EF15F44DAF19972BED89587CE4] - 31/03/2013 - 00:50:35 ---A- - C:\Windows\Prefetch\SETUP.OVR-004B9C40.pf
O45 - LFCP:[MD5.5F3ED43FE7DE97B63FF2933ADC2DCFD4] - 31/03/2013 - 00:50:47 ---A- - C:\Windows\Prefetch\AVAST.SETUP-61A797C1.pf
O45 - LFCP:[MD5.54004FDEF6F4FBCC7757C633962DC8F3] - 31/03/2013 - 01:08:53 ---A- - C:\Windows\Prefetch\VIDEOPERFORMERSETUP.EXE-4CAC1F74.pf
O45 - LFCP:[MD5.F72240ED168E9DEB623BA1800E4769A6] - 31/03/2013 - 01:09:30 ---A- - C:\Windows\Prefetch\FIXIO_PC_CLEANER_2013_INSTALL-E7720A66.pf
O45 - LFCP:[MD5.DEF12BE91394CF4FC78B4EE31CF9A8F1] - 31/03/2013 - 01:25:45 ---A- - C:\Windows\Prefetch\DSMUSERTASK.EXE-D4A83970.pf
O45 - LFCP:[MD5.59E1916E24528619F113C2CFC756247E] - 31/03/2013 - 02:09:18 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-F0516D55.pf
O45 - LFCP:[MD5.07AC5240BCF64A096A40AE7146660ED2] - 31/03/2013 - 16:57:58 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-4DE7AE8F.pf
O45 - LFCP:[MD5.D2BFF3DA7BF7DCC496137141E06B418E] - 31/03/2013 - 16:58:00 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-959D4AA6.pf
O45 - LFCP:[MD5.F99FFAA3F56F7CC1434C10B205002F94] - 31/03/2013 - 17:58:51 ---A- - C:\Windows\Prefetch\VIDEO PERFORMER63862.EXE-5959E4E1.pf
O45 - LFCP:[MD5.4B2C6A97AF6739C11E136E5E9F327C86] - 31/03/2013 - 18:32:53 ---A- - C:\Windows\Prefetch\AU_.EXE-35714683.pf
~ Prefetcher: 255 Scanned in 00mn 04s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 18 Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ MWPE Keys: 3 Scanned in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.4F18D4C7EA14F11A7211F60D553C03DB] - 26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys   [106736]
~ Drivers:  Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 15/04/2013 - 13:43:45 -S-A- C:\Users\litzenbourger\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506   [290]
O61 - LFC: 15/04/2013 - 13:45:45 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\PlayReady\mspr.hds   [528384]
O61 - LFC: 15/04/2013 - 13:45:45 -S-A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\AC9005F5466BD463DF06D711B370595F   [1175]
O61 - LFC: 15/04/2013 - 13:45:45 -S-A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506   [290]
O61 - LFC: 15/04/2013 - 13:45:45 -S-A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\AC9005F5466BD463DF06D711B370595F   [316]
O61 - LFC: 15/04/2013 - 13:45:47 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\Database\edb.chk   [8192]
O61 - LFC: 15/04/2013 - 13:45:48 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\U4KE4CRE\configuration[1].xml   [2352]
O61 - LFC: 15/04/2013 - 13:45:48 -S-A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\D725F3459E2275E9EA5871B92AD896D0   [23602]
O61 - LFC: 15/04/2013 - 13:45:48 -S-A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\D725F3459E2275E9EA5871B92AD896D0   [244]
O61 - LFC: 15/04/2013 - 13:45:51 -S-A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\F063BF7EF604434CBE00FF198F0D9B10   [4363]
O61 - LFC: 15/04/2013 - 13:45:51 -S-A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\F063BF7EF604434CBE00FF198F0D9B10   [334]
O61 - LFC: 15/04/2013 - 13:46:34 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\N4JLYPUO\3fb21d86-4035-4613-b62f-74edfc3cb355[1].jpg   [28793]
O61 - LFC: 15/04/2013 - 13:46:34 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\N4JLYPUO\music[2]   [69613]
O61 - LFC: 15/04/2013 - 13:46:34 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\PABY495E\Spotlight-Music[1].xml   [3492]
O61 - LFC: 15/04/2013 - 13:46:34 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\U4KE4CRE\314e449e-f547-4323-85c6-bd1e4ba27c72[1].jpg   [12152]
O61 - LFC: 15/04/2013 - 13:46:34 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\HcWSZy8dkkihX0QWLZ6dqr1TAA5EFGUrvv0XE5jbcM   [28793]
O61 - LFC: 15/04/2013 - 13:46:34 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\Z4VmT3XSgdE2U9j2gpktJ6LuSoxGiAIQKh5M4x3CM   [12152]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\53IWSXOJ\browse[2].json   [127299]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\53IWSXOJ\d907f12e-12b8-49c0-8ade-24369581338a[1].jpg   [12194]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\53IWSXOJ\dd79b3ab-ce5e-46b6-a523-211bf2fb303c[1].jpg   [4539]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\53IWSXOJ\imageCA4OOFX8.jpg   [5377]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\53IWSXOJ\imageCAQ011G1.jpg   [10076]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\53IWSXOJ\imageCAZS09JB.jpg   [14861]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\53IWSXOJ\image[10].jpg   [16785]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\53IWSXOJ\image[11].jpg   [14185]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\N4JLYPUO\8d54969f-a7c5-4e28-ba27-40787ee05d3e[1].jpg   [22539]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\N4JLYPUO\c466362a-9266-4cca-b031-e9cc6f9679d2[1].jpg   [86300]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\N4JLYPUO\f0d1caab-ac27-4c1e-a876-0c5ab17914a7[1].jpg   [119447]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\N4JLYPUO\imageCA2Q4TG6.jpg   [17536]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\N4JLYPUO\imageCAFCX5IF.jpg   [28805]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\N4JLYPUO\imageCAQ8QXLG.jpg   [14904]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\N4JLYPUO\imageCAXV0E8O.jpg   [28139]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\PABY495E\433e66b8-8880-4eb6-9053-8df572f16617[1].jpg   [11914]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\PABY495E\8223c54d-fb52-4589-b8fd-c3f91f98e44f[1].jpg   [7933]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\PABY495E\imageCA5ENG22.jpg   [6335]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\PABY495E\imageCAB06CBM.jpg   [10592]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\PABY495E\imageCAN1VM0R.jpg   [13465]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\PABY495E\imageCARJ1VIZ.jpg   [4309]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\U4KE4CRE\b84368df-ee6d-48d1-a137-a21e7c6c1729[1].jpg   [8910]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\U4KE4CRE\browse[2].json   [73727]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\U4KE4CRE\fields[1].json   [101]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\U4KE4CRE\image[6].jpg   [6434]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\U4KE4CRE\image[8].jpg   [6047]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\0L9TGiCmZWd6VpjYJCFdVnj3JjUhwNk7yWJvQ4p1c   [6434]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\27rcdMEN7iH2lysccnGo1KFV5cSC2lq76tCWVhTFrPU   [4539]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\DQZgRfZedDuSGHULgowY12yk3poFu0XErEyHzANvA   [28139]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\E7zynpHS0ta6e3TIEf8fW2LHfwQbqbI9SOucbvMFFbA   [6335]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\JCXjLxYxD3RSpFX2UQ0ttOY02rlwBwObx2wIQx4YSc   [119447]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\QYigULmNXmCmetYLMs1yL2tHFgeEqOdZn0BQqzqh8Q   [14185]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\REsuKerqj6JTWBUBDguIZdpLUOdJ8DQj7FknOnzOOI   [6047]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\UrdDBOYaq89Li13jmm2tABfdxU92IMYfu9fQTvuW7qY   [16785]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\WjNu7PaLR2iBQLyUMtBBYOQUwlGwXT3QC7pJnQmTg   [14861]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\cMc3JaWOvJpFzliSYM7Gji6QGShlqSi1OWXRBiPCYQ   [5377]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\ccJzAtQIJrAVc9m9KnqnytUIVrnCjACMZO53vqq9os   [12194]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\cxQkYHdoP0Diqby0AzUttrjpAydq77Yv5Dim4U53C8   [11914]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\de3Lxr5vDHfpHDzUp1388PAt0KkgczN2t00PDnwcMeo   [10592]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\fawRocxiNqpDpgGtGi2bdv8I5J033s8ysMWNfXAhGc   [8910]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\feI518oSt6NuEzfpf5reQy1EvUQnVULsZx3ijv1Q   [14904]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\g26Vq6IDXgZCI5JUjxeyJ5CpWZ7H0JUG4SJHFP5iUU   [17536]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\iBIEi6LNpiI4MGF4elOt1WFXcqtnEJR1WwBFUorco   [10076]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\iPDq2lS7a0A2rblwcC5SRiLt8LLyanlD6DwOVY   [28805]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\kBO1AYSzEVxod88DhJaRr3qy9wFgrPHWlf6XMliFLY   [13465]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\mSz1THb6wCpTDi9WlJtoeGjmSfjlQFwkwgcODlepWDA   [7933]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\rBLSWca8GNVvSad6FGtayEGOxALDg0963tgDibY   [86300]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\rrw2hEtu4HUX8i5HLub5R5wRDyuzMrjZPKdKMiKE   [22539]
O61 - LFC: 15/04/2013 - 13:46:35 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\wlVw0G5f3PBI43jgCfAySUSMeuNd0QEBmqqpZmfag   [4309]
O61 - LFC: 15/04/2013 - 13:46:36 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\53IWSXOJ\imageCAEPFLXL.jpg   [6751]
O61 - LFC: 15/04/2013 - 13:46:36 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\N4JLYPUO\imageCAZ1L4L0.jpg   [4161]
O61 - LFC: 15/04/2013 - 13:46:36 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\PABY495E\imageCABGMHN7.jpg   [22838]
O61 - LFC: 15/04/2013 - 13:46:36 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\U4KE4CRE\imageCA24UG3U.jpg   [34076]
O61 - LFC: 15/04/2013 - 13:46:36 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\U4KE4CRE\imageCAIBJ5I6.jpg   [5626]
O61 - LFC: 15/04/2013 - 13:46:36 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\U4KE4CRE\image[10].jpg   [29089]
O61 - LFC: 15/04/2013 - 13:46:36 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\2HPQpsJFuK8C03Yr42fVdee8M2ER6tTL5QT4rx0LMiQ   [5626]
