Rapport de ZHPDiag v1.3.5.134 par Nicolas Coolman, Update du 26/02/2013
Run by Wizzou at 26/02/2013 13:00:23
State : 
High Elevated Privileges : OK
UAC : Activate by user


---\\ Web Browser
MSIE: Internet Explorer v9.10.9200.16484
MFIE: Mozilla Firefox 19.0 v19.0 (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows 8 Home Premium Edition, 64-bit  (Build 9200)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : T6JYG
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6098 MB (72% free)
System Restore: Activé (Enable)
System drive C: has 43 GB (28%) free of 150 GB

---\\ Logged in mode
~ Computer Name: MAXIME
~ User Name: Wizzou
~ All Users Names: Wizzou, HomeGroupUser$, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Wizzou\AppData\Roaming\
~ %Desktop% : C:\Users\Wizzou\Desktop\
~ %Favorites% : C:\Users\Wizzou\Favorites\
~ %LocalAppData% : C:\Users\Wizzou\AppData\Local\
~ %StartMenu% : C:\Users\Wizzou\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 43 Go of 150 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 756 Go of 766 Go)
E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
F:\ CD-ROM drive (Free 0 Go of 0 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.E13A31D5254C25406A7946BDD9B06364] - (.Microsoft Corporation - Explorateur Windows.) (.11/10/2012 - 08:35:16.) -- C:\Windows\Explorer.exe [2380944]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.BDE820861D8107C67E182DF66A27074F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.20/12/2012 - 01:29:16.) -- C:\Windows\System32\wininet.dll [2246656]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.36D6A3201721558A8AFBCC09C2DA4C2C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.06/11/2012 - 04:53:44.) -- C:\Windows\system32\Drivers\AFD.sys [560640]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.877D60D6E4156EC4A2E0B6871D41BED9] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.06/11/2012 - 04:52:49.) -- C:\Windows\system32\Drivers\MRxSmb.sys [366080]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.11D7A4A4A1DA60F394F53B413DCDF0DE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.10/01/2013 - 02:29:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1934056]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.26/07/2012 - 05:57:09.) -- C:\Windows\system32\Drivers\volsnap.sys [332016]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/3
~ Mes musiques (My Musics) : 1/53
~ Mes Favoris (My Favorites) : 1/5
~ Mon Bureau (My Desktop) : 1/16
~ Menu demarrer (Programs) : 1/32
~ Scan Hidden Files in 00mn 00s



---\\ Processus lancés
[MD5.8C9231025FAF86B78906B6C847531FFB] - (.ASUSTeK Computer Inc. - ASUS Routine Controller.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe   [2935424] [PID.2044]
[MD5.4458989C34FA84B5A75DD3ABCFBE786A] - (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe   [3093624] [PID.3096]
[MD5.46FD58A19453BC8C54E1F2EA7255869D] - (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files (x86)\Steam\steam.exe   [1602984] [PID.2856]
[MD5.2A6C01BAC0F8AA9143D61AE1E28E263A] - (.Yontoo LLC - Yontoo Desktop.) -- C:\Users\Wizzou\AppData\Roaming\Yontoo\YontooDesktop.exe   [42784] [PID.3244]
[MD5.2D75851551D18878FADC21E166DEA3FA] - (.ASUSTek Computer Inc. - AiChargerAP MFC Application.) -- C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe   [547984] [PID.3532]
[MD5.7D7D090E09D28AE68309D625C42B1C9B] - (.ASUSTeK Computer Inc. - ALU MFC Application.) -- C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe   [195200] [PID.3868]
[MD5.B7995C675014EEBE77A0BEB7AFCCFC08] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe   [91432] [PID.3548]
[MD5.050D1C454A49D4DF8EB5222D352B6630] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe   [917400] [PID.2880]
[MD5.57785A015DED82C287761CA1BD02D532] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe   [17304] [PID.2816]
[MD5.EB0EB16E7DC48C3D645B1E136346999B] - (.Adobe Systems, Inc. - Adobe Flash Player 11.6 r602.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_168.exe   [1820016] [PID.524]
[MD5.4A4CAA5B17A420157D04903313CC9380] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [5711872] [PID.3192]
[MD5.048B32E0DBB8304A498483F5EB2551F2] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe   [382312] [PID.876]
[MD5.62B7936F9036DD6ED36E6A7EFA805DC0] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe   [63928] [PID.1764]
[MD5.31E2470E61D5A390405BA41C279D8446] - (...) -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe   [920736] [PID.1908]
[MD5.0466B91EE5767A769E9F8EDB8EF94DDB] - (.ASUSTeK Computer Inc. - Pas de description.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe   [951936] [PID.1788]
[MD5.AD8947D621FDCA48F1F39F4624B60AA1] - (.ASUSTeK Computer Inc. - AsSysCtr Application.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe   [149120] [PID.2028]
[MD5.78ABBE558F57144047F10A0F50FE4B2F] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe   [166720] [PID.2108]
[MD5.24FB8DB6D1D55E2C5D0A53DFE48E6AF8] - (.Microsoft - Y2Desktop.Updater.) -- C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe   [23552] [PID.2212]
[MD5.6FCC5D82A41C6A5057DE247B0EEF3FBC] - (.Valve Corporation - Steam Client Service (buildbot_winslave04_s.) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe   [543144] [PID.4336]
[MD5.B3009DCDBCC5EFA49FA52562E9860E3C] - (.MAGIX AG - Verzeichnisüberwachung und Hilfsaufgaben fü.) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe   [1840128] [PID.5792]
[MD5.2C24DC448DBE8DB9BE1441B824C57E79] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe   [277824] [PID.5832]
[MD5.E0E4A1F81A7D69C595A8A9DDAD084C19] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe   [769432] [PID.5860]
[MD5.E1A119AD21F5AFE22EB516C549306D3D] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe   [365376] [PID.6036]
~ Scan Processes Running in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\Wizzou\AppData\Roaming\Mozilla\Firefox\Profiles\f4i8sbbi.default\prefs.js
M3 - MFPP: Plugins - [Wizzou] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazondotcom.xml
M3 - MFPP: Plugins - [Wizzou] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Wizzou] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay.xml
M3 - MFPP: Plugins - [Wizzou] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Wizzou] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\twitter.xml
M3 - MFPP: Plugins - [Wizzou] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia.xml
M3 - MFPP: Plugins - [Wizzou] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO [64Bits] - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} . (.Trend Micro Inc. - Trend Micro Osprey IE Plug-In.) -- C:\Program Files\Trend Micro\AMSP\Module\20013\1.0.1194\1.0.1194\TmopIEPlg32.dll
O2 - BHO: TmBpIeBHO [64Bits] - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} . (.Trend Micro Inc. - Trend Micro Browser Plug-In (IE).) -- C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1115\7.5.1115\TmBpIe32.dll
~ Scan BHO in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Trend Micro Titanium] . (.Trend Micro Inc. - Trend Micro Client Main Console.) -- C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe 
O4 - HKLM\..\Run: [Trend Micro Client Framework] . (.Trend Micro Inc. - Trend Micro Client Session Agent Monitor.) -- C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe 
O4 - HKCU\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe 
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files (x86)\Steam\Steam.exe 
O4 - HKCU\..\Run: [Yontoo Desktop] . (.Yontoo LLC - Yontoo Desktop.) -- C:\Users\Wizzou\AppData\Roaming\Yontoo\YontooDesktop.exe 
O4 - HKLM\..\Wow6432Node\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe 
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 
O4 - HKLM\..\Wow6432Node\Run: [ASUS Ai Charger] . (.ASUSTek Computer Inc. - AiChargerAP MFC Application.) -- C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe 
O4 - HKLM\..\Wow6432Node\Run: [ASUS Easy Update] . (.ASUSTeK Computer Inc. - ALU MFC Application.) -- C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe 
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe 
O4 - HKUS\S-1-5-21-4193420163-18762517-666639222-1001\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe 
O4 - HKUS\S-1-5-21-4193420163-18762517-666639222-1001\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files (x86)\Steam\Steam.exe 
O4 - HKUS\S-1-5-21-4193420163-18762517-666639222-1001\..\Run: [Yontoo Desktop] . (.Yontoo LLC - Yontoo Desktop.) -- C:\Users\Wizzou\AppData\Roaming\Yontoo\YontooDesktop.exe 
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop: Trend Micro Titanium Internet Security.lnk . (...)  -- C:\Program Files (x86)\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (.not file.)