O61 - LFC: 15/04/2013 - 13:46:36 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\2fUZvRmyi4l1AZxFL8OXrrFq5iCAPxgWTI79fes6Ov4   [4161]
O61 - LFC: 15/04/2013 - 13:46:36 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\8HH5pyDaAmrxBAldLYQDYcoRsAsgYXDGI1NvdwLXh0   [22838]
O61 - LFC: 15/04/2013 - 13:46:36 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\8xRl2IeF70WYXmayOvdU8rEslpspTXpjLc8zrNXCOM   [34076]
O61 - LFC: 15/04/2013 - 13:46:36 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\cRa8HQg8BVPOA0tA8yIWArAl5sqE0tMPxTQhgoiU   [6751]
O61 - LFC: 15/04/2013 - 13:46:36 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\k9mRr2Ax23WhgiQ3P01uU03SM4kW0xZ7ZCihnOtE   [29089]
O61 - LFC: 15/04/2013 - 13:46:39 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\N4JLYPUO\browse[2].json   [156976]
O61 - LFC: 15/04/2013 - 13:46:39 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\N4JLYPUO\browse[3].json   [151470]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\53IWSXOJ\imageCA12U5H1.jpg   [3762]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\53IWSXOJ\imageCA9GN343.jpg   [1862]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\53IWSXOJ\imageCAC0RAE9.jpg   [2983]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\53IWSXOJ\imageCAGZUSOV.jpg   [5514]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\N4JLYPUO\browse[1].json   [143740]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\N4JLYPUO\imageCA9QZTYG.jpg   [3922]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\N4JLYPUO\imageCAE5NVDR.jpg   [3756]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\N4JLYPUO\imageCAF4UBWI.jpg   [1445]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\N4JLYPUO\imageCAIT0HTO.jpg   [3544]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\N4JLYPUO\imageCAUPUETM.jpg   [3518]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\PABY495E\imageCA86HPDX.jpg   [3431]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\PABY495E\imageCAJSABSY.jpg   [2525]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\PABY495E\imageCAKUTR3G.jpg   [4479]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\PABY495E\imageCAPET46S.jpg   [2592]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\PABY495E\imageCAYUXZUQ.jpg   [4588]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\U4KE4CRE\imageCA6WBPUC.jpg   [2995]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\U4KE4CRE\imageCA87LW9A.jpg   [2995]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\U4KE4CRE\imageCAMPTM05.jpg   [3052]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\U4KE4CRE\imageCAQU4MIN.jpg   [4900]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\1YgX9lyI4rhOdW2Kq17VLa2ZvbGYIhKs4LBclLbKyY   [2983]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\6wIjXbRziMp1f6mrdqvGcNRLINk6uZN8HdZKgRhXM   [2995]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\AGuQ96DgTKFu7FLIkYN7CY2eYtcNfjKl17qBq9qmg   [2592]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\AdBjJkcLGGoDnzHQW3OjMxDXaliwhXw23xvscfLymYE   [3518]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\CM2ieUnG2upOai6DoVygfWkKV7M3jQLDblLTvUVps9M   [4479]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\KMhd6jThP67ytYjLbm0fUp5PbpdUNVgvPLGxvkdjg   [3052]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\Lq2532wCn9dopnfovkSer7ADYCzpe0xBFQ1L5K2Q   [3544]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\M3DX7c2ROGqYmEvqcniORHGsFli6lAjgpfoZt4Fq00   [5514]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\S1AFAjWR0dL4q2tef2qnrCihv7pIywqHBjS78Sb6GA   [4900]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\e0WH6fuxGzzLszXDhKNOYZnaHfH0NYd77qo1HQhRo   [3431]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\gin4DgnFm5cpY4n5ZacdRaXAvI9Kv4huslMCnws3e5o   [2995]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\icT9opSjHuNFTLkLIXFVdB9xTbv2JE8ypHo0bdVE4   [4588]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\kQtt85eMCMU8NyRlCdrlXGD09NXhv3Cn2pi6g9gW7I   [3922]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\l9OmFBlhOEZOYVun6oUXW10tXcjk2R9g9iJeXnQCk   [3756]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\tADQ6Grl1aFSsFeXmx4emZctMYOl9haC0TQuNrABodw   [2525]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\tXDwOG1T59LmIKa62FPWDCb30u0XdGTxmMwrNIsXodU   [3762]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\u3Ud7jpH4UgT7VPTilAYpzlaZNu8805Sf6ISlorLg0   [1862]
O61 - LFC: 15/04/2013 - 13:46:40 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\yF3TBgNoKZdFyHaG3M5gfeoGP5EZtXOpSy5oxfu1AM   [1445]
O61 - LFC: 15/04/2013 - 13:49:57 ---A- C:\Users\litzenbourger\AppData\Local\Temp\MSI712f9.LOG   [450]
O61 - LFC: 15/04/2013 - 13:52:16 -S-A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157   [302]
O61 - LFC: 15/04/2013 - 21:12:59 ---A- C:\Users\litzenbourger\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\0bbbe5faa1a0aad5\120712-0049\Mail\66\1d000066\20000587_7a147efd7cdf8b.eml   [4869]
O61 - LFC: 15/04/2013 - 21:13:02 ---A- C:\Users\litzenbourger\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\0bbbe5faa1a0aad5\120712-0049\Mail\66\1d00006e\20000588_c01306ae3405df.eml   [4869]
O61 - LFC: 16/04/2013 - 02:51:47 ---A- C:\Users\litzenbourger\AppData\Local\Packages\09B6C2D8.TheTreasuresofMontezuma3_hbbh9szp6erha\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:47 ---A- C:\Users\litzenbourger\AppData\Local\Packages\7digitalLtd.7digitalMusicStore_qv1vc61z2t2b4\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:48 ---A- C:\Users\litzenbourger\AppData\Local\Packages\AcerIncorporated.PackardBellExplorer_48frkmn4z8aw4\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:49 ---A- C:\Users\litzenbourger\AppData\Local\Packages\AMZNMobileLLC.KindleforWindows8_stfe6vwa9jnbp\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:49 ---A- C:\Users\litzenbourger\AppData\Local\Packages\BrowserChoice_cw5n1h2txyewy\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:50 ---A- C:\Users\litzenbourger\AppData\Local\Packages\CyberLinkCorp.ac.SocialNetworks_ypz87dpxkv292\Settings\settings.dat   [262144]
O61 - LFC: 16/04/2013 - 02:51:50 ---A- C:\Users\litzenbourger\AppData\Local\Packages\CyberLinkCorp.ac.VideoWebCamera_ypz87dpxkv292\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:51 ---A- C:\Users\litzenbourger\AppData\Local\Packages\esobiIncorporated.newsXpressoMetro_sngswjb5h6fyg\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:53 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Evernote.Evernote_q4d96b2w5wcc2\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:53 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Evernote.Skitch_q4d96b2w5wcc2\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:53 ---A- C:\Users\litzenbourger\AppData\Local\Packages\GAMELOFTSA.SharkDash_0pp20fcewvvtj\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:53 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.Camera_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:54 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\Settings\settings.dat   [262144]
O61 - LFC: 16/04/2013 - 02:51:54 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:54 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:54 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.Media.PlayReadyClient_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:55 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:55 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:55 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:55 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:55 ---A- C:\Users\litzenbourger\AppData\Local\Packages\microsoft.microsoftskydrive_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:56 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:56 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\Settings\settings.dat   [262144]
O61 - LFC: 16/04/2013 - 02:51:56 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:57 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:57 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:57 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.Taptiles_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:58 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.VCLibs.110.00_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:59 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.WinJS.1.0_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:51:59 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\Settings\settings.dat   [262144]
O61 - LFC: 16/04/2013 - 02:51:59 ---A- C:\Users\litzenbourger\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\Settings\settings.dat   [262144]
O61 - LFC: 16/04/2013 - 02:52:00 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\Settings\settings.dat   [262144]
O61 - LFC: 16/04/2013 - 02:52:00 ---A- C:\Users\litzenbourger\AppData\Local\Packages\WinStore_cw5n1h2txyewy\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:52:00 ---A- C:\Users\litzenbourger\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:52:01 ---A- C:\Users\litzenbourger\AppData\Local\Packages\ZeptoLabUKLimited.CutTheRope_sq9zxnwrk84pj\Settings\settings.dat   [8192]
O61 - LFC: 16/04/2013 - 02:56:44 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002945   [17531]
O61 - LFC: 16/04/2013 - 02:58:44 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002946   [17781]
O61 - LFC: 16/04/2013 - 02:58:45 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002947   [23511]
O61 - LFC: 16/04/2013 - 02:59:00 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\Database\EntClientDb.edb   [5783552]
O61 - LFC: 16/04/2013 - 02:59:00 ---A- C:\Users\litzenbourger\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\Settings\settings.dat   [262144]
O61 - LFC: 16/04/2013 - 03:01:49 ---A- C:\Users\litzenbourger\Links\Desktop.lnk   [473]
O61 - LFC: 16/04/2013 - 03:01:49 ---A- C:\Users\litzenbourger\Links\Downloads.lnk   [944]
O61 - LFC: 16/04/2013 - 03:01:49 ---A- C:\Users\litzenbourger\Links\RecentPlaces.lnk   [383]
O61 - LFC: 16/04/2013 - 03:03:14 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002948   [27682]
O61 - LFC: 16/04/2013 - 03:03:14 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002949   [178285]
O61 - LFC: 16/04/2013 - 03:03:23 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00294b   [18166]
O61 - LFC: 16/04/2013 - 03:03:23 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00294c   [34268]
O61 - LFC: 16/04/2013 - 03:03:23 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00294d   [35529]
O61 - LFC: 16/04/2013 - 03:03:23 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00294e   [169509]
O61 - LFC: 16/04/2013 - 03:03:23 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00294f   [114880]
O61 - LFC: 16/04/2013 - 03:05:27 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002950   [38286]
O61 - LFC: 16/04/2013 - 03:05:40 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002951   [20931]
O61 - LFC: 16/04/2013 - 03:05:40 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002952   [16644]
O61 - LFC: 16/04/2013 - 03:06:04 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002953   [37917]
O61 - LFC: 16/04/2013 - 03:06:04 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002954   [194160]
O61 - LFC: 16/04/2013 - 04:09:25 ---A- C:\Users\litzenbourger\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Microsoft.WindowsLive.Mail.etl   [786432]
O61 - LFC: 17/04/2013 - 15:33:47 ---A- C:\Users\litzenbourger\AppData\Local\Temp\74A5ECB7-41E6-469C-8E3C-2BD99A247A46.dat   [1242]
O61 - LFC: 17/04/2013 - 15:34:42 -SHA- C:\Users\litzenbourger\AppData\Roaming\Microsoft\LastFlashConfig.wfc   [1702]
O61 - LFC: 17/04/2013 - 15:35:32 ---A- C:\Users\litzenbourger\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\0bbbe5faa1a0aad5\120712-0049\DBStore\edb.chk   [8192]
O61 - LFC: 17/04/2013 - 15:35:38 -S-A- C:\Users\litzenbourger\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157   [6342]
O61 - LFC: 17/04/2013 - 15:36:49 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002955   [20953]
O61 - LFC: 17/04/2013 - 15:38:51 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Session Storage\000391.sst   [159]
O61 - LFC: 17/04/2013 - 15:38:52 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002958   [63266]
O61 - LFC: 17/04/2013 - 15:38:52 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002959   [16911]
O61 - LFC: 17/04/2013 - 15:38:52 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00295a   [18052]
O61 - LFC: 17/04/2013 - 15:38:53 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00295b   [28078]
O61 - LFC: 17/04/2013 - 15:38:53 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00295c   [24707]
O61 - LFC: 17/04/2013 - 15:38:53 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00295d   [47058]
O61 - LFC: 17/04/2013 - 15:38:53 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00295e   [38960]
O61 - LFC: 17/04/2013 - 15:38:53 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00295f   [79840]
O61 - LFC: 17/04/2013 - 15:38:53 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002960   [45768]
O61 - LFC: 17/04/2013 - 15:38:53 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002961   [18875]
O61 - LFC: 17/04/2013 - 15:38:53 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002962   [17211]
O61 - LFC: 17/04/2013 - 15:38:53 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002963   [36227]
O61 - LFC: 17/04/2013 - 15:38:53 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002964   [35107]
O61 - LFC: 17/04/2013 - 15:38:53 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002965   [38042]
O61 - LFC: 17/04/2013 - 15:38:53 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002966   [96059]
O61 - LFC: 17/04/2013 - 15:38:54 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002967   [55477]
O61 - LFC: 17/04/2013 - 15:38:54 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002968   [139395]
O61 - LFC: 17/04/2013 - 15:38:54 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002969   [17225]
O61 - LFC: 17/04/2013 - 15:38:55 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00296c   [64578]
O61 - LFC: 17/04/2013 - 15:38:57 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00296e   [20299]
O61 - LFC: 17/04/2013 - 15:38:58 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00296f   [28060]
O61 - LFC: 17/04/2013 - 15:39:00 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002971   [23395]
O61 - LFC: 17/04/2013 - 15:39:01 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002972   [24670]
O61 - LFC: 17/04/2013 - 15:39:01 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002973   [42418]
O61 - LFC: 17/04/2013 - 15:39:01 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002974   [38406]
O61 - LFC: 17/04/2013 - 15:39:02 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002975   [17826]
O61 - LFC: 17/04/2013 - 15:39:03 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002976   [23873]
O61 - LFC: 17/04/2013 - 15:39:14 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002977   [21205]
O61 - LFC: 17/04/2013 - 15:39:14 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002978   [24802]
O61 - LFC: 17/04/2013 - 15:39:15 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002979   [49270]
O61 - LFC: 17/04/2013 - 15:39:16 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00297a   [724039]
O61 - LFC: 17/04/2013 - 15:39:18 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00297b   [2872267]
O61 - LFC: 17/04/2013 - 15:39:29 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00297c   [18441]
O61 - LFC: 17/04/2013 - 15:39:31 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00297d   [23303]
O61 - LFC: 17/04/2013 - 15:39:31 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00297e   [27585]
O61 - LFC: 17/04/2013 - 15:39:31 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00297f   [36929]
O61 - LFC: 17/04/2013 - 15:39:31 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002980   [22935]
O61 - LFC: 17/04/2013 - 15:39:35 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002981   [17231]
O61 - LFC: 17/04/2013 - 15:39:36 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002982   [37914]
O61 - LFC: 17/04/2013 - 15:39:40 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002983   [25074]
O61 - LFC: 17/04/2013 - 15:39:40 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002984   [63036]
O61 - LFC: 17/04/2013 - 15:39:41 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002985   [17256]
O61 - LFC: 17/04/2013 - 15:39:41 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002986   [23303]
O61 - LFC: 17/04/2013 - 15:39:42 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002987   [38201]
O61 - LFC: 17/04/2013 - 15:41:05 ---A- C:\Users\litzenbourger\AppData\Local\Temp\810D22C6-F40C-403F-A025-BF080740BA37.dat   [1242]
O61 - LFC: 17/04/2013 - 15:41:35 ---A- C:\Users\litzenbourger\AppData\Local\Temp\EAC7D6FD-70C0-4646-BB74-C3E69EB1B534.dat   [1242]
O61 - LFC: 17/04/2013 - 15:42:43 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002988   [63271]
O61 - LFC: 17/04/2013 - 15:42:43 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002989   [16961]
O61 - LFC: 17/04/2013 - 15:42:44 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00298a   [23303]
O61 - LFC: 17/04/2013 - 15:42:44 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00298b   [103804]
O61 - LFC: 17/04/2013 - 15:42:44 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00298c   [44706]
O61 - LFC: 17/04/2013 - 15:42:45 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00298d   [63453]
O61 - LFC: 17/04/2013 - 15:42:46 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00298e   [61583]
O61 - LFC: 17/04/2013 - 15:43:15 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00298f   [25604]
O61 - LFC: 17/04/2013 - 15:43:16 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002990   [31688]
O61 - LFC: 17/04/2013 - 15:43:34 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002991   [30009]
O61 - LFC: 17/04/2013 - 15:43:35 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002992   [40794]
O61 - LFC: 17/04/2013 - 15:43:45 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002993   [26046]
O61 - LFC: 17/04/2013 - 15:43:53 ---A- C:\Users\litzenbourger\AppData\Local\Temp\80234093-A5C2-432F-AC3E-D6B189708F41.dat   [1242]
O61 - LFC: 17/04/2013 - 15:44:18 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002995   [16529]
O61 - LFC: 17/04/2013 - 15:44:18 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002996   [25022]
O61 - LFC: 17/04/2013 - 15:44:21 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002998   [16629]
O61 - LFC: 17/04/2013 - 15:44:34 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002999   [16640]
O61 - LFC: 17/04/2013 - 15:44:37 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00299a   [16603]
O61 - LFC: 17/04/2013 - 15:47:47 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00299b   [18835]
O61 - LFC: 17/04/2013 - 15:47:48 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00299c   [30246]
O61 - LFC: 17/04/2013 - 15:47:48 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00299d   [33637]
O61 - LFC: 17/04/2013 - 15:47:48 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00299e   [16857]
O61 - LFC: 17/04/2013 - 15:47:48 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00299f   [66462]
O61 - LFC: 17/04/2013 - 15:47:48 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029a0   [21572]