~ Scan Global Startup in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{441DF807-6CD1-4BC7-98F5-A68C90DCBC0D}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8D7BE13-3B77-42FB-ADC0-BB6C478248F2}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{F07D38D0-6C91-4B80-81B4-D088EEDE16BC}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8D7BE13-3B77-42FB-ADC0-BB6C478248F2}: DhcpDomain = sz-image
O17 - HKLM\System\CS1\Services\Tcpip\..\{441DF807-6CD1-4BC7-98F5-A68C90DCBC0D}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{B8D7BE13-3B77-42FB-ADC0-BB6C478248F2}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{F07D38D0-6C91-4B80-81B4-D088EEDE16BC}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{B8D7BE13-3B77-42FB-ADC0-BB6C478248F2}: DhcpDomain = sz-image
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- 
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA Stereo Initialization dll, Version 3.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit64.dll
~ Scan AppInit DLL in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Trend Micro Solution Platform (Amsp) . (.Trend Micro Inc. - Trend Micro Anti-Malware Solution Platform.) - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: ASUS Com Service (asComSvc) . (...) - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) . (.ASUSTeK Computer Inc. - Pas de description.) - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) . (.ASUSTeK Computer Inc. - AsSysCtr Application.) - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
O23 - Service: FABS - Helping agent for MAGIX media dat (Fabs) . (.MAGIX AG - Verzeichnisüberwachung und Hilfsaufgaben fü.) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Intel(R) Capability Licensing Service In (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service:  (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 305.4.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: oem3.inf (VIAKaraokeService) . (.VIA Technologies, Inc. - Service binary.) - C:\Windows\System32\viakaraokesrv.exe
O23 - Service:  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O23 - Service: Yontoo Desktop Updater (Yontoo Desktop Updater) . (.Microsoft - Y2Desktop.Updater.) - C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
~ Scan Services in 00mn 09s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Adobe Flash Player Updater.job
[MD5.563CDCFEEAEF97163E206AF71A61AA6E] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.9CE3B11704038F711481ACD6BD9A9A5A] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
[MD5.46FD58A19453BC8C54E1F2EA7255869D] [APT] [{D33EB7C8-8C03-4299-BC91-A85A8FDD0D88}] (.Valve Corporation.) -- C:\Program Files (x86)\Steam\steam.exe
[MD5.8C9231025FAF86B78906B6C847531FFB] [APT] [ASUS AI Suite II Execute] (.ASUSTeK Computer Inc..) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
~ Scan Scheduled Task in 00mn 03s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Scan Active Setup in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (AsIO) . (...) - C:\Windows\Syswow64\drivers\AsIO.sys
O41 - Driver:  (AsUpIO) . (...) - C:\Windows\Syswow64\drivers\AsUpIO.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver:  (tmactmon) . (.Trend Micro Inc. - TrendMicro Activity Monitor Module.) - C:\Windows\system32\DRIVERS\tmactmon.sys
O41 - Driver:  (tmevtmgr) . (.Trend Micro Inc. - TrendMicro Event Management Module.) - C:\Windows\system32\DRIVERS\tmevtmgr.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: AI Suite II - (.ASUSTeK Computer Inc..) [HKLM][64Bits] -- {34D3688E-A737-44C5-9E2A-FF73618728E1}
O42 - Logiciel: ASUS Ai Charger - (.ASUSTeK Computer Inc..) [HKLM][64Bits] -- {7FB64E72-9B0E-4460-A821-040C341E414A}
O42 - Logiciel: ASUS Easy Update - (.ASUSTeK Computer Inc.) [HKLM][64Bits] -- {E7AA854E-6756-424E-84C2-4E47D5729AFF}
O42 - Logiciel: ASUS MX Suite - (.MAGIX AG.) [HKLM][64Bits] -- MAGIX_{9204F334-2A46-49F1-89C4-65CEB7AC1974}
O42 - Logiciel: ASUS MX Suite - (.MAGIX AG.) [HKLM][64Bits] -- {9204F334-2A46-49F1-89C4-65CEB7AC1974}
O42 - Logiciel: ASUS Music Maker - (.MAGIX AG.) [HKLM][64Bits] -- MAGIX_{5E00D8DF-905B-41C7-B562-C126DE3A4167}
O42 - Logiciel: ASUS Music Maker - (.MAGIX AG.) [HKLM][64Bits] -- {5E00D8DF-905B-41C7-B562-C126DE3A4167}
O42 - Logiciel: ASUS Video easy - (.MAGIX AG.) [HKLM][64Bits] -- MAGIX_{7DB84618-76E3-4999-A9A0-D7D756E14129}
O42 - Logiciel: ASUS Video easy - (.MAGIX AG.) [HKLM][64Bits] -- {7DB84618-76E3-4999-A9A0-D7D756E14129}
O42 - Logiciel: ASUSDVD - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: ASUSDVD - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.3) MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-AA0000000001}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Curse Client - (.Curse.) [HKCU][64Bits] -- 101a9f93b8f0bb6f
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Firebird SQL Server - MAGIX Edition - (.MAGIX AG.) [HKLM][64Bits] -- {6C5F8503-55D2-4398-858C-362B7A7AF51C}
O42 - Logiciel: Fotogalerie - (.Microsoft Corporation.) [HKLM][64Bits] -- {B19E03EA-067C-412F-A81E-271720E601AB}
O42 - Logiciel: Galeria de Fotografias - (.Microsoft Corporation.) [HKLM][64Bits] -- {75FCD3A9-D7F8-46AD-BC90-91A6364B9334}
O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {FE8DFDD0-A543-4A83-B7A9-C411138194D5}
O42 - Logiciel: Galería de fotos - (.Microsoft Corporation.) [HKLM][64Bits] -- {959BC6D1-38C8-441F-9466-9ECCD4E68413}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
O42 - Logiciel: League of Legends - (.Riot Games.) [HKLM][64Bits] -- {92606477-9366-4D3B-8AE3-6BE4B29727AB}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {F842F8B0-6942-4930-821F-543E976B2C66}
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM][64Bits] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E}
O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM][64Bits] -- {196467F1-C11F-4F76-858B-5812ADC83B94}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mozilla Firefox 19.0 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 19.0 (x86 en-US)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}
O42 - Logiciel: NVIDIA PhysX System Software 9.12.0213 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: NVIDIA Pilote 3D Vision 305.46 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
O42 - Logiciel: NVIDIA Pilote audio HD : 1.3.18.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: NVIDIA Pilote du contrôleur 3D Vision 305.46 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB
O42 - Logiciel: NVIDIA Pilote graphique 305.46 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIAStereo
O42 - Logiciel: Nero 12 Essentials OEM.a01 - (.Nero AG.) [HKLM][64Bits] -- {2AC099EA-CC1C-4E4E-BDFC-0353DCF13DD0}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {ABC88553-8770-4B97-B43E-5A90647A5B63}
O42 - Logiciel: Nero ControlCenter Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {C994C746-C6D0-4EBA-B09E-DF7B18381B69}
O42 - Logiciel: Nero Core Components - (.Nero AG.) [HKLM][64Bits] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263}
O42 - Logiciel: Nero Express - (.Nero AG.) [HKLM][64Bits] -- {848A7C68-0ADC-4193-8A89-2CEA78E56A0C}
O42 - Logiciel: Nero Express Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {0708FF30-78C0-47B0-81F0-C84604DC769C}
O42 - Logiciel: Nero Launcher - (.Nero AG.) [HKLM][64Bits] -- {0E4630AF-0AB7-440E-A978-1A78FC4F43B9}
O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM][64Bits] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM][64Bits] -- {980A182F-E0A2-4A40-94C1-AE0C1235902E}
O42 - Logiciel: Raccolta foto - (.Microsoft Corporation.) [HKLM][64Bits] -- {86CAC8DE-288A-410D-A4A4-0190060E69AE}
O42 - Logiciel: Ralink RT2860 Wireless LAN Card - (.Ralink.) [HKLM][64Bits] -- {8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3}
O42 - Logiciel: TERA - (.Gameforge Productions GmbH.) [HKLM][64Bits] -- {A2S166A0-F031-4E27-A057-C69733219434}_is1
O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM][64Bits] -- TeamSpeak 3 Client
O42 - Logiciel: The Elder Scrolls V: Skyrim - (.Bethesda Game Studios.) [HKLM][64Bits] -- Steam App 72850
O42 - Logiciel: Trend Micro Titanium - (.Trend Micro Inc..) [HKLM][64Bits] -- {ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}
O42 - Logiciel: Trend Micro Titanium Internet Security - (.Trend Micro Inc..) [HKLM][64Bits] -- {ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}
O42 - Logiciel: VIA Platform Device Manager - (.VIA Technologies, Inc..) [HKLM][64Bits] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}
O42 - Logiciel: Why ASUS PC - (.ASUSTeK Computer Inc..) [HKLM][64Bits] -- {5648F9D9-299E-408C-AC1F-59DC75894A1F}
O42 - Logiciel: World of Warcraft - (.Blizzard Entertainment.) [HKLM][64Bits] -- World of Warcraft