O61 - LFC: 17/04/2013 - 15:47:49 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029a1   [17184]
O61 - LFC: 17/04/2013 - 15:47:49 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029a2   [22376]
O61 - LFC: 17/04/2013 - 15:47:49 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029a3   [21890]
O61 - LFC: 17/04/2013 - 15:47:51 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029a4   [132117]
O61 - LFC: 17/04/2013 - 15:47:51 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029a5   [28759]
O61 - LFC: 17/04/2013 - 15:47:59 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\QuotaManager   [15360]
O61 - LFC: 17/04/2013 - 15:47:59 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\QuotaManager-journal   [6704]
O61 - LFC: 17/04/2013 - 15:49:40 ---A- C:\Users\litzenbourger\AppData\Local\Temp\3F35EDDE-9A3C-4305-8C79-E6DA8C85900D.dat   [1242]
O61 - LFC: 17/04/2013 - 15:49:43 ---A- C:\Users\litzenbourger\AppData\Local\Temp\68066AD0-FB23-4518-8743-610C255358AF.dat   [1242]
O61 - LFC: 17/04/2013 - 15:52:02 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Extension State\000354.sst   [292]
O61 - LFC: 17/04/2013 - 15:52:13 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Session Storage\000396.sst   [159]
O61 - LFC: 17/04/2013 - 15:52:17 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029a6   [40367]
O61 - LFC: 17/04/2013 - 15:52:19 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029a8   [16721]
O61 - LFC: 17/04/2013 - 15:52:20 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029a9   [139728]
O61 - LFC: 17/04/2013 - 15:52:22 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029ab   [16415]
O61 - LFC: 17/04/2013 - 15:52:24 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029ac   [44841]
O61 - LFC: 17/04/2013 - 15:52:34 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029ad   [16489]
O61 - LFC: 17/04/2013 - 15:52:38 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029ae   [16790]
O61 - LFC: 17/04/2013 - 15:54:51 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029af   [31940]
O61 - LFC: 17/04/2013 - 15:54:51 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029b0   [18065]
O61 - LFC: 17/04/2013 - 15:54:51 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029b1   [36904]
O61 - LFC: 17/04/2013 - 15:54:52 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029b2   [30494]
O61 - LFC: 17/04/2013 - 15:54:52 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029b3   [20021]
O61 - LFC: 17/04/2013 - 15:54:52 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029b4   [23525]
O61 - LFC: 17/04/2013 - 15:54:52 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029b5   [18442]
O61 - LFC: 17/04/2013 - 15:54:52 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029b6   [19721]
O61 - LFC: 17/04/2013 - 15:54:52 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029b7   [104926]
O61 - LFC: 17/04/2013 - 15:54:52 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029b8   [52278]
O61 - LFC: 17/04/2013 - 15:54:52 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029b9   [69754]
O61 - LFC: 17/04/2013 - 15:54:52 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029ba   [26443]
O61 - LFC: 17/04/2013 - 15:54:52 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029bb   [22407]
O61 - LFC: 17/04/2013 - 15:54:52 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029bc   [27865]
O61 - LFC: 17/04/2013 - 15:54:52 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029bd   [28435]
O61 - LFC: 17/04/2013 - 15:54:52 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029be   [16542]
O61 - LFC: 17/04/2013 - 15:54:52 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029bf   [21226]
O61 - LFC: 17/04/2013 - 15:55:17 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029c0   [22949]
O61 - LFC: 17/04/2013 - 15:55:18 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029c1   [26377]
O61 - LFC: 17/04/2013 - 16:42:08 ---A- C:\Users\litzenbourger\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2013-04-17 (16-49-13).txt   [2122]
O61 - LFC: 17/04/2013 - 17:29:16 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Shortcuts   [20480]
O61 - LFC: 17/04/2013 - 17:29:16 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Shortcuts-journal   [12824]
O61 - LFC: 17/04/2013 - 17:29:17 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029c2   [67699]
O61 - LFC: 17/04/2013 - 17:29:17 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029c3   [35603]
O61 - LFC: 17/04/2013 - 17:29:17 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029c4   [181431]
O61 - LFC: 17/04/2013 - 17:29:18 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029c5   [22082]
O61 - LFC: 17/04/2013 - 17:29:18 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029c6   [19132]
O61 - LFC: 17/04/2013 - 17:29:19 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029c7   [75700]
O61 - LFC: 17/04/2013 - 17:29:21 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029c8   [88975]
O61 - LFC: 17/04/2013 - 17:29:23 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029c9   [35134]
O61 - LFC: 17/04/2013 - 17:29:23 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029ca   [26932]
O61 - LFC: 17/04/2013 - 17:29:23 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029cb   [53602]
O61 - LFC: 17/04/2013 - 17:29:23 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029cc   [219711]
O61 - LFC: 17/04/2013 - 17:29:23 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029cd   [21943]
O61 - LFC: 17/04/2013 - 17:29:24 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029ce   [48514]
O61 - LFC: 17/04/2013 - 17:29:24 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029cf   [123784]
O61 - LFC: 17/04/2013 - 17:29:24 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029d0   [228184]
O61 - LFC: 17/04/2013 - 17:29:25 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029d1   [40513]
O61 - LFC: 17/04/2013 - 17:29:25 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029d2   [39418]
O61 - LFC: 17/04/2013 - 17:29:26 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029d3   [27882]
O61 - LFC: 17/04/2013 - 17:29:26 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029d4   [27383]
O61 - LFC: 17/04/2013 - 17:29:28 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_disqus.com_0.localstorage   [3072]
O61 - LFC: 17/04/2013 - 17:29:28 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_disqus.com_0.localstorage-journal   [3608]
O61 - LFC: 17/04/2013 - 17:29:31 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029d5   [27186]
O61 - LFC: 17/04/2013 - 17:29:32 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029d6   [36906]
O61 - LFC: 17/04/2013 - 17:29:32 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029d7   [22935]
O61 - LFC: 17/04/2013 - 17:30:10 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029d8   [26372]
O61 - LFC: 17/04/2013 - 17:30:10 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029d9   [37594]
O61 - LFC: 17/04/2013 - 17:30:10 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029da   [23303]
O61 - LFC: 17/04/2013 - 17:30:15 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029db   [124355]
O61 - LFC: 17/04/2013 - 17:30:18 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029dc   [101674]
O61 - LFC: 17/04/2013 - 17:30:18 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\History Index 2013-03   [1306624]
O61 - LFC: 17/04/2013 - 17:30:20 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029dd   [101684]
O61 - LFC: 17/04/2013 - 17:31:40 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029de   [17184]
O61 - LFC: 17/04/2013 - 17:31:42 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029df   [41177]
O61 - LFC: 17/04/2013 - 17:31:44 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029e0   [23395]
O61 - LFC: 17/04/2013 - 17:54:39 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029e1   [25100]
O61 - LFC: 17/04/2013 - 17:54:39 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029e2   [21415]
O61 - LFC: 17/04/2013 - 17:54:39 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029e3   [17020]
O61 - LFC: 17/04/2013 - 17:54:57 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029e4   [16886]
O61 - LFC: 17/04/2013 - 17:54:59 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_www.commentcamarche.net_0.localstorage   [3072]
O61 - LFC: 17/04/2013 - 17:54:59 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_www.commentcamarche.net_0.localstorage-journal   [3608]
O61 - LFC: 17/04/2013 - 18:08:56 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029e5   [19862]
O61 - LFC: 17/04/2013 - 18:08:59 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029e6   [60497]
O61 - LFC: 17/04/2013 - 18:09:15 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029e7   [22457]
O61 - LFC: 17/04/2013 - 18:09:27 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029e8   [22616]
O61 - LFC: 17/04/2013 - 18:09:28 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029e9   [64293]
O61 - LFC: 17/04/2013 - 18:09:52 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029ea   [22469]
O61 - LFC: 17/04/2013 - 18:09:52 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029eb   [64514]
O61 - LFC: 17/04/2013 - 18:10:04 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Last Tabs   [149685]
O61 - LFC: 17/04/2013 - 19:09:43 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Network Action Predictor   [118784]
O61 - LFC: 17/04/2013 - 19:09:43 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Network Action Predictor-journal   [16384]
O61 - LFC: 17/04/2013 - 19:09:54 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029ec   [22063]
O61 - LFC: 17/04/2013 - 19:09:55 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029ed   [22981]
O61 - LFC: 17/04/2013 - 19:10:00 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029ee   [22398]
O61 - LFC: 17/04/2013 - 19:10:01 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029ef   [64662]
O61 - LFC: 17/04/2013 - 19:10:01 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029f0   [28060]
O61 - LFC: 17/04/2013 - 19:10:03 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029f1   [135810]
O61 - LFC: 17/04/2013 - 19:10:04 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029f2   [19069]
O61 - LFC: 17/04/2013 - 19:10:04 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029f3   [22195]
O61 - LFC: 17/04/2013 - 19:10:36 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029f4   [46714]
O61 - LFC: 17/04/2013 - 19:10:37 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029f5   [108007]
O61 - LFC: 17/04/2013 - 19:10:52 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029f6   [17093]
O61 - LFC: 17/04/2013 - 19:11:30 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029f7   [22537]
O61 - LFC: 17/04/2013 - 19:12:04 ---A- C:\Users\litzenbourger\AppData\Local\Temp\55E9D301-AE51-4224-9FAA-9356FD7772FE.dat   [1242]
O61 - LFC: 17/04/2013 - 19:16:02 -S-A- C:\Users\litzenbourger\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\F063BF7EF604434CBE00FF198F0D9B10   [334]
O61 - LFC: 17/04/2013 - 19:16:27 ---A- C:\Users\litzenbourger\AppData\Local\Temp\dump.dat   [2301952]
O61 - LFC: 17/04/2013 - 19:21:21 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029f8   [22324]
O61 - LFC: 17/04/2013 - 19:21:22 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029f9   [39242]
O61 - LFC: 17/04/2013 - 19:21:25 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029fa   [22508]
O61 - LFC: 17/04/2013 - 19:21:46 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Current Tabs   [102336]
O61 - LFC: 17/04/2013 - 19:21:46 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Session Storage\LOG.old   [201640]
O61 - LFC: 17/04/2013 - 19:21:46 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Visited Links   [131072]
O61 - LFC: 17/04/2013 - 19:21:47 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Extension State\LOG.old   [194367]
O61 - LFC: 17/04/2013 - 19:21:47 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Last Session   [680530]
O61 - LFC: 17/04/2013 - 19:21:54 --HA- C:\Users\litzenbourger\AppData\Local\IconCache.db   [215094]
O61 - LFC: 17/04/2013 - 19:21:59 ---A- C:\Users\litzenbourger\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveCommLast.etl   [262144]
O61 - LFC: 18/04/2013 - 13:46:45 ----- C:\Users\litzenbourger\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm.etl   [0]
O61 - LFC: 18/04/2013 - 13:47:23 ---A- C:\Users\litzenbourger\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\INetCookies\YS26UD4D.txt   [196]
O61 - LFC: 18/04/2013 - 13:47:38 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\History Provider Cache   [44119]
O61 - LFC: 18/04/2013 - 13:47:41 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029fb   [36440]
O61 - LFC: 18/04/2013 - 13:47:41 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Extension State\CURRENT   [16]
O61 - LFC: 18/04/2013 - 13:47:41 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Extension State\MANIFEST-000358   [2584]
O61 - LFC: 18/04/2013 - 13:47:42 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029fc   [39088]
O61 - LFC: 18/04/2013 - 13:47:46 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Managed Mode Settings   [8]
O61 - LFC: 18/04/2013 - 13:47:50 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Favicons   [751616]
O61 - LFC: 18/04/2013 - 13:47:50 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Favicons-journal   [16384]
O61 - LFC: 18/04/2013 - 13:47:53 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029fd   [21415]
O61 - LFC: 18/04/2013 - 13:47:53 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Session Storage\CURRENT   [16]
O61 - LFC: 18/04/2013 - 13:47:53 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Session Storage\MANIFEST-000400   [3540]
O61 - LFC: 18/04/2013 - 13:47:54 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029fe   [19407]
O61 - LFC: 18/04/2013 - 13:47:54 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_0029ff   [18288]
O61 - LFC: 18/04/2013 - 13:47:54 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002a00   [80446]
O61 - LFC: 18/04/2013 - 13:47:54 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002a01   [23846]
O61 - LFC: 18/04/2013 - 13:47:55 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002a02   [70671]
O61 - LFC: 18/04/2013 - 13:47:55 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002a03   [73480]
O61 - LFC: 18/04/2013 - 13:47:56 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002a04   [59341]
O61 - LFC: 18/04/2013 - 13:47:57 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002a05   [26123]
O61 - LFC: 18/04/2013 - 13:47:57 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002a06   [22607]
O61 - LFC: 18/04/2013 - 13:48:00 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002a07   [47020]
O61 - LFC: 18/04/2013 - 13:48:03 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002a08   [47020]
O61 - LFC: 18/04/2013 - 13:48:15 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data   [92160]
O61 - LFC: 18/04/2013 - 13:48:15 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal   [16384]
O61 - LFC: 18/04/2013 - 13:48:24 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002a09   [24668]
O61 - LFC: 18/04/2013 - 13:48:24 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_002a0a   [44891]
O61 - LFC: 18/04/2013 - 13:48:27 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\History   [716800]
O61 - LFC: 18/04/2013 - 13:48:27 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\History Index 2013-04   [4722688]
O61 - LFC: 18/04/2013 - 13:48:27 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\History Index 2013-04-journal   [37448]
O61 - LFC: 18/04/2013 - 13:48:28 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\TransportSecurity   [1659]
O61 - LFC: 18/04/2013 - 13:48:46 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cookies   [573440]
O61 - LFC: 18/04/2013 - 13:48:46 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Cookies-journal   [16384]
O61 - LFC: 18/04/2013 - 13:49:24 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\History-journal   [29240]
O61 - LFC: 18/04/2013 - 13:50:05 ---A- C:\Users\litzenbourger\AppData\Local\Temp\AEC99C33-D111-4EC8-B057-679318FFE1A7.dat   [1242]
O61 - LFC: 18/04/2013 - 13:50:13 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Safe Browsing Download   [1186636]
O61 - LFC: 18/04/2013 - 13:50:14 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom   [8646008]
O61 - LFC: 18/04/2013 - 13:50:14 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set   [1558590]
O61 - LFC: 18/04/2013 - 13:50:14 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist   [134668]
O61 - LFC: 18/04/2013 - 13:50:14 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist   [19852]
O61 - LFC: 18/04/2013 - 13:50:40 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies   [6144]
O61 - LFC: 18/04/2013 - 13:50:41 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal   [2576]
O61 - LFC: 18/04/2013 - 13:52:54 ---A- C:\Users\litzenbourger\AppData\Local\Temp\8EDC482D-EA2F-4589-A6FE-98C747B87C3D.dat   [1242]
O61 - LFC: 18/04/2013 - 13:53:33 ---A- C:\Users\litzenbourger\AppData\Local\Temp\844E87DE-997B-42D1-8733-9849278268DA.dat   [1242]
O61 - LFC: 18/04/2013 - 13:53:43 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists   [267652]
O61 - LFC: 18/04/2013 - 13:53:43 ---A- C:\Users\litzenbourger\AppData\Local\Temp\CRX_75DAF8CB7768\crl-set   [1590]
O61 - LFC: 18/04/2013 - 13:53:43 ---A- C:\Users\litzenbourger\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.json   [34]
O61 - LFC: 18/04/2013 - 13:53:49 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Local State   [90224]
O61 - LFC: 18/04/2013 - 13:53:51 ---A- C:\Users\litzenbourger\AppData\Local\Temp\945F0F18-F4BD-4BBA-BAE3-4FBDF8402438.dat   [1242]
O61 - LFC: 18/04/2013 - 13:53:52 -S-A- C:\Users\litzenbourger\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157   [340]
O61 - LFC: 18/04/2013 - 13:53:52 -S-A- C:\Users\litzenbourger\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\7D1F03728133589A90656A87E482B21F   [254]
O61 - LFC: 18/04/2013 - 13:53:53 ---A- C:\Users\litzenbourger\AppData\Local\Temp\DEE9A634-A7DD-4500-89C1-42043ED6C4DE.dat   [1242]
O61 - LFC: 18/04/2013 - 13:55:10 ---A- C:\Users\litzenbourger\AppData\Local\Temp\7CA194D6-C92B-4184-9A0F-2F94E461D5C6.dat   [1242]
O61 - LFC: 18/04/2013 - 13:55:12 ---A- C:\Users\litzenbourger\AppData\Local\Temp\33EFDB1E-881B-4CA2-A56B-922B06C1D4B0.dat   [1242]
O61 - LFC: 18/04/2013 - 13:56:59 ---A- C:\Users\litzenbourger\AppData\Local\Temp\A132D6D3-0C3D-49DB-8F93-29EBBD8DD229.dat   [1242]
O61 - LFC: 18/04/2013 - 13:57:01 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences   [103085]
O61 - LFC: 18/04/2013 - 13:58:07 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Extension State\LOG   [0]
O61 - LFC: 18/04/2013 - 13:58:48 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Session Storage\LOG   [0]
O61 - LFC: 19/07/2025 - 11:26:44 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0\background.html   [320]
O61 - LFC: 19/07/2025 - 11:26:44 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0\ci.bg.pack.js   [8346]
O61 - LFC: 19/07/2025 - 11:26:44 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0\ci.browser.helper.js   [340]
O61 - LFC: 19/07/2025 - 11:26:44 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0\ci.content.pack.js   [2428]