O42 - Logiciel: aTube Catcher - (.DsNET Corp.) [HKLM][64Bits] -- aTube Catcher
O42 - Logiciel: S?????? f?t???af??? - (.Microsoft Corporation.) [HKLM][64Bits] -- {6C4BAF40-14F7-44F2-9B9A-C697DA797EF4}
O42 - Logiciel: ???? - (.Microsoft Corporation.) [HKLM][64Bits] -- {3668CB0E-910D-43FE-9EDB-B07754E1CF24}
O42 - Logiciel: ??? - (.Microsoft Corporation.) [HKLM][64Bits] -- {0E6639BB-C1BB-4FF5-8846-5813EF63E04B}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\Bugsplat]
[HKCU\Software\ClassesB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\Google]
[HKCU\Software\Macromedia]
[HKCU\Software\MatrixMixer]
[HKCU\Software\Mine]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Pando Networks]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\TeleCharger]
[HKCU\Software\TrendMicro]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VISCOM Speaker]
[HKCU\Software\Valve]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CoreSecurity]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\MAGIX]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Speedchecker Limited]
[HKLM\Software\TrendMicro]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\AGEIA Technologies]
[HKLM\Software\Wow6432Node\ASUS]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\MAGIX]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\NVIDIA Corporation]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Ralink]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Riot Games]
[HKLM\Software\Wow6432Node\TERA]
[HKLM\Software\Wow6432Node\TrendMicro]
[HKLM\Software\Wow6432Node\VIA Technologies, Inc]
[HKLM\Software\Wow6432Node\Valve]
[HKLM\Software\Wow6432Node\Wizards of the Coast]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/09/2012 - 22:00:51 - [455,777] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 21/02/2013 - 19:15:26 - [575,912] ----D C:\Program Files (x86)\ASUS
O43 - CFD: 21/02/2013 - 17:28:39 - [107,242] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 17/09/2012 - 13:58:20 - [174,102] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 21/02/2013 - 18:34:09 - [38,179] ----D C:\Program Files (x86)\DsNET Corp
O43 - CFD: 25/02/2013 - 23:13:55 - [0] ----D C:\Program Files (x86)\Google
O43 - CFD: 21/02/2013 - 21:56:44 - [58,788] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 17/09/2012 - 13:49:44 - [22,425] ----D C:\Program Files (x86)\Intel
O43 - CFD: 23/02/2013 - 16:46:22 - [4,621] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 21/02/2013 - 19:16:42 - [0] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 03/09/2012 - 22:14:34 - [6,085] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 23/02/2013 - 16:52:08 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 03/09/2012 - 22:23:00 - [5,306] ----D C:\Program Files (x86)\Microsoft SkyDrive
O43 - CFD: 03/09/2012 - 22:23:52 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 26/07/2012 - 09:12:59 - [0,023] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 21/02/2013 - 12:27:28 - [44,242] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 21/02/2013 - 12:27:29 - [0,212] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 03/09/2012 - 20:43:35 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 17/09/2012 - 13:53:17 - [0,147] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 03/09/2012 - 22:10:07 - [193,613] ----D C:\Program Files (x86)\Nero
O43 - CFD: 23/02/2013 - 16:45:08 - [116,012] ----D C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 21/02/2013 - 13:00:14 - [7,234] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 03/09/2012 - 22:00:20 - [2,697] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 03/09/2012 - 20:43:35 - [36,536] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 26/02/2013 - 12:28:41 - [315,674] ----D C:\Program Files (x86)\Steam
O43 - CFD: 21/02/2013 - 12:46:23 - [55,440] ----D C:\Program Files (x86)\TeamSpeak 3 Client
O43 - CFD: 21/02/2013 - 12:57:45 - [-682,988] ----D C:\Program Files (x86)\TERA
O43 - CFD: 03/09/2012 - 22:00:02 - [48,605] ----D C:\Program Files (x86)\VIA
O43 - CFD: 22/02/2013 - 16:51:02 - [0,870] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 03/09/2012 - 22:23:51 - [135,012] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 22/02/2013 - 16:51:10 - [5,466] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 25/02/2013 - 20:55:16 - [3,494] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 26/07/2012 - 09:12:59 - [7,243] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 22/02/2013 - 16:51:05 - [5,226] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/07/2012 - 09:12:59 - [0] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 22/02/2013 - 20:52:47 - [-1408,180] ----D C:\Program Files (x86)\World of Warcraft
O43 - CFD: 26/02/2013 - 12:26:26 - [0,217] ----D C:\Program Files (x86)\Yontoo
O43 - CFD: 26/02/2013 - 13:00:26 - [15,161] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 03/09/2012 - 22:01:04 - [18,266] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 21/02/2013 - 12:56:54 - [1,872] ----D C:\Program Files (x86)\Common Files\Blizzard Entertainment
O43 - CFD: 03/09/2012 - 22:01:51 - [2,730] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 17/09/2012 - 13:53:52 - [20,520] ----D C:\Program Files (x86)\Common Files\MAGIX Services
O43 - CFD: 23/02/2013 - 16:46:16 - [30,805] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 03/09/2012 - 22:09:29 - [22,936] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 17/09/2012 - 13:49:27 - [0,185] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 26/07/2012 - 09:13:01 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 26/02/2013 - 12:11:14 - [0,518] ----D C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 22/02/2013 - 16:51:03 - [9,406] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 03/09/2012 - 22:22:52 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 03/09/2012 - 22:00:59 - [0,000] ----D C:\ProgramData\Adobe
O43 - CFD: 26/07/2012 - 08:22:08 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 17/09/2012 - 13:53:52 - [224,353] ----D C:\ProgramData\ASUS
O43 - CFD: 21/02/2013 - 12:48:09 - [347,290] ----D C:\ProgramData\Battle.net
O43 - CFD: 21/02/2013 - 12:51:24 - [0,561] ----D C:\ProgramData\Blizzard Entertainment
O43 - CFD: 26/07/2012 - 08:22:08 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 26/07/2012 - 08:22:08 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 17/09/2012 - 13:49:45 - [0,011] ----D C:\ProgramData\Intel
O43 - CFD: 17/09/2012 - 13:54:23 - [5,560] ----D C:\ProgramData\MAGIX
O43 - CFD: 22/02/2013 - 21:23:46 - [482,892] -S--D C:\ProgramData\Microsoft
O43 - CFD: 03/09/2012 - 22:23:00 - [0] ----D C:\ProgramData\Microsoft SkyDrive
O43 - CFD: 21/02/2013 - 12:27:29 - [0,000] ----D C:\ProgramData\Mozilla
O43 - CFD: 03/09/2012 - 22:24:38 - [2,353] ----D C:\ProgramData\Nero
O43 - CFD: 26/02/2013 - 12:27:54 - [2,226] ----D C:\ProgramData\NVIDIA
O43 - CFD: 17/09/2012 - 13:59:33 - [2,138] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 24/02/2013 - 00:43:15 - [0,001] ----D C:\ProgramData\PMB Files
O43 - CFD: 23/02/2013 - 16:54:10 - [0,053] ----D C:\ProgramData\PRICache
O43 - CFD: 17/09/2012 - 13:50:20 - [4,644] ----D C:\ProgramData\Ralink Driver
O43 - CFD: 26/07/2012 - 08:52:44 - [0,001] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 26/07/2012 - 08:22:08 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 17/09/2012 - 13:58:36 - [0,356] ----D C:\ProgramData\Temp
O43 - CFD: 26/07/2012 - 08:22:08 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 21/02/2013 - 12:57:25 - [1,984] ----D C:\ProgramData\TERA
O43 - CFD: 21/02/2013 - 11:53:39 - [42,063] ----D C:\ProgramData\Trend Micro
O43 - CFD: 21/02/2013 - 11:53:15 - [0] ----D C:\Users\Wizzou\AppData\Roaming\Adobe
O43 - CFD: 22/02/2013 - 21:54:11 - [0] ----D C:\Users\Wizzou\AppData\Roaming\LolClient
O43 - CFD: 21/02/2013 - 11:54:09 - [0,007] ----D C:\Users\Wizzou\AppData\Roaming\Macromedia
O43 - CFD: 21/02/2013 - 15:08:02 - [0,908] -S--D C:\Users\Wizzou\AppData\Roaming\Microsoft
O43 - CFD: 21/02/2013 - 12:27:46 - [33,408] ----D C:\Users\Wizzou\AppData\Roaming\Mozilla
O43 - CFD: 24/02/2013 - 21:21:27 - [0,208] ----D C:\Users\Wizzou\AppData\Roaming\TS3Client
O43 - CFD: 26/02/2013 - 12:42:38 - [0,098] ----D C:\Users\Wizzou\AppData\Roaming\Yontoo
O43 - CFD: 21/02/2013 - 11:52:47 - [0] ----D C:\Users\Wizzou\AppData\Local\Application Data
O43 - CFD: 21/02/2013 - 11:56:42 - [28,476] ----D C:\Users\Wizzou\AppData\Local\Apps
O43 - CFD: 26/02/2013 - 12:28:50 - [0] ----D C:\Users\Wizzou\AppData\Local\Deployment
O43 - CFD: 21/02/2013 - 11:55:38 - [1,591] ----D C:\Users\Wizzou\AppData\Local\Diagnostics
O43 - CFD: 25/02/2013 - 23:13:41 - [0] ----D C:\Users\Wizzou\AppData\Local\Google