O61 - LFC: 19/07/2025 - 11:26:44 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0\content.js   [9721]
O61 - LFC: 19/07/2025 - 11:26:44 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0\icon128.png   [12003]
O61 - LFC: 19/07/2025 - 11:26:44 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0\icon16.png   [640]
O61 - LFC: 19/07/2025 - 11:26:44 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0\icon48.png   [2912]
O61 - LFC: 19/07/2025 - 11:26:44 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0\jquery-1.6.2.min.js   [91731]
O61 - LFC: 19/07/2025 - 11:26:44 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0\jquery.uuid.js   [454]
O61 - LFC: 19/07/2025 - 11:26:44 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0\mz\background.js   [2162]
O61 - LFC: 19/07/2025 - 11:26:44 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0\mz\content.js   [1837]
O61 - LFC: 19/07/2025 - 11:26:44 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0\popup.js   [66]
O61 - LFC: 19/07/2025 - 11:26:44 ---A- C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0\settings.json   [183]
~ 19 Fichiers temporaires (Temporary files)
~ Files: 441 Scanned in 02mn 10s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS:  Scanned in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ FASS Keys: 19 Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [litzenbourger - xhb8l9wj.default] user_pref("extensions.helperbar.Country", "France");
O69 - SBI: prefs.js [litzenbourger - xhb8l9wj.default] user_pref("extensions.helperbar.DockingPositionDown", false);
O69 - SBI: prefs.js [litzenbourger - xhb8l9wj.default] user_pref("extensions.helperbar.UserID", "5688d812-4270-42cf-9d25-950d9fe0b398");
O69 - SBI: prefs.js [litzenbourger - xhb8l9wj.default] user_pref("extensions.helperbar.Visibility", true);
O69 - SBI: prefs.js [litzenbourger - xhb8l9wj.default] user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
O69 - SBI: SearchScopes [HKCU] {08129A8E-EBE2-41B2-99FE-5AE1BEFB9617} - (Bing) - http://www.bing.com
~ Keys:  Scanned in 00mn 00s



---\\ Crack & Keygen Files (O82)
C:\Program Files (x86)\iWin.com Games\Mah Jong Quest II\images\tile\firecracker_1.pnge
C:\Program Files (x86)\iWin.com Games\Mah Jong Quest II\images\tile\firecracker_blue_1.pnge
C:\Program Files (x86)\iWin.com Games\Mah Jong Quest II\images\tile\firecracker_blue_2.pnge
C:\Program Files (x86)\iWin.com Games\Mah Jong Quest II\images\tile\firecracker_blue_3.pnge
C:\Program Files (x86)\iWin.com Games\Mah Jong Quest II\images\tile\firecracker_green_1.pnge
C:\Program Files (x86)\iWin.com Games\Mah Jong Quest II\images\tile\firecracker_green_2.pnge
C:\Program Files (x86)\iWin.com Games\Mah Jong Quest II\images\tile\firecracker_green_3.pnge
C:\Program Files (x86)\iWin.com Games\Mah Jong Quest II\images\tile\firecracker_red_1.pnge
C:\Program Files (x86)\iWin.com Games\Mah Jong Quest II\images\tile\firecracker_red_2.pnge
C:\Program Files (x86)\iWin.com Games\Mah Jong Quest II\images\tile\firecracker_red_3.pnge
C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\N6CMYBFF\zcache.zgncdn.com\#farm2-1\icons\icon_crafting#\_cracker_ladybug_tomato.jxr.sol
C:\Program Files (x86)\iWin.com Games\Mah Jong Quest II\images\tile\firecracker_1.pnge
C:\Program Files (x86)\iWin.com Games\Mah Jong Quest II\images\tile\firecracker_blue_1.pnge
C:\Program Files (x86)\iWin.com Games\Mah Jong Quest II\images\tile\firecracker_blue_2.pnge
C:\Program Files (x86)\iWin.com Games\Mah Jong Quest II\images\tile\firecracker_blue_3.pnge
C:\Program Files (x86)\iWin.com Games\Mah Jong Quest II\images\tile\firecracker_green_1.pnge
C:\Program Files (x86)\iWin.com Games\Mah Jong Quest II\images\tile\firecracker_green_2.pnge
C:\Program Files (x86)\iWin.com Games\Mah Jong Quest II\images\tile\firecracker_green_3.pnge
C:\Program Files (x86)\iWin.com Games\Mah Jong Quest II\images\tile\firecracker_red_1.pnge
C:\Program Files (x86)\iWin.com Games\Mah Jong Quest II\images\tile\firecracker_red_2.pnge
C:\Program Files (x86)\iWin.com Games\Mah Jong Quest II\images\tile\firecracker_red_3.pnge
C:\Users\litzenbourger\AppData\Local\Google\Chrome\User Data\Profile 1\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\N6CMYBFF\zcache.zgncdn.com\#farm2-1\icons\icon_crafting#\_cracker_ladybug_tomato.jxr.sol
~ Files:  Scanned in 01mn 31s



---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [190976]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [149504]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [149504]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [309248]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [1366016]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [1071104]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [99840]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll   [358400]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [107520]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [62976]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [438784]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [305664]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll   [3240448]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [826368]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [565760]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [894464]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [69632]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [151552]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [105472]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [1282560]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [219648]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [80896]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [209920]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [291328]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [190976]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll   [1964544]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [47104]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll   [207872]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll   [161792]
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll   [180224]
~ Services: 34 Scanned in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.22F16D93453407AC244BF570542865DA] [SPRF][31/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\0051029C-0D89-4A5D-8C44-78478811973E.dat   [1242]
[MD5.8FAC25C95F1B6FBC63F8E2E15127A138] [SPRF][31/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\11CC37C1-8056-41FA-8067-713422DF6872.dat   [1242]
[MD5.170DDE66DEF91ABA05C63F455B6FAEB2] [SPRF][03/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\1986FF45-BE10-46C0-86BB-FB0A3CF614E6.dat   [1242]
[MD5.EA3647155A3E0D6F757C6F95AC7F9765] [SPRF][31/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\2385E1F4-129B-4E35-884D-CECADDDF04EA.dat   [1242]
[MD5.903551029512078C87F50F49C8516F0F] [SPRF][30/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\256CF846-D464-4A16-A300-BC77595497F7.dat   [1242]
[MD5.4524E9857E7C50C320FE3D9CFCDEED80] [SPRF][31/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\2F76A4C2-DEC9-44A3-9927-3E6E6A512CAB.dat   [1242]
[MD5.08B89B1D74AED363F7273A5515E7200C] [SPRF][31/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\3143C21A-04A1-4E31-982D-8C13BF02210F.dat   [1242]
[MD5.65176AF6CE2794D6ACBF4B6725767C71] [SPRF][31/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\31A03FA0-F1C4-454E-B209-89AA958D499E.dat   [1242]
[MD5.72EABFD827AAF8523C8643BBA9F01C85] [SPRF][31/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\3203400A-2811-462B-8DBE-E8907F10139F.dat   [1242]
[MD5.91A98B95CBCA14C8218A452E8DA7A2F9] [SPRF][18/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\33EFDB1E-881B-4CA2-A56B-922B06C1D4B0.dat   [1242]
[MD5.3343AA159329D2F5467FCD318B5A05A0] [SPRF][30/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\386E6B0D-20AE-449D-A27E-0B8098E24E32.dat   [1242]
[MD5.C708ADDA71BA9EDA05CE2A4EB30C093E] [SPRF][17/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\3F35EDDE-9A3C-4305-8C79-E6DA8C85900D.dat   [1242]
[MD5.70B830B9EB68C199ABA69F7C3CBE54F0] [SPRF][31/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\46C21316-1B32-4658-87C1-619F53BAF775.dat   [1242]
[MD5.7952D56F855295DB1D224DFF4847BFA0] [SPRF][31/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\49888FDF-9DCD-4507-A17E-A3DADE91B9DF.dat   [1242]
[MD5.26680964A2C355699457538B80861345] [SPRF][30/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\4A2818B3-2028-42C4-86D6-630BFC899D29.dat   [1242]
[MD5.419CDBF6B7A0E5D2046B44E1686AE1DF] [SPRF][17/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\55E9D301-AE51-4224-9FAA-9356FD7772FE.dat   [1242]
[MD5.29A2A85A7A642C6FC9180AE5543F57B7] [SPRF][31/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\5A9F05EA-18A5-49DC-AB8F-29C81A4322DD.dat   [1242]
[MD5.3CF45DFE1DE0E3A30D37DED17076C1DE] [SPRF][17/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\68066AD0-FB23-4518-8743-610C255358AF.dat   [1242]
[MD5.F523152E106AFB1F9DD3150423818507] [SPRF][17/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\74A5ECB7-41E6-469C-8E3C-2BD99A247A46.dat   [1242]
[MD5.7441FAC41BA65E3AC1057136CB44C0F1] [SPRF][08/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\79A1C4F1-3F85-4E60-8748-D6FA19579ADF.dat   [1242]
[MD5.CCEC1F296457F9AE8FE4BB8AFE1EB7FB] [SPRF][18/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\7CA194D6-C92B-4184-9A0F-2F94E461D5C6.dat   [1242]
[MD5.6400E784822D70DB14EA98A2A0BE4DA2] [SPRF][17/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\80234093-A5C2-432F-AC3E-D6B189708F41.dat   [1242]
[MD5.51559D2B68AB213FDD7C17454C56C7C6] [SPRF][17/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\810D22C6-F40C-403F-A025-BF080740BA37.dat   [1242]
[MD5.EED6441AD0A76D5C84A66DA961DD585A] [SPRF][30/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\81601D6B-EEC9-4A2E-A3FC-B46CFA6410E0.dat   [1242]
[MD5.EC10816F78C76647E2798A52BF744A9F] [SPRF][03/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\81DA20D5-B352-4821-BFA4-AEB481CAEE1C.dat   [1242]
[MD5.916B53BB103E152A8CDAF3A22464A633] [SPRF][18/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\844E87DE-997B-42D1-8733-9849278268DA.dat   [1242]
[MD5.9F1320C20EA21F7CD43E1E142478DBDA] [SPRF][31/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\87211CE1-6A59-42DC-B0A0-437D878079E2.dat   [1242]
[MD5.5860133E093DF2287DAB96664869A5EA] [SPRF][30/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\89C0CF53-F5E8-4A12-A5F0-35478CBDCF9A.dat   [1242]
[MD5.DE46B9276C332E041F6083EEDAFC59B2] [SPRF][18/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\8EDC482D-EA2F-4589-A6FE-98C747B87C3D.dat   [1242]
[MD5.7E3EBFBED6FC54FBB851F44C729F6221] [SPRF][03/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\8F4B20CF-F6B9-4FCB-9CC7-908FD845499B.dat   [1242]
[MD5.42DA9A88595B4A13111151D335A0A387] [SPRF][18/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\945F0F18-F4BD-4BBA-BAE3-4FBDF8402438.dat   [1242]
[MD5.B425349B5C7D9BCD2FE2F64DC368519F] [SPRF][18/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\A132D6D3-0C3D-49DB-8F93-29EBBD8DD229.dat   [1242]
[MD5.7742BF30C7D5C95C0C79ECCB5EDEAE44] [SPRF][01/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\A377C117-0413-496B-BA1C-483F79C4D5AC.dat   [1242]
[MD5.6892A241E32960D7EBCE4FF3C337D400] [SPRF][06/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\AC7AF897-B9A1-4C84-A513-EAA5C7E5DC21.dat   [1242]
[MD5.1EA3ED9BC8DF978BBDC4270EC4951B53] [SPRF][18/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\AEC99C33-D111-4EC8-B057-679318FFE1A7.dat   [1242]
[MD5.40D8470FF97EE91E3F0076176A97FEBC] [SPRF][31/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\B23C5D35-F7A3-48AA-9141-AECA0C57F9EF.dat   [1242]
[MD5.F9D77D7C565C33B8E4AC81C431CC60E5] [SPRF][30/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\B553AAB7-094A-46F9-B5B7-24FAE5C06D35.dat   [1242]
[MD5.C16FE654E0189A212D8B6882C2AD7BD7] [SPRF][30/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\B5A8E93E-EB11-4316-BE50-E903FE59701D.dat   [1242]
[MD5.135671E45E08162923E13D60BFE59B82] [SPRF][31/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\BA23BF74-86FD-4446-9670-046A10242F6E.dat   [1242]
[MD5.3EB170F5A97FD018FE072F2B5B796D83] [SPRF][30/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\BDF4832C-1934-4A4E-A3B5-6B3A8A20A122.dat   [1242]
[MD5.00D7B8BC5CEF3DE8D118543C132734B0] [SPRF][31/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\C9952BCC-2246-4202-8F40-43911B6072C4.dat   [1242]
[MD5.49E8DD155A4D9E5D84AD44D71E806785] [SPRF][31/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\CBC21665-007A-4C99-8972-BF79A7C2B0FD.dat   [1242]
[MD5.2F90AD0D17E258A1905898B148EB2E88] [SPRF][31/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\D14F52DE-DAAB-429D-AFA9-BD613B2FEAFB.dat   [1242]
[MD5.DB506957F1F2454ED2725741F0E82687] [SPRF][30/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\D835DF9C-EF17-40D0-9256-054D6DFA70F3.dat   [1242]
[MD5.885EE07C5896DEEBC2877F8756D77EA1] [SPRF][30/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\DE14FB8F-A2D4-4E26-A2D1-9EDDAA6D28C3.dat   [1242]
[MD5.55F972E056A9BB8F738A0A35359AE150] [SPRF][18/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\DEE9A634-A7DD-4500-89C1-42043ED6C4DE.dat   [1242]
[MD5.97FE713241E383FE52DC4AFFF429CABE] [SPRF][17/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\dump.dat   [2301952]
[MD5.5A3245B9A34A510009FA3CFA0CA40E0B] [SPRF][31/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\E2B30460-79EF-4153-AFB0-989F0C9160D3.dat   [1242]
[MD5.E5C42E392CD2188B69152DA7C63BB3BE] [SPRF][31/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\E70134DD-207E-4049-BD6A-39490BE5B84A.dat   [1242]
[MD5.DEC3774A2D8A30283B186A7675F36510] [SPRF][30/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\E93F3423-8777-4346-BD26-6631126DE174.dat   [1242]
[MD5.204DF21A7CEB0302A1A5BD937C3C65F9] [SPRF][06/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\EABCE62D-46CF-4823-9C16-B232E9C62275.dat   [1242]
[MD5.B175805EF54B3F54A64F5B2BE4B99B90] [SPRF][17/04/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\EAC7D6FD-70C0-4646-BB74-C3E69EB1B534.dat   [1242]
[MD5.748A7A300E63FDA56B9D3CCAB2E087C4] [SPRF][31/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\F001B562-16F4-400F-AB4D-4823ADB2FF22.dat   [1242]
[MD5.D0C2E81110ACBB47FDA6BDA21DB9C475] [SPRF][30/03/2013] (...) -- C:\Users\litzenbourger\AppData\Local\Temp\F560A871-B0E2-46F3-92F9-A2B25299592D.dat   [1242]
[MD5.36179B382A989075FF5FA282434F6892] [SPRF][21/03/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\litzenbourger\AppData\Local\Temp\uninst1.exe   [394736]  =>Toolbar.Babylon
[MD5.9DD57C3B039720B61C396B8ABE52EC6E] [SPRF][13/03/2013] (.Pas de propriétaire - Installer.) -- C:\Users\litzenbourger\AppData\Local\Temp\Video Performer63862.exe   [622040]
~ Files:  Scanned in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "vm-monitoring-rpc" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "vm-monitoring-dcom" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMP-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe
O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Netlogon-TCP-RPC-In" | In - None - P6 - FALSE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "ProximityUxHost-Sharing-In-TCP-NoScope" | In - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe
O87 - FAEL: "ProximityUxHost-Sharing-Out-TCP-NoScope" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-DAS-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-DAS-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-In-UDP-NoScope" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-UDP-LocalSubnetScope" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-NoScope" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-LocalSubnetScope" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-NoScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-LocalSubnetScope" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-SSDP-Discovery-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-In-TCP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-Out-TCP-PlayToScope" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TPMVSCMGR-Server-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-Server-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TPMVSCMGR-Server-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-Server-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-TERMSRV-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{391D50BF-7AE4-4577-9D40-FEED12DD0C70}" | In - Public - P6 - TRUE | .(.Nero AG - Nero BackItUp.) -- C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe
O87 - FAEL: "{C32BA26C-B07F-4BDE-8BDD-F2BD6A2CD10E}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDVD 10.0.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.exe
O87 - FAEL: "{9E73BF7C-240B-4D9E-8980-4F1D60E59227}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\SysWOW64\msiexec.exe
O87 - FAEL: "{0E59577D-8046-4B89-AD36-C9564D77AB2F}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\SysWOW64\msiexec.exe
O87 - FAEL: "{6FBE8E81-13A0-4432-9C56-B9442A332B3E}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{BFB24AD1-4746-4375-B096-C1EB9623F162}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{FAD51803-4BAB-49E7-A993-54B2379071A7}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "{6E2420C8-B455-46C7-827C-E0EC9EF12DF0}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{949EC825-1C66-4042-822E-1BCBA6571240}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{76EF12B4-5FB9-4C6E-B6EA-8680B70E21D2}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{55FC8A81-65C6-4D0A-B709-D04C1A8B5A09}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{79BBB543-775B-47CD-AB70-712D692D7046}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{E84151E9-F82D-49DE-AACE-93DDEA4010EE}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "{6B53176B-7FD8-460F-822B-25024441F055}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{7C17A992-C346-42FD-BA26-1065E2413C9B}" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{FB494825-B8F2-4853-8275-580444F0DA50}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{4C62A745-10AE-4217-8DCC-12C17F682AA0}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSMQ-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Message Queuing Service.) -- C:\Windows\system32\mqsvc.exe
O87 - FAEL: "MSMQ-Out-TCP" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Message Queuing Service.) -- C:\Windows\system32\mqsvc.exe
O87 - FAEL: "MSMQ-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Message Queuing Service.) -- C:\Windows\system32\mqsvc.exe
O87 - FAEL: "MSMQ-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Message Queuing Service.) -- C:\Windows\system32\mqsvc.exe
O87 - FAEL: "{D33CD8DE-E3D6-4B36-938F-6A85051ED1B6}" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - MSN Messenger.) -- C:\Program Files (x86)\MSN Messenger\msnmsgr.exe
O87 - FAEL: "{EB947FA0-C3D7-46D7-B164-42C293436CBF}" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - MSN Messenger.) -- C:\Program Files (x86)\MSN Messenger\msnmsgr.exe
O87 - FAEL: "{9DA7ABDB-9E7D-4C2C-8BD8-D0B9CA966B9E}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - MSN Messenger.) -- C:\Program Files (x86)\MSN Messenger\msnmsgr.exe