O43 - CFD: 21/02/2013 - 11:52:47 - [0] ----D C:\Users\Wizzou\AppData\Local\Historique
O43 - CFD: 21/02/2013 - 15:08:02 - [0] ----D C:\Users\Wizzou\AppData\Local\Macromedia
O43 - CFD: 23/02/2013 - 18:59:38 - [141,913] ----D C:\Users\Wizzou\AppData\Local\Microsoft
O43 - CFD: 21/02/2013 - 12:27:35 - [15,110] ----D C:\Users\Wizzou\AppData\Local\Mozilla
O43 - CFD: 23/02/2013 - 17:09:40 - [77,807] ----D C:\Users\Wizzou\AppData\Local\Packages
O43 - CFD: 26/02/2013 - 13:00:37 - [0,263] ----D C:\Users\Wizzou\AppData\Local\PMB Files
O43 - CFD: 26/02/2013 - 12:59:14 - [126,610] ----D C:\Users\Wizzou\AppData\Local\Temp
O43 - CFD: 21/02/2013 - 11:52:47 - [0] ----D C:\Users\Wizzou\AppData\Local\Temporary Internet Files
O43 - CFD: 21/02/2013 - 18:34:50 - [0,000] ----D C:\Users\Wizzou\AppData\Local\VirtualStore
O43 - CFD: 26/07/2012 - 09:13:00 - [0,004] R---D C:\Users\Wizzou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/07/2012 - 09:13:00 - [0,001] R---D C:\Users\Wizzou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 23/02/2013 - 16:54:15 - [0,000] R---D C:\Users\Wizzou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 21/02/2013 - 12:44:39 - [0,000] ----D C:\Users\Wizzou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
O43 - CFD: 26/07/2012 - 09:13:00 - [0,000] ----D C:\Users\Wizzou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 23/02/2013 - 16:54:15 - [0,000] R---D C:\Users\Wizzou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 25/02/2013 - 23:08:39 - [0,001] ----D C:\Users\Wizzou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 26/07/2012 - 09:13:00 - [0,005] R---D C:\Users\Wizzou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 21/02/2013 - 11:53:40 - [0,012] ----D C:\Users\Wizzou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
~ Scan Program Folder in 00mn 06s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.FA811C3128BE74EFE1B5A75ED05164B5] - 26/02/2013 - 12:34:01 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI   [1793362]
O44 - LFC:[MD5.747D6101976FA99CE7C8093F7BA05491] - 26/02/2013 - 12:34:01 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat   [132416]
O44 - LFC:[MD5.3B7E6E3E4D544B97B5F5B7B260F940CE] - 26/02/2013 - 12:34:01 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat   [155444]
O44 - LFC:[MD5.7624968BD681C3F8266295970ABE7142] - 26/02/2013 - 12:34:01 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat   [710046]
O44 - LFC:[MD5.FA5D73B1669DC642B3F7BC9A304D200A] - 26/02/2013 - 12:34:01 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat   [799736]
O44 - LFC:[MD5.EDEE769A3E8C7C2119A24CC3AD923CEC] - 26/02/2013 - 12:29:48 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.25F63EA62D2CC7AC072FE3FF54C68897] - 26/02/2013 - 12:27:39 ---A- . (...) -- C:\Windows\PFRO.log   [4626]
O44 - LFC:[MD5.1435C5BB4DD01674603D5FA1232DEC57] - 26/02/2013 - 12:26:32 ---A- . (...) -- C:\AdwCleaner[S1].txt   [6422]
O44 - LFC:[MD5.184A522C60FABEBE65BD1469A5998537] - 26/02/2013 - 12:26:32 ---A- . (...) -- C:\Windows\DeleteOnReboot.bat   [151]
O44 - LFC:[MD5.BF5A9908D6DEBDC4AEB2783609F57D74] - 26/02/2013 - 12:22:04 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1504229]
O44 - LFC:[MD5.7655E6AF7319552C2D7932B6BEB6F5EF] - 25/02/2013 - 23:01:45 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT   [353424]
O44 - LFC:[MD5.F61538DADA4EF556BEA8F3AEF12A7E6B] - 23/02/2013 - 21:53:00  . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\audiodg.exe   [46080]
O44 - LFC:[MD5.810ED88782952228AF9C0985FB7D259E] - 23/02/2013 - 21:52:54  . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\AudioEndpointBuilder.dll   [46080]
O44 - LFC:[MD5.DB4E407D101E939BC47B1324F96F0A41] - 23/02/2013 - 16:44:59 ---A- . (...) -- C:\Windows\setupact.log   [21066]
O44 - LFC:[MD5.6A8692468662C2780717FACA07269CA6] - 22/02/2013 - 21:27:14 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\SysNative\atmlib.dll   [46080]
O44 - LFC:[MD5.6A8692468662C2780717FACA07269CA6] - 22/02/2013 - 21:27:14 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll   [46080]
O44 - LFC:[MD5.DAFF45EACE818FA560BDA2E0672487F0] - 22/02/2013 - 21:27:14 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\SysNative\atmfd.dll   [362496]
O44 - LFC:[MD5.DAFF45EACE818FA560BDA2E0672487F0] - 22/02/2013 - 21:27:14 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll   [362496]
O44 - LFC:[MD5.60ED211B3D044EA5D3D7C9D1DE5FCD55] - 22/02/2013 - 21:23:18 ---A- . (...) -- C:\Windows\msxml4-KB2758694-enu.LOG   [264272]
O44 - LFC:[MD5.F8FA02451423DC2293D3C991CF18C4AA] - 21/02/2013 - 19:14:20 ---A- . (...) -- C:\Windows\wininit.ini   [116]
O44 - LFC:[MD5.4CA4361F9C6FA21B65821AD74D0CD081] - 05/01/2013 - 01:08:04 ---A- . (...) -- C:\Windows\SysNative\ApnDatabase.xml   [386577]
O44 - LFC:[MD5.7F38EFD2A0A2C393E8348A73073D6F8E] - 06/11/2012 - 05:18:37  . (...) -- C:\Windows\System32\localspl.dll   [478424]
O44 - LFC:[MD5.73FF017788E8494524F7348BE197E75A] - 11/10/2012 - 01:44:27 ---A- . (...) -- C:\Windows\SysNative\locale.nls   [478424]
O44 - LFC:[MD5.73FF017788E8494524F7348BE197E75A] - 11/10/2012 - 01:44:27 ---A- . (...) -- C:\Windows\System32\locale.nls   [478424]
O44 - LFC:[MD5.E72DE55561A739D3EF5C2BA1464F1298] - 20/09/2012 - 07:33:19 ---A- . (...) -- C:\Windows\SysNative\OEMLicense.dll   [110592]
O44 - LFC:[MD5.E72DE55561A739D3EF5C2BA1464F1298] - 20/09/2012 - 07:33:19 ---A- . (...) -- C:\Windows\System32\OEMLicense.dll   [110592]
~ Scan Files in 00mn 47s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.E3D3C21A1791A8C0F3CD91696F3E2C10] - 21/02/2013 - 11:58:01 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-F4258199.pf
O45 - LFCP:[MD5.DB12B7A3DA6282751E8E27347006A407] - 21/02/2013 - 11:58:03 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-20BD587A.pf
O45 - LFCP:[MD5.E1A106B4820163B8EB773E5277F4E3D5] - 21/02/2013 - 12:23:07 ---A- - C:\Windows\Prefetch\MSDT.EXE-A16F1692.pf
O45 - LFCP:[MD5.3EFC7BDE4823C640C298D6A5131ADCF8] - 21/02/2013 - 12:27:29 ---A- - C:\Windows\Prefetch\FIREFOX SETUP 19.0.EXE-5D36118A.pf
O45 - LFCP:[MD5.F73D93A841D87BE89A5AFA809D9DF9E3] - 21/02/2013 - 12:27:29 ---A- - C:\Windows\Prefetch\MAINTENANCESERVICE_INSTALLER.-A809585F.pf
O45 - LFCP:[MD5.C2C2CE7A5124117F58EAC12BAD9F5E90] - 21/02/2013 - 12:27:31 ---A- - C:\Windows\Prefetch\SETUP.EXE-D48DBDD5.pf
O45 - LFCP:[MD5.E5A4E998D6B262CD94ED77281E85C82E] - 21/02/2013 - 12:31:31 ---A- - C:\Windows\Prefetch\CCSETUP327.EXE-3BA6A55D.pf
O45 - LFCP:[MD5.B3D42ED124E1FD2317D0C6B652913704] - 21/02/2013 - 12:31:45 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-3EF0FCAE.pf
O45 - LFCP:[MD5.3558867F2B76599D50DAD1C0AFF1EA9F] - 21/02/2013 - 12:37:21 ---A- - C:\Windows\Prefetch\SETUP.EXE-649D5793.pf
O45 - LFCP:[MD5.589B1C19276EC5CECDC28907A2AFDE02] - 21/02/2013 - 12:37:34 ---A- - C:\Windows\Prefetch\DFSVC.EXE-AD35CBCB.pf
O45 - LFCP:[MD5.847723C0ED5960382FBD1BAF60450FBF] - 21/02/2013 - 12:46:13 ---A- - C:\Windows\Prefetch\TEAMSPEAK3-CLIENT-WIN32-3.0.9-C5542169.pf
O45 - LFCP:[MD5.03D6ED6360704C7C48FDB13B0947704C] - 21/02/2013 - 12:47:36 ---A- - C:\Windows\Prefetch\DIABLO-III-SETUP-FRFR.EXE-B6EE31FC.pf
O45 - LFCP:[MD5.E260059FBB162A6B977CF6B565D28B5E] - 21/02/2013 - 12:57:25 ---A- - C:\Windows\Prefetch\TERASETUP.TMP-B45D099F.pf
O45 - LFCP:[MD5.105D804963141CF5D41D4EFF4ADFE76D] - 21/02/2013 - 12:57:32 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-CA670C24.pf
O45 - LFCP:[MD5.D438A485524FB8D17D0E3AF72743686A] - 21/02/2013 - 12:58:45 ---A- - C:\Windows\Prefetch\DIABLO III SETUP.EXE-561AD521.pf
O45 - LFCP:[MD5.8B014463B87A209FB57E787E8552AF0C] - 21/02/2013 - 14:50:18 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.4B488CB127C399E2155BA91BA14D2B80] - 21/02/2013 - 14:51:18 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.50E1A029E9845BCC5152127C76ABCF6B] - 21/02/2013 - 14:57:46 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-B4940439.pf
O45 - LFCP:[MD5.59F7A9421949D9C51ECBBB590033435B] - 21/02/2013 - 14:58:38 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-9178D9A9.pf
O45 - LFCP:[MD5.EB1D87F4AE13C1B03A740F54A2B9BE8C] - 21/02/2013 - 15:00:35 ---A- - C:\Windows\Prefetch\NVSTVIEW.EXE-7C214AAF.pf
O45 - LFCP:[MD5.0F35E995E0EAE634A219C0C90AC44432] - 21/02/2013 - 15:00:51 ---A- - C:\Windows\Prefetch\NVSTWIZ.EXE-78A7DC7A.pf
O45 - LFCP:[MD5.99E2ECFC5A13552F88665CEB1FE412B6] - 21/02/2013 - 15:07:59 ---A- - C:\Windows\Prefetch\FP_PL_PFS_INSTALLER.EXE-7CB406E1.pf
O45 - LFCP:[MD5.1ABA2E490633656E091471F634950035] - 21/02/2013 - 18:26:44 ---A- - C:\Windows\Prefetch\ATUBE_CATCHER_SETUP.EXE-B71939B8.pf
O45 - LFCP:[MD5.34E7A750113EE39DA329D4C861258E89] - 21/02/2013 - 18:27:18 ---A- - C:\Windows\Prefetch\SETUP.EXE-2A6BCD91.pf
O45 - LFCP:[MD5.5C1E2C13D58F9688583C54DCF6D4A72C] - 21/02/2013 - 18:27:18 ---A- - C:\Windows\Prefetch\YONTOO-C4-1624.EXE-E33C7A71.pf
O45 - LFCP:[MD5.28A67772DBE5F8AF0C14207C2AD41B98] - 21/02/2013 - 18:27:25 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-4617DC20.pf
O45 - LFCP:[MD5.7338F8CBA10CFEA0248A34BAC4A32986] - 21/02/2013 - 18:27:38 ---A- - C:\Windows\Prefetch\MYBABYLONTB.EXE-6632430B.pf
O45 - LFCP:[MD5.F5E493D3B152C12DA0B35C1B62028B3D] - 21/02/2013 - 18:27:47 ---A- - C:\Windows\Prefetch\CCP.EXE-9F7D3BE2.pf
O45 - LFCP:[MD5.6F64A6A141DDCEDC96CBFCE7B1F530A6] - 21/02/2013 - 18:34:02 ---A- - C:\Windows\Prefetch\APN_ATU3_.EXE-154911C6.pf
O45 - LFCP:[MD5.2C5D08CEFE44EC09F92D7F2A85CDEF1F] - 21/02/2013 - 18:34:02 ---A- - C:\Windows\Prefetch\ATUBE_CATCHER_SETUP [1].EXE-F249752D.pf
O45 - LFCP:[MD5.4501BAEA29AD6F5D4A407161BECEEEB4] - 21/02/2013 - 18:34:21 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-9322DE7C.pf
O45 - LFCP:[MD5.91F3E871D0C27B2BE8204AC5FBC77DE7] - 21/02/2013 - 18:37:19 ---A- - C:\Windows\Prefetch\EMANUAL.EXE-0690D871.pf
O45 - LFCP:[MD5.DAAEC5513A6485962AF849AB087839ED] - 21/02/2013 - 18:37:28 ---A- - C:\Windows\Prefetch\GLCND.EXE-DD45F588.pf
O45 - LFCP:[MD5.4371B980DE58970FBAEC5D43710B268D] - 21/02/2013 - 18:37:28 ---A- - C:\Windows\Prefetch\PCSPEEDUP.TMP-AD46DDC4.pf
O45 - LFCP:[MD5.8E4F60D437F2058054604EB8D996C485] - 21/02/2013 - 18:38:32 ---A- - C:\Windows\Prefetch\VIZORHTMLDIALOG.EXE-A91B4E31.pf
O45 - LFCP:[MD5.9D828CAF8DAFB9C774BEFD8DEF78C75F] - 21/02/2013 - 18:38:46 ---A- - C:\Windows\Prefetch\CORESERVICESHELL.EXE-44D575CE.pf
O45 - LFCP:[MD5.93EC0096B81AE802E1CE1B66D948EF8C] - 21/02/2013 - 18:38:51 ---A- - C:\Windows\Prefetch\COREFRAMEWORKHOST.EXE-EE1576E5.pf
O45 - LFCP:[MD5.3A064F12D343DD8447270039A2FB50C6] - 21/02/2013 - 18:39:10 ---A- - C:\Windows\Prefetch\YCT.EXE-6FF63400.pf
O45 - LFCP:[MD5.5C3A9415949920089188362D3C6AC9FA] - 21/02/2013 - 18:41:20 ---A- - C:\Windows\Prefetch\SILVERLIGHT.EXE-D9187617.pf
O45 - LFCP:[MD5.46AF7793B64140219FE01A0FCC266E43] - 21/02/2013 - 18:42:06 ---A- - C:\Windows\Prefetch\SLLAUNCHER.EXE-26DFC5F7.pf
O45 - LFCP:[MD5.26FFB0C594296B7C823EEC4F6444F72E] - 21/02/2013 - 19:14:30 ---A- - C:\Windows\Prefetch\AU_.EXE-28B7523F.pf
O45 - LFCP:[MD5.955B2DCD1C7048E8D3C7813F540864DD] - 21/02/2013 - 19:15:26 ---A- - C:\Windows\Prefetch\IKERNEL.EXE-A20794A6.pf
O45 - LFCP:[MD5.3F8BA6FF4CEC17873C4C43249EDB8E87] - 21/02/2013 - 19:15:26 ---A- - C:\Windows\Prefetch\SETD4E2.TMP-8D77DAD5.pf
O45 - LFCP:[MD5.A8704C439324622C5C9CB660CAAD780B] - 21/02/2013 - 19:15:41 ---A- - C:\Windows\Prefetch\UNINS000.EXE-29FAB8A1.pf
O45 - LFCP:[MD5.DD53C5844866D1E770FF7761FAA3B190] - 21/02/2013 - 19:15:42 ---A- - C:\Windows\Prefetch\_IU14D2N.TMP-3284F7E4.pf
O45 - LFCP:[MD5.DC753E3355D3440F5FE48F5E740768A0] - 21/02/2013 - 19:19:03 ---A- - C:\Windows\Prefetch\NVCPLUI.EXE-B2F25190.pf
O45 - LFCP:[MD5.E543E19F63F72D70FEECFA461E8E43E3] - 21/02/2013 - 20:17:46 ---A- - C:\Windows\Prefetch\SFXMM_EU.EXE-61970222.pf
O45 - LFCP:[MD5.F2A5F960E2CF104B92FFA04902E1B876] - 21/02/2013 - 20:19:29 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-276AC160.pf
O45 - LFCP:[MD5.35B36F8A73BB6DA1765020655A75D37B] - 21/02/2013 - 20:46:22 ---A- - C:\Windows\Prefetch\AgAppLaunch.db
O45 - LFCP:[MD5.3567EC7C7A9DA9FC7186F6CD2588060B] - 21/02/2013 - 20:50:58 ---A- - C:\Windows\Prefetch\RELPOST.EXE-AC41CDAF.pf
O45 - LFCP:[MD5.D3945A2FC35DD92CC3D9F225FE887629] - 21/02/2013 - 20:52:20 ---A- - C:\Windows\Prefetch\AgCx_SC4.db
O45 - LFCP:[MD5.44AE006BC9B7D1003DA432113F44F7E4] - 21/02/2013 - 20:58:49 ---A- - C:\Windows\Prefetch\LEAGUEOFLEGENDS.EXE-B9E87BD8.pf
O45 - LFCP:[MD5.6A0CB04039372ED55FA35181C6FDF07F] - 21/02/2013 - 23:20:57 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-AC024951.pf
O45 - LFCP:[MD5.6590347BE1243222C9731821D5B9D237] - 22/02/2013 - 00:18:22 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-B28CC291.pf
O45 - LFCP:[MD5.2C9A268ED21F167286B13E8C1655B47E] - 22/02/2013 - 00:50:15 ---A- - C:\Windows\Prefetch\SETUP_WM.EXE-5D2609E7.pf
O45 - LFCP:[MD5.D8883006D0B3765734FDC61FD139F00D] - 22/02/2013 - 00:50:53 ---A- - C:\Windows\Prefetch\SKYDRIVESETUP.EXE-ACD69350.pf
O45 - LFCP:[MD5.3604C89FC7BE93E8DCAD45A6EB900ED3] - 22/02/2013 - 00:53:40 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-917C29EF.pf
O45 - LFCP:[MD5.1B1637F3FEE4B2257C360534B5D200C6] - 22/02/2013 - 19:07:10 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-94CE7668.pf
O45 - LFCP:[MD5.08BE80D43CCC5BD55654B3FDCE6AA528] - 22/02/2013 - 19:08:59 ---A- - C:\Windows\Prefetch\WLSTARTUP.EXE-9F0A892A.pf
O45 - LFCP:[MD5.A0D409D81952E73129B375A6D8FA41B7] - 22/02/2013 - 19:09:25 ---A- - C:\Windows\Prefetch\LEAGUE OF LEGENDS.EXE-3030C030.pf
O45 - LFCP:[MD5.1F0D8B28194F449F090F86AFF0AD76B6] - 22/02/2013 - 21:23:18 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-BAE57A74.pf
O45 - LFCP:[MD5.712E6CEA2ACE7DA89EA10AD6971767B0] - 23/02/2013 - 12:31:41 ---A- - C:\Windows\Prefetch\PERFMON.EXE-BD9AD925.pf
O45 - LFCP:[MD5.4724B0CFE76CBFC31B9B1F360EB3754B] - 23/02/2013 - 13:37:54 ---A- - C:\Windows\Prefetch\MSASCUI.EXE-4ED47FD9.pf
O45 - LFCP:[MD5.FB6174E0487D4DB8257A30E4F327F603] - 23/02/2013 - 16:41:29 ---A- - C:\Windows\Prefetch\UI.EXE-5B925A12.pf
O45 - LFCP:[MD5.24D01ED460DB9D626A2C16A7093E9480] - 23/02/2013 - 16:41:39 ---A- - C:\Windows\Prefetch\SETUP.EXE-76220F13.pf
O45 - LFCP:[MD5.946219EC7A9D3F608BBE9FA65AD9E226] - 23/02/2013 - 16:45:09 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-59372B69.pf
O45 - LFCP:[MD5.78D87ECCEA13917508CBDC449B82BBD5] - 23/02/2013 - 16:46:04 ---A- - C:\Windows\Prefetch\TIWORKER.EXE-8283E885.pf
O45 - LFCP:[MD5.C2720FB57711831225DE1F8444A27824] - 23/02/2013 - 16:57:42 ---A- - C:\Windows\Prefetch\LIVEUPDT.EXE-0B47EA81.pf
O45 - LFCP:[MD5.E0D8ADCCDA9F2FECAF158D84CA553120] - 23/02/2013 - 17:08:42 ---A- - C:\Windows\Prefetch\MAP.EXE-64827744.pf
O45 - LFCP:[MD5.47D9CD7A1EE7E16C4CF6984AB0CDFC25] - 23/02/2013 - 17:09:56 ---A- - C:\Windows\Prefetch\ADERA.WIN8.EXE-DFC2879F.pf
O45 - LFCP:[MD5.0453F689C6972FE1E00B7ACD527441E2] - 23/02/2013 - 17:10:00 ---A- - C:\Windows\Prefetch\CREDENTIALUIBROKER.EXE-E9F92FD0.pf
O45 - LFCP:[MD5.3E20A9129862018612FE8A74B87E66DC] - 23/02/2013 - 17:12:52 ---A- - C:\Windows\Prefetch\PINBALLFX2.EXE-800BAF1C.pf
O45 - LFCP:[MD5.9A06406F81C0A0FECF3E361BC7654FAB] - 23/02/2013 - 18:58:21 ---A- - C:\Windows\Prefetch\WINSAT.EXE-A854C4D0.pf
O45 - LFCP:[MD5.A789453FD0F807C0AD16E049DB74CEC4] - 23/02/2013 - 20:44:33 ---A- - C:\Windows\Prefetch\RADS_USER_KERNEL.EXE-87E9365D.pf
O45 - LFCP:[MD5.34C92F98B688C52F1851536047AEF46E] - 23/02/2013 - 21:09:50 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-477C7598.pf
O45 - LFCP:[MD5.41F898D6B8E3DDD65CD00D7E2E0AA592] - 23/02/2013 - 21:23:41 ---A- - C:\Windows\Prefetch\WOW-64.EXE-0AC266BA.pf
O45 - LFCP:[MD5.BAB8628724587C04A21EE3ABF0ACB5CC] - 23/02/2013 - 21:28:29 ---A- - C:\Windows\Prefetch\CONTROL.EXE-5BCB0217.pf
O45 - LFCP:[MD5.05301A6382FB98516EE0FB36A68A5065] - 23/02/2013 - 21:29:11 ---A- - C:\Windows\Prefetch\Op-EXPLORER.EXE-03C49D11-000000F5.pf
O45 - LFCP:[MD5.584D13146FA32110F8ECB7EF032078B5] - 23/02/2013 - 23:02:19 ---A- - C:\Windows\Prefetch\LOL.LAUNCHER.EXE-C9E8D2ED.pf
O45 - LFCP:[MD5.C0846727D50C39D6827D0CDAF71C7486] - 23/02/2013 - 23:02:30 ---A- - C:\Windows\Prefetch\LOLLAUNCHER.EXE-2D595041.pf
O45 - LFCP:[MD5.F1B757B52324AF58CC5E38AC52B75C53] - 23/02/2013 - 23:02:33 ---A- - C:\Windows\Prefetch\LOLCLIENT.EXE-293F2920.pf
O45 - LFCP:[MD5.875E42A92F6CA173FBC86FB19C9D0BF5] - 23/02/2013 - 23:05:03 ---A- - C:\Windows\Prefetch\LEAGUE OF LEGENDS.EXE-97C0E4B2.pf
O45 - LFCP:[MD5.3C81BC65B2A7240A60043507F35DFD07] - 24/02/2013 - 03:00:31 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-4A7CF88B.pf
O45 - LFCP:[MD5.ECE7B82607F5A6C5864635C8C3F59D46] - 24/02/2013 - 18:50:25 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-A4D505B3.pf
O45 - LFCP:[MD5.F20240F6DAD12A5D3EC9DB0268DB5D45] - 24/02/2013 - 21:17:23 ---A- - C:\Windows\Prefetch\TS3CLIENT_WIN32.EXE-26D5913B.pf
O45 - LFCP:[MD5.05B9711E010FF4E7967955D53C13E864] - 25/02/2013 - 00:46:34 ---A- - C:\Windows\Prefetch\dynreservedpri.db
O45 - LFCP:[MD5.3E40544F8447854159BC703187269C7F] - 25/02/2013 - 00:46:47 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-22AD8A37.pf
O45 - LFCP:[MD5.BE0C573D108A0789462F773919180917] - 25/02/2013 - 00:46:47 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5511E724.pf
O45 - LFCP:[MD5.0CE700018CE751C7FEE5F9956A236798] - 25/02/2013 - 02:42:11 ---A- - C:\Windows\Prefetch\BUBBLES.SCR-55ABA833.pf
O45 - LFCP:[MD5.D85A5D6A6528719AD0D570F86C03FADE] - 25/02/2013 - 03:00:14 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-9E940D77.pf
O45 - LFCP:[MD5.0015213ECA955570BD201379B13CDC23] - 25/02/2013 - 03:02:09 ---A- - C:\Windows\Prefetch\VSSVC.EXE-206E55B3.pf
O45 - LFCP:[MD5.DCB7869BCC19E6B7069BE979F303367F] - 25/02/2013 - 03:02:10 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-574A519D.pf
O45 - LFCP:[MD5.5479993BEF48CA84241A7665D77828EB] - 25/02/2013 - 08:57:14 ---A- - C:\Windows\Prefetch\AGENT.EXE-9A8FEB0A.pf
O45 - LFCP:[MD5.CE96E800F074F7403216AA8602BC6A29] - 25/02/2013 - 08:57:15 ---A- - C:\Windows\Prefetch\BLIZZARD LAUNCHER.EXE-875323F3.pf
O45 - LFCP:[MD5.647CC8D9494BC1CDCA87DCA6D4E66DE8] - 25/02/2013 - 08:57:15 ---A- - C:\Windows\Prefetch\WORLD OF WARCRAFT LAUNCHER.EX-62EE6F83.pf
O45 - LFCP:[MD5.40EE4ECDA9164B07330C827DA128D3E8] - 25/02/2013 - 08:57:24 ---A- - C:\Windows\Prefetch\AGENT.EXE-11EECC04.pf
O45 - LFCP:[MD5.14E34364A78B85942C50C23D83C7659F] - 25/02/2013 - 08:57:25 ---A- - C:\Windows\Prefetch\BLIZZARD LAUNCHER.EXE-BB479EBA.pf
O45 - LFCP:[MD5.353B8BA6BB854C67F6F1583EE64D1934] - 25/02/2013 - 16:54:14 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-05B3EDF6.pf
O45 - LFCP:[MD5.4A30DC85D13E29E000D4995EBC86D6C7] - 25/02/2013 - 18:29:24 ---A- - C:\Windows\Prefetch\AWESOMIUM_PROCESS.EXE-5A549A8F.pf
O45 - LFCP:[MD5.E643A520564BD372379C2BFD29EEBA4A] - 25/02/2013 - 20:54:04 ---A- - C:\Windows\Prefetch\POQEXEC.EXE-43A49B23.pf
O45 - LFCP:[MD5.52A7FA9E3CD777C2BC57A6C38B6A58C6] - 25/02/2013 - 22:39:53 ---A- - C:\Windows\Prefetch\NVSCPAPISVR.EXE-90AEDE0C.pf
O45 - LFCP:[MD5.DFF361B6790E7CE3ADD78322FB24F390] - 25/02/2013 - 22:39:53 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-3DB50F77.pf
O45 - LFCP:[MD5.AD4512F854B8616ABAAE33007179158E] - 25/02/2013 - 22:39:53 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7B92DD11.pf
O45 - LFCP:[MD5.A3772B26F802FCB34ABB8A717DB1DC2D] - 25/02/2013 - 22:39:53 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-A9C56146.pf
O45 - LFCP:[MD5.9FD170614FEC80B5912FFF13AE185F32] - 25/02/2013 - 22:39:53 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-BC2C1FDA.pf
O45 - LFCP:[MD5.EAE62C2E7493FF5E2AC20F959B13FEE9] - 25/02/2013 - 22:39:53 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-BD1BACA1.pf
O45 - LFCP:[MD5.B487A44FF20002967B900B1A22453547] - 25/02/2013 - 22:40:16 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-DACB5D4F.pf
O45 - LFCP:[MD5.36F5A80CB228E6C229E470199A57F304] - 25/02/2013 - 22:41:17 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-A2BD634E.pf
O45 - LFCP:[MD5.61FE0A4D8D586C589AA897912603F6C2] - 25/02/2013 - 22:41:29 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-3290E8FC.pf
O45 - LFCP:[MD5.3784D8467E5F672027D584C08D519CA8] - 25/02/2013 - 22:41:42 ---A- - C:\Windows\Prefetch\NETCFG.EXE-C0380465.pf
O45 - LFCP:[MD5.04F2F746537AD337F44CB520787D0B5B] - 25/02/2013 - 22:41:58 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-E1DBB6D8.pf
O45 - LFCP:[MD5.C70A42A1D561D6A64164338113735D0F] - 25/02/2013 - 22:44:41 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-422735A5.pf
O45 - LFCP:[MD5.25CDDF380331B7DA5E0FF9676C5A1BCB] - 25/02/2013 - 22:44:41 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-BA90B5C4.pf
O45 - LFCP:[MD5.402B63F0360D37D2A96826C22F813B0F] - 25/02/2013 - 22:44:41 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-C1385133.pf
O45 - LFCP:[MD5.F9F5B76DB638DD8626FF737828940264] - 25/02/2013 - 22:44:41 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-AAB0060C.pf
O45 - LFCP:[MD5.F7689BF4B1B759955458F7C4C0CB287F] - 25/02/2013 - 22:44:45 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-05C87238.pf
O45 - LFCP:[MD5.8705798DED94384B9156C1CE2AA7E445] - 25/02/2013 - 22:44:45 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-1B8BD683.pf
O45 - LFCP:[MD5.40EA697DA96511E23969F38857E857C9] - 25/02/2013 - 22:44:45 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-508DBE25.pf
O45 - LFCP:[MD5.DE02CC74BE13C69D23D31EC30DC69A41] - 25/02/2013 - 22:44:57 ---A- - C:\Windows\Prefetch\UNREGMP2.EXE-800E8C32.pf
O45 - LFCP:[MD5.41665ECB7AB9B0ED3A98985866688796] - 25/02/2013 - 22:46:59 ---A- - C:\Windows\Prefetch\ADOBEARM.EXE-813E932C.pf
O45 - LFCP:[MD5.04A3BBEBE7B525F88CED35DF9FAEA48D] - 25/02/2013 - 22:47:04 ---A- - C:\Windows\Prefetch\AICHARGERAP.EXE-60EB3008.pf
O45 - LFCP:[MD5.991C21EA6223A3338746D19E9CED2C30] - 25/02/2013 - 22:47:06 ---A- - C:\Windows\Prefetch\READER_SL.EXE-350EE930.pf
O45 - LFCP:[MD5.34EA26E7BD45A1EE97E2601B6E24FC0C] - 25/02/2013 - 22:47:32 ---A- - C:\Windows\Prefetch\ALU.EXE-0754CB12.pf
O45 - LFCP:[MD5.ABE63301FFA4B45E7A7B19D1DA182FDF] - 25/02/2013 - 22:47:32 ---A- - C:\Windows\Prefetch\PDVD10SERV.EXE-99C8A7B5.pf
O45 - LFCP:[MD5.E89700723FAFCDDA5F8DFFD27DF931B3] - 25/02/2013 - 22:48:56 ---A- - C:\Windows\Prefetch\UTILMAN.EXE-3520356C.pf
O45 - LFCP:[MD5.A6F4E227D9B98E8AAF5D9E2A8AE386A9] - 25/02/2013 - 23:02:41 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-14FECFA1.pf
O45 - LFCP:[MD5.2F4DFE932E8768E110A80248BC0BDDD6] - 25/02/2013 - 23:02:41 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-44194444.pf
O45 - LFCP:[MD5.225338D34D52B730BD6B6B7863F963D2] - 25/02/2013 - 23:03:06 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-BB49B536.pf
O45 - LFCP:[MD5.0B3DC427485315845563940884F9AE6A] - 25/02/2013 - 23:03:08 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-1B28B747.pf
O45 - LFCP:[MD5.CB46B266613AD7CF5A53E081FABB3EFC] - 25/02/2013 - 23:03:37 ---A- - C:\Windows\Prefetch\WUDFHOST.EXE-0D78D366.pf
O45 - LFCP:[MD5.ECA36D96F7688C3113C9A5B595F4EBCD] - 25/02/2013 - 23:03:47 ---A- - C:\Windows\Prefetch\WERMGR.EXE-D948C216.pf
O45 - LFCP:[MD5.19F41DDF73B557435CEE413601016DE4] - 25/02/2013 - 23:03:57 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-91857370.pf
O45 - LFCP:[MD5.4FB051BE1E9A8D3A4066FC5BAFF64ACA] - 25/02/2013 - 23:05:40 ---A- - C:\Windows\Prefetch\STEAMSERVICETMP.EXE-888C3879.pf
O45 - LFCP:[MD5.278045A3CBA507FA818E684B11C9F28E] - 25/02/2013 - 23:06:21 ---A- - C:\Windows\Prefetch\SYSTEMSETTINGS.EXE-D8CC3B5E.pf
O45 - LFCP:[MD5.EA8E08CC4E5433F842C2CDE9126EF0D4] - 25/02/2013 - 23:06:29 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-214598FD.pf
O45 - LFCP:[MD5.0CB688B7F2038F81D6D0D5F616AF7227] - 25/02/2013 - 23:06:31 ---A- - C:\Windows\Prefetch\PICKERHOST.EXE-03F09186.pf
O45 - LFCP:[MD5.FD96C176E63C0FACFCC0933E90685E91] - 25/02/2013 - 23:06:34 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-B331F1D0.pf
O45 - LFCP:[MD5.713F1D88BC19742D991A01F729A35956] - 25/02/2013 - 23:08:03 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-0F50C8A7.pf
O45 - LFCP:[MD5.041E863CC5E9165067B83F34DC20388A] - 25/02/2013 - 23:13:34 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3F4.pf
O45 - LFCP:[MD5.8D2985C8530C92114E29CE3B3B4E411D] - 25/02/2013 - 23:13:39 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-7242160E.pf
O45 - LFCP:[MD5.49E6AB3D0FF46473CF07B40AF66F299B] - 25/02/2013 - 23:13:40 ---A- - C:\Windows\Prefetch\SETUP.EXE-9C1AFF14.pf
O45 - LFCP:[MD5.596EB294672C907D8E7C7F614F3633F5] - 25/02/2013 - 23:13:43 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2D.pf
O45 - LFCP:[MD5.946E9CCF7C0E2939A46379FDDEDA489B] - 25/02/2013 - 23:13:45 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf
O45 - LFCP:[MD5.A6F5785C713340A8D65B1992660862B1] - 25/02/2013 - 23:13:45 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf
O45 - LFCP:[MD5.17AF14E7A732638844797104F578945C] - 25/02/2013 - 23:13:55 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-62E5E10F.pf
O45 - LFCP:[MD5.C2DCD7B4C5BEFD843D1CDE8CF6B06AD2] - 25/02/2013 - 23:47:18 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C7028A70.pf
O45 - LFCP:[MD5.859714B56170B413489C58DC327DB98A] - 26/02/2013 - 00:07:02 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-E0E5E52F.pf
O45 - LFCP:[MD5.5BADF5AAF9BE2D6B9F0B935ED169832C] - 26/02/2013 - 00:07:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-23205583.pf
O45 - LFCP:[MD5.0F6F8BFAB38D96F9E36F865632A46916] - 26/02/2013 - 00:21:41 ---A- - C:\Windows\Prefetch\MSCONFIG.EXE-97CC4E38.pf
O45 - LFCP:[MD5.9EEE2B054087F05B8358070147326F02] - 26/02/2013 - 00:21:56 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-39AABA37.pf
O45 - LFCP:[MD5.03B5447D341BD289CE78422EF2202DF2] - 26/02/2013 - 00:36:32 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-55FE3087.pf
O45 - LFCP:[MD5.03FDDABBFDBF82C595E94112B1E5163E] - 26/02/2013 - 00:41:12 ---A- - C:\Windows\Prefetch\TERA-LAUNCHER.EXE-FEF34CA6.pf
O45 - LFCP:[MD5.4823B08A7583CD2CF024FCC7141E4039] - 26/02/2013 - 00:41:43 ---A- - C:\Windows\Prefetch\TL.EXE-7FC49926.pf
O45 - LFCP:[MD5.66802158E4EE1E1D26B92C03957FA28D] - 26/02/2013 - 00:41:45 ---A- - C:\Windows\Prefetch\TERA.EXE-A9218EDF.pf
O45 - LFCP:[MD5.C0023E57731EDAB7AC4B28E77AAFFFA6] - 26/02/2013 - 02:07:49 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.DC8B3D0220E60E637DBCA0C138FB48D5] - 26/02/2013 - 02:07:49 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.B3F97915EEF9AF9F9BDACA72D26D0897] - 26/02/2013 - 02:07:50 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.148C96919B7B02B01F0E05ADA747FAE4] - 26/02/2013 - 02:07:50 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.529602C62B2F2E33CA6F918B154CBB60] - 26/02/2013 - 02:17:21 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-E35F76FB.pf
O45 - LFCP:[MD5.C6531552AEDA2094B13E516F3B54772E] - 26/02/2013 - 02:17:30 ---A- - C:\Windows\Prefetch\SMSS.EXE-81AD91F0.pf
O45 - LFCP:[MD5.33FBF579ED00E7003E89B747D7E5E90C] - 26/02/2013 - 12:09:40 ---A- - C:\Windows\Prefetch\CSRSS.EXE-A7A2B218.pf
O45 - LFCP:[MD5.EF1A60CCFDECF1281586AA96830F1BF9] - 26/02/2013 - 12:09:40 ---A- - C:\Windows\Prefetch\WINLOGON.EXE-0D9AB72B.pf
O45 - LFCP:[MD5.F11871B0206A7B8C3CA1FC5F6BAC6E3B] - 26/02/2013 - 12:09:41 ---A- - C:\Windows\Prefetch\DWM.EXE-F29FE9E2.pf
O45 - LFCP:[MD5.73223B249BE7EDD3358382E2CDFBF24E] - 26/02/2013 - 12:09:42 ---A- - C:\Windows\Prefetch\NVVSVC.EXE-D5489D80.pf
O45 - LFCP:[MD5.4FA086D86ADC7EA31559512CDE23D3C8] - 26/02/2013 - 12:09:43 ---A- - C:\Windows\Prefetch\NVXDSYNC.EXE-7855AED2.pf
O45 - LFCP:[MD5.05C32B3DC1F23C3A77F6361908703424] - 26/02/2013 - 12:09:50 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-F2C7AEBC.pf
O45 - LFCP:[MD5.53AC192DAB045CA87B9BB23F2AFB2249] - 26/02/2013 - 12:09:53 ---A- - C:\Windows\Prefetch\ATBROKER.EXE-8B8F7F7C.pf
O45 - LFCP:[MD5.0087145CB4EC91B92E06D74B1EA58386] - 26/02/2013 - 12:09:57 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-6999291C.pf
O45 - LFCP:[MD5.C3C2BAE8F03120713A72554E2EA2E2E0] - 26/02/2013 - 12:10:02 ---A- - C:\Windows\Prefetch\USERINIT.EXE-7FD17ED1.pf
O45 - LFCP:[MD5.384071D07E7C0E4281029F3356DF940F] - 26/02/2013 - 12:10:03 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf
O45 - LFCP:[MD5.A20E05820505B1E2FB5254859CB4A1A1] - 26/02/2013 - 12:10:15 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-A552BE96.pf
O45 - LFCP:[MD5.4C3D083963D1CD6FC004EAFD3745DD35] - 26/02/2013 - 12:10:23 ---A- - C:\Windows\Prefetch\PMB.EXE-32B85BAB.pf
O45 - LFCP:[MD5.543D2BBE77AD3E0B220415EA060FD166] - 26/02/2013 - 12:10:23 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-E874B0D0.pf
O45 - LFCP:[MD5.BA5AD23AE8D6B487CEFF0F0950C57135] - 26/02/2013 - 12:10:23 ---A- - C:\Windows\Prefetch\STEAM.EXE-E1CA0477.pf
O45 - LFCP:[MD5.46BEA017B2279FA2AD8014554A42A31C] - 26/02/2013 - 12:10:23 ---A- - C:\Windows\Prefetch\STEAMERRORREPORTER.EXE-39CB4DB0.pf
O45 - LFCP:[MD5.DE84929BC6BF03031115F796E044C1E5] - 26/02/2013 - 12:10:23 ---A- - C:\Windows\Prefetch\UISEAGNT.EXE-D40B55FD.pf
O45 - LFCP:[MD5.3A3C25B45BEA682F600439F5CFC88CE6] - 26/02/2013 - 12:10:25 ---A- - C:\Windows\Prefetch\CURSECLIENT.EXE-A6BF189C.pf
O45 - LFCP:[MD5.93A7B9A793B63A1E8655DB7F30C29EEB] - 26/02/2013 - 12:10:25 ---A- - C:\Windows\Prefetch\VDECK.EXE-815C8D0F.pf
O45 - LFCP:[MD5.964036F22CA4BBA6B820C22E1E387D55] - 26/02/2013 - 12:10:35 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6AA5D6C5.pf
O45 - LFCP:[MD5.E2BE96985310AD614DFB0C524964FA37] - 26/02/2013 - 12:11:06 ---A- - C:\Windows\Prefetch\AgCx_SC5.db
O45 - LFCP:[MD5.D2A31F608F8363603EE2699362A45DC9] - 26/02/2013 - 12:11:24 ---A- - C:\Windows\Prefetch\STEAMSERVICE.EXE-F3ADB84C.pf
O45 - LFCP:[MD5.0E160F50B605AA0E663568DDF6B1DBA6] - 26/02/2013 - 12:11:39 ---A- - C:\Windows\Prefetch\PRESENTATIONFONTCACHE.EXE-E2702CF2.pf
O45 - LFCP:[MD5.CBC1A0880907F44D5A3D2C85B546EC39] - 26/02/2013 - 12:11:39 ---A- - C:\Windows\Prefetch\TIWORKER.EXE-D3BFD41F.pf
O45 - LFCP:[MD5.2FA314FF260F1BB9173101E38CB66430] - 26/02/2013 - 12:20:40 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EA0A52C8.pf
O45 - LFCP:[MD5.EEA6D97A262C12ED45080A140FCFD78A] - 26/02/2013 - 12:20:46 ---A- - C:\Windows\Prefetch\NGEN.EXE-383F81D5.pf
O45 - LFCP:[MD5.311F0857942AE1F6C63E7BEB5112216C] - 26/02/2013 - 12:20:47 ---A- - C:\Windows\Prefetch\TASKHOSTEX.EXE-7356AAC0.pf
O45 - LFCP:[MD5.E2027AEA86415B9032F6D02299CB6F26] - 26/02/2013 - 12:20:49 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.2A9B74AF18BEE6219BDDA596DB242A5D] - 26/02/2013 - 12:20:50 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-D593A5D9.pf
O45 - LFCP:[MD5.DEDF02FFB51D747163953A937B54D3FB] - 26/02/2013 - 12:20:50 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-7D20CFB0.pf
O45 - LFCP:[MD5.333385A2355161D84BE897FFAC75C646] - 26/02/2013 - 12:20:50 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-3C5D03F7.pf
O45 - LFCP:[MD5.7EA3507519AA7E7CD1129BF57A4F962F] - 26/02/2013 - 12:20:51 ---A- - C:\Windows\Prefetch\SETTINGSYNCHOST.EXE-DD400067.pf
O45 - LFCP:[MD5.06571B5AA1ACB6FF8C31CF3DA6B6A98C] - 26/02/2013 - 12:20:53 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-4DB88ADA.pf
O45 - LFCP:[MD5.6D562F2290BBDCA26A5CD296DD874D16] - 26/02/2013 - 12:20:53 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-CD4E002C.pf
O45 - LFCP:[MD5.CE3438BE1E8996244F2DF1407ED67D3F] - 26/02/2013 - 12:20:58 ---A- - C:\Windows\Prefetch\NGEN.EXE-A8DBB043.pf
O45 - LFCP:[MD5.207DF0CB3840415A90847EFFE3695266] - 26/02/2013 - 12:25:10 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4193420163-18762517-666639222-1001.db
O45 - LFCP:[MD5.C57218FB00FC163A048AA2F93EBF2CB5] - 26/02/2013 - 12:25:10 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-4193420163-18762517-666639222-1001.db
O45 - LFCP:[MD5.8722F926276F50906BCB29881A55F6A6] - 26/02/2013 - 12:25:30 ---A- - C:\Windows\Prefetch\ADWCLEANER.EXE-6C510F3C.pf
O45 - LFCP:[MD5.B9592976168EF67A1FA2D6D72CCEE43A] - 26/02/2013 - 12:25:50 ---A- - C:\Windows\Prefetch\ADWCLEANER.EXE-2CAD9D67.pf
O45 - LFCP:[MD5.2AD4A4833BAD2A59E3A34826627F93C5] - 26/02/2013 - 12:27:14 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.1D8FDE2A1852A58E50B495598828E809] - 26/02/2013 - 12:28:45 ---A- - C:\Windows\Prefetch\LPKSETUP.EXE-EE6EE0C2.pf
O45 - LFCP:[MD5.1495859D26CC7E1CE8F8226B5BA78A19] - 26/02/2013 - 12:28:45 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-24EFAC77.pf
O45 - LFCP:[MD5.4361D5C99DA918647753791B21E1F587] - 26/02/2013 - 12:28:45 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-EF8503D3.pf
O45 - LFCP:[MD5.F505AE58CD6D9EC0E2F6908C0C4D53E1] - 26/02/2013 - 12:28:45 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-B018CCBF.pf
O45 - LFCP:[MD5.17FF672C4A2EA1B56569681E750F3C21] - 26/02/2013 - 12:28:45 ---A- - C:\Windows\Prefetch\UIWINMGR.EXE-2626B3A0.pf
O45 - LFCP:[MD5.3AA8FD3F6B910E0298DB559E031AF044] - 26/02/2013 - 12:28:48 ---A- - C:\Windows\Prefetch\CONHOST.EXE-F98A1078.pf
O45 - LFCP:[MD5.6F76FA2E2D382C51453F5320437BC4F7] - 26/02/2013 - 12:28:48 ---A- - C:\Windows\Prefetch\CSC.EXE-5D776659.pf
O45 - LFCP:[MD5.4AF261649F0345E1BA79EE80D93675F9] - 26/02/2013 - 12:28:48 ---A- - C:\Windows\Prefetch\CVTRES.EXE-BDD69BD7.pf
O45 - LFCP:[MD5.3428DB1ED3E03879C6629DD47EA361ED] - 26/02/2013 - 12:28:57 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-9848A323.pf
O45 - LFCP:[MD5.0EDB9465B9E0D6591EB6664F024C5677] - 26/02/2013 - 12:29:04 ---A- - C:\Windows\Prefetch\YONTOODESKTOP.EXE-A5DC06F9.pf
O45 - LFCP:[MD5.E9521DD8328302EE02590FE89684E828] - 26/02/2013 - 12:29:18 ---A- - C:\Windows\Prefetch\DXDIAG.EXE-E938457F.pf
O45 - LFCP:[MD5.ABE3ED3F784D4BD0102A4E7C89C516E1] - 26/02/2013 - 12:29:32 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-528BC649.pf
O45 - LFCP:[MD5.F1483EE01516494F01256DD9974DEC22] - 26/02/2013 - 12:29:43 ---A- - C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-E510713D.pf
O45 - LFCP:[MD5.E29BA47ED2342EC6BAE9BA71CD3EDAEA] - 26/02/2013 - 12:29:43 ---A- - C:\Windows\Prefetch\UIWATCHDOG.EXE-E52649F8.pf
O45 - LFCP:[MD5.AE661054F6BB06805D619C24A1ABA2E5] - 26/02/2013 - 12:29:44 ---A- - C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_6_602_16-246084F5.pf
O45 - LFCP:[MD5.9699300BA2200B2BD46E489D7E765289] - 26/02/2013 - 12:29:57 ---A- - C:\Windows\Prefetch\WSCSTATUSCONTROLLER.EXE-CB8844A6.pf
O45 - LFCP:[MD5.FFEFFD98AC63D608CD261F1B9E4AE726] - 26/02/2013 - 12:30:12 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-6520183E.pf
O45 - LFCP:[MD5.619932CA64835C879405E402AEC8482C] - 26/02/2013 - 12:30:14 ---A- - C:\Windows\Prefetch\FABS.EXE-4F92BFA7.pf
O45 - LFCP:[MD5.B30B08F3AC86866FDA259BFF7A3F2230] - 26/02/2013 - 12:30:14 ---A- - C:\Windows\Prefetch\LMS.EXE-409EDB07.pf
O45 - LFCP:[MD5.658FAC7835D6E15F4D4F1DDDA805BFA9] - 26/02/2013 - 12:30:15 ---A- - C:\Windows\Prefetch\NASVC.EXE-314DC6C9.pf
O45 - LFCP:[MD5.50F1415F1F91BAA34B82D0523F0A06F3] - 26/02/2013 - 12:30:21 ---A- - C:\Windows\Prefetch\UNS.EXE-9B1279FB.pf
O45 - LFCP:[MD5.7CAE316CE1FAEFF8DA770261E7A2CFE6] - 26/02/2013 - 12:30:23 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-13D172B9.pf
O45 - LFCP:[MD5.02DD35FAEC27651CE5B68CF492C3CB43] - 26/02/2013 - 12:31:24 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-10E4267C.pf
O45 - LFCP:[MD5.AF0BFB40EBAD7417ECE4FF596381DEE3] - 26/02/2013 - 12:31:24 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-C6CFE2A8.pf
O45 - LFCP:[MD5.82FA9D1C31B09AE39BBBE8F5CF2C5D2C] - 26/02/2013 - 12:32:12 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-7D63BB4C.pf
O45 - LFCP:[MD5.465FB463EA8314853FD1911F5E0969B2] - 26/02/2013 - 12:32:33 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-38926D07.pf
O45 - LFCP:[MD5.4C6DCDDD7E71B40ECCE5D8069372C4F1] - 26/02/2013 - 12:32:36 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B865F023.pf
O45 - LFCP:[MD5.8BF16BD26B026782B142DAD567B8F317] - 26/02/2013 - 12:32:47 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-08E78623.pf
O45 - LFCP:[MD5.EA6E5FF66B636AEEDCBF7821D17865BB] - 26/02/2013 - 12:32:52 ---A- - C:\Windows\Prefetch\RUNTIMEBROKER.EXE-17E2786F.pf
O45 - LFCP:[MD5.0D1B9246B9A116A8F98CA755ABEB2DC7] - 26/02/2013 - 12:39:48 ---A- - C:\Windows\Prefetch\UIUPDATETRAY.EXE-655E8EF2.pf
O45 - LFCP:[MD5.610EE3E40FC94A04B8AC9F8AAF9E85EF] - 26/02/2013 - 12:43:01 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-29D61DAB.pf
O45 - LFCP:[MD5.C1244B4D11C3DF8047E1D95485D49F86] - 26/02/2013 - 12:43:06 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C1C2EFBE.pf
O45 - LFCP:[MD5.1E8365C12EEFCEA0EC1174E63C998A44] - 26/02/2013 - 12:43:07 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-985C34E6.pf
O45 - LFCP:[MD5.7B9C6CB1A63FE154A84CEB6DAB08FE7C] - 26/02/2013 - 12:58:06 ---A- - C:\Windows\Prefetch\THUMBNAILEXTRACTIONHOST.EXE-C3FB8861.pf
O45 - LFCP:[MD5.528177421060804981064B1C5826BAAE] - 26/02/2013 - 12:58:19 ---A- - C:\Windows\Prefetch\OPENWITH.EXE-BA0DC300.pf
O45 - LFCP:[MD5.DE9880F437BF728D0A7B3FD0401DFE9F] - 26/02/2013 - 12:58:54 ---A- - C:\Windows\Prefetch\NVTRAY.EXE-981FA625.pf
O45 - LFCP:[MD5.0A06CFD06DA93D3A29C4D5B7699029B8] - 26/02/2013 - 12:58:55 ---A- - C:\Windows\Prefetch\CONSENT.EXE-2D674CE4.pf
O45 - LFCP:[MD5.E83E4D4E8A9311F2929B39589387249A] - 26/02/2013 - 12:59:00 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50AF0BCC.pf
O45 - LFCP:[MD5.D8A52E9D5EDAF43B36543036766A23DC] - 26/02/2013 - 12:59:04 ---A- - C:\Windows\Prefetch\ZHPDIAG2(1).TMP-7D366B39.pf
O45 - LFCP:[MD5.DCBA435D880F20FFA6C465DC699E319C] - 26/02/2013 - 12:59:05 ---A- - C:\Windows\Prefetch\ZHPDIAG2(1).EXE-55C5B8D5.pf
O45 - LFCP:[MD5.7CB2B6ED09E652FB2A27834FF2FFEDF0] - 26/02/2013 - 12:59:06 ---A- - C:\Windows\Prefetch\ZHPDIAG2(1).TMP-61F23251.pf
O45 - LFCP:[MD5.ED53CA7D0E0F860AE3F89157CC0D4D78] - 26/02/2013 - 12:59:17 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-210D3DBE.pf
O45 - LFCP:[MD5.0192A3D6AAC31E0316054E88DAA61A7F] - 26/02/2013 - 12:59:40 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-5F2753B1.pf
O45 - LFCP:[MD5.EEA147700B5A328B2FB33081C6FAF309] - 26/02/2013 - 12:59:50 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-C7289479.pf
O45 - LFCP:[MD5.FFD6B23767E87132F9081959DB502695] - 26/02/2013 - 13:00:25 ---A- - C:\Windows\Prefetch\CMD.EXE-2EB3E6E2.pf
O45 - LFCP:[MD5.3E770813722F9A01B31F5393A0CEA76A] - 26/02/2013 - 13:00:25 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-E9FF6526.pf
O45 - LFCP:[MD5.0112C43A78358C6A572DFAFFE3A154FB] - 26/02/2013 - 13:00:26 ---A- - C:\Windows\Prefetch\PV.EXE-D9D90B9C.pf
O45 - LFCP:[MD5.37B6DDAF60A09D10C088AF11F5702167] - 26/02/2013 - 13:00:29 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-D08B2113.pf
O45 - LFCP:[MD5.FF44A98616BC15BC8AA35A173EF730AB] - 26/02/2013 - 13:00:33 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-0C8A533A.pf
O45 - LFCP:[MD5.69A4FCF4DB6A5E8CAC629685A5235B3D] - 26/02/2013 - 13:00:34 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-7B160CA5.pf
O45 - LFCP:[MD5.279CF13C8ED906B6BBCDA818DFE2912E] - 26/02/2013 - 13:00:41 ---A- - C:\Windows\Prefetch\CMD.EXE-CD245F9E.pf
O45 - LFCP:[MD5.CBC0EF1FA45BC9022B9867F011F9AA44] - 26/02/2013 - 13:00:41 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-BA1E321E.pf
O45 - LFCP:[MD5.0A0D93C6932EF2FFCF0CF5F2ADA8E179] - 26/02/2013 - 13:00:56 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5B401A7E.pf
~ Scan Prefetcher in 00mn 02s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll
~ Scan Keys in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{7c0fb460-00c5-11e2-be6b-806e6f6e6963}\AutoRun\command. (...) -- F:\CheckID.exe
~ Scan Keys in 00mn 01s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53) (None)

---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.4F18D4C7EA14F11A7211F60D553C03DB] - 26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys   [106736]
O58 - SDL:[MD5.FF5221C2E5D5CC82F93EB7C99DC2852F] - 23/03/2012 - 01:10:14 ---A- . (.ASUSTek Computer Inc. - ASUS Charger driver.) -- C:\Windows\SysWOW64\drivers\AiCharger.sys   [14848]
~ Scan Drivers in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 23/02/2013 - 00:04:21 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\WWFJQKHI\primaryImageCA5JS88P.jpg   [57256]
O61 - LFC: 23/02/2013 - 00:04:21 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frmusicalbum79667a07-0100-11db-89ca-0019b92a3933primaryImageresize=truewidth=480height=480contenttype=imagejpeg   [57256]
O61 - LFC: 23/02/2013 - 12:33:10 ---A- C:\Users\Wizzou\AppData\Local\Resmon.ResmonCfg   [7597]
O61 - LFC: 23/02/2013 - 13:01:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\36AC2052-D94A-4F31-BC3E-6C8106E3238D   [6332]
O61 - LFC: 23/02/2013 - 13:01:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\7A925B00-DF50-4792-B55F-C00723B8341A   [38]
O61 - LFC: 23/02/2013 - 13:01:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\achiImage1.png   [13305]
O61 - LFC: 23/02/2013 - 13:01:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\achiImage10.png   [11639]
O61 - LFC: 23/02/2013 - 13:01:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\achiImage11.png   [13132]
O61 - LFC: 23/02/2013 - 13:01:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\achiImage12.png   [13983]
O61 - LFC: 23/02/2013 - 13:01:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\achiImage14.png   [13372]
O61 - LFC: 23/02/2013 - 13:01:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\achiImage15.png   [13618]
O61 - LFC: 23/02/2013 - 13:01:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\achiImage17.png   [13512]
O61 - LFC: 23/02/2013 - 13:01:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\achiImage18.png   [13128]
O61 - LFC: 23/02/2013 - 13:01:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\achiImage19.png   [11722]
O61 - LFC: 23/02/2013 - 13:01:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\achiImage2.png   [13930]
O61 - LFC: 23/02/2013 - 13:01:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\achiImage20.png   [14654]
O61 - LFC: 23/02/2013 - 13:01:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\achiImage21.png   [10898]
O61 - LFC: 23/02/2013 - 13:01:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\achiImage3.png   [14457]
O61 - LFC: 23/02/2013 - 13:01:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\achiImage4.png   [15623]
O61 - LFC: 23/02/2013 - 13:01:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\achiImage5.png   [10807]
O61 - LFC: 23/02/2013 - 13:01:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\achiImage6.png   [13140]
O61 - LFC: 23/02/2013 - 13:01:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\achiImage7.png   [10402]
O61 - LFC: 23/02/2013 - 13:01:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\achiImage8.png   [11485]
O61 - LFC: 23/02/2013 - 13:01:14 -SHA- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\INetCookies\container.dat   [0]
O61 - LFC: 23/02/2013 - 13:01:18 -S-A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\FB788E090BC1F3AA2FBC9E8FB2859601   [909]
O61 - LFC: 23/02/2013 - 13:01:19 -S-A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\E2EF7F0FB7284B9ACFD4F65D02218479   [772]
O61 - LFC: 23/02/2013 - 13:01:19 -S-A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\E2EF7F0FB7284B9ACFD4F65D02218479   [264]
O61 - LFC: 23/02/2013 - 13:01:20 -S-A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157   [0]
O61 - LFC: 23/02/2013 - 13:01:20 -S-A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506   [0]
O61 - LFC: 23/02/2013 - 13:01:20 -S-A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\F063BF7EF604434CBE00FF198F0D9B10   [4448]
O61 - LFC: 23/02/2013 - 13:01:20 -S-A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157   [302]
O61 - LFC: 23/02/2013 - 13:01:20 -S-A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506   [290]
O61 - LFC: 23/02/2013 - 13:01:20 -S-A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\F063BF7EF604434CBE00FF198F0D9B10   [334]
O61 - LFC: 23/02/2013 - 13:01:51 -S-A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\FB788E090BC1F3AA2FBC9E8FB2859601   [274]
O61 - LFC: 23/02/2013 - 16:38:13 -S-A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\AC9005F5466BD463DF06D711B370595F   [1088]
O61 - LFC: 23/02/2013 - 16:54:11 ---A- C