O87 - FAEL: "{2396A932-D5BB-4D5A-98F6-698DCA755830}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - MSN Messenger.) -- C:\Program Files (x86)\MSN Messenger\msnmsgr.exe
O87 - FAEL: "{42938C9C-CFF9-4BE2-B3CC-B5E4F4CD95AE}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - MSN Messenger.) -- C:\Program Files (x86)\MSN Messenger\msnmsgr.exe
O87 - FAEL: "{1169827B-6A85-4CDF-B0C6-E64C35BC2F6E}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - MSN Messenger.) -- C:\Program Files (x86)\MSN Messenger\msnmsgr.exe
O87 - FAEL: "{12DD1C47-FBCA-4EB7-B57E-E819B15EA368}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\litzenbourger\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{8FD6E11C-324C-4230-B5C5-769857403258}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\litzenbourger\AppData\Roaming\uTorrent\uTorrent.exe
~ Firewall: 217 Scanned in 00mn 01s



---\\ Scan Additionnel (O88)
Database Version : v2.11570 - (17/04/2013)
Clés trouvées (Keys found) : 119
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 7
Fichiers trouvés  (Files found) : 2

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8]   =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]   =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]   =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420]   =>PUP.SweetIM
[HKLM\Software\Classes\AppID\AddonsFramework.DLL]   =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\ButtonSite.DLL]   =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\PropertySync.EXE]   =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\ScriptHost.DLL]   =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}]   =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}]   =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}]   =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}]   =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}]   =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}]   =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}]   =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}]   =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}]   =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}]   =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}]   =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}]   =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}]   =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}]   =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}]   =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}]   =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}]   =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}]   =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}]   =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}]   =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}]   =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}]   =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}]   =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}]   =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}]   =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}]   =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}]   =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}]   =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}]   =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}]   =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}]   =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}]   =>Toolbar.Freecorder
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC]   =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836]   =>PUP.SweetIM^
C:\Program Files (x86)\PC Performer   =>Rogue.PCPerformer
C:\Program Files (x86)\mixidj   =>Adware.SmileyBar
C:\Program Files (x86)\Tiger Savings   =>PUP.RewardsArcade
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer   =>Rogue.PCPerformer
C:\Users\litzenbourger\AppData\Roaming\CRMixiDJTB   =>Adware.SmileyBar
C:\Users\litzenbourger\AppData\Local\Tiger Savings   =>PUP.RewardsArcade
C:\Users\litzenbourger\AppData\LocalLow\mixidj   =>Adware.SmileyBar
C:\Users\litzenbourger\AppData\Local\Temp\uninst1.exe   =>Toolbar.Babylon
~ Additionnel:  Scanned in 00mn 13s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "03FF80700C870B74180F8C6440CD67C9" . (.Nero Express Help (CHM).) -- C:\windows\Installer\{0708FF30-78C0-47B0-81F0-C84604DC769C}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945
O90 - PUC: "122113B05A506674D830A74664971465" . (.Nero RescueAgent Help (CHM).) -- c:\windows\Installer\{0B311221-05A5-4766-8D03-7A6446794156}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945
O90 - PUC: "18034D2AB7FC73649A3F2E56A15A4C8A" . (.Nero RescueAgent.) -- c:\windows\Installer\{A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}\ARPPRODUCTICON.exe
O90 - PUC: "203E62EEA6789D84098513925E9B9999" . (.Live Updater.) -- C:\windows\Installer\{EE26E302-876A-48D9-9058-3129E5B99999}\icon.ico
O90 - PUC: "227C12A7952F67947BAA66855EDFDEFA" . (.Google Drive.) -- C:\Windows\Installer\{7A21C722-F259-4976-B7AA-6658E5FDEDAF}\DriveIcon
O90 - PUC: "2921D0FE1CF8EB147904BD1C436F4651" . (.Nero BackItUp Help (CHM).) -- c:\windows\Installer\{EF0D1292-8FC1-41BE-9740-DBC134F66415}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945
O90 - PUC: "35588CBA077879B44BE3A50946A7B536" . (.Nero ControlCenter.) -- C:\windows\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ARPPRODUCTICON.exe
O90 - PUC: "37CE0B2BA4DA61743AEDEC8A44B003B9" . (.Nero BackItUp 12 Essentials OEM.a01.) -- c:\windows\Installer\{B2B0EC73-AD4A-4716-A3DE-CEA8440B309B}\ARPPRODUCTICON.exe
O90 - PUC: "3A80BAA3921F5DB44B90EA76F43957D9" . (.Prerequisite installer.) -- C:\windows\Installer\{3AAB08A3-F129-4BD5-B409-AE674F93759D}\ARPPRODUCTICON.exe
O90 - PUC: "456BC9D3DA991034986CD0217A0967C7" . (.Identity Card.) -- C:\windows\Installer\{3D9CB654-99AD-4301-89C6-0D12A790767C}\icon.ico
O90 - PUC: "647C499C0D6CABE40BE9FDB78183B196" . (.Nero ControlCenter Help (CHM).) -- C:\windows\Installer\{C994C746-C6D0-4EBA-B09E-DF7B18381B69}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D
O90 - PUC: "7040BB568CC47CD459E2E3FEFD5006A2" . (.Nero Update.) -- C:\windows\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe
O90 - PUC: "75FA496A198926D428C4E7551A63A141" . (.eBay Worldwide.) -- c:\Windows\Installer\{A694AF57-9891-4D62-824C-7E55A1361A14}\_853F67D554F05449430E7E.exe
O90 - PUC: "86C7A848CDA03914A898C2AE875EA6C0" . (.Nero Express.) -- C:\windows\Installer\{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}\ARPPRODUCTICON.exe
O90 - PUC: "A5002F70CAC8B4A4382AAD897A22AC16" . (.Recovery Management.) -- C:\windows\Installer\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}\.\Bitmaps\eRecoveryicon.ico
O90 - PUC: "C2F2B07E1D4978245B0BBCEB16E86225" . (.Nero BackItUp.) -- c:\windows\Installer\{E70B2F2C-94D1-4287-B5B0-CBBE618E2652}\ARPPRODUCTICON.exe
O90 - PUC: "C838BEBA7A1AD5C47B1EB83441068002" . (.MSN Messenger 7.0.) -- C:\Windows\Installer\{ABEB838C-A1A7-4C5D-B7E1-8B4314600820}\MsblIco.Exe
O90 - PUC: "DE532CED4A8571542A874CE1D8EABAB3" . (.PowerDVD.) -- C:\Windows\Installer\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\ARPPRODUCTICON.exe
O90 - PUC: "EF9D0FB939897464189B717BEB4A6EDF" . (.Nero 12 Essentials OEM.a01.) -- C:\windows\Installer\{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}\ARPPRODUCTICON.exe
O90 - PUC: "F2FD7A0F0EB0F0741B737D1AF9791798" . (.Broadcom Card Reader Driver Installer.) -- C:\Windows\Installer\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}\ARPPRODUCTICON.exe
O90 - PUC: "FA0364E07BA0E0449A87A187CFF4349B" . (.Nero Launcher.) -- C:\windows\Installer\{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}\ARPPRODUCTICON.exe
~ Update Products: 28 Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/03/2013 253656 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 07/03/2013 45248 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Demand 16/04/2013 277024 |  (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 22/08/2012 468624 |  (DeviceFastLaneService) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
SR - | Auto 21/08/2012 348784 |  (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
SR - | Demand 22/08/2012 658576 |  (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
SR - | Auto 16/04/2013 92560 |  (ETDService) . (.ELAN Microelectronics Corp..) - C:\Program Files\Elantech\ETDService.exe
SS - | Auto 06/03/2013 116648 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 06/03/2013 116648 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 20/04/2012 635104 |  (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SS - | Auto 18/07/2012 165760 |  (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 18/07/2012 276864 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Auto 04/04/2013 418376 |  (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SS - | Auto 04/04/2013 701512 |  (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 26/11/2011 687400 |  (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 05/12/2012 143928 |  (NIS) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe
SS - | Auto  289544 |  (PCSUService) . (...) - C:\Program Files (x86)\Accelerer PC\PCSUService.exe
SR - | Auto 07/09/2012 93296 |  (RfButtonDriverService) . (.Dritek System INC..) - C:\Windows\RfBtnSvc64.exe
SS - | Auto 18/07/2012 364416 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SS - | Demand  0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SS - | Auto 20/09/2012 29696 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Scanned in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by litzenbourger at 18/04/2013 15:01:38

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR:  Scanned in 00mn 04s



End of the scan (2353 lines in 05mn 34s)(22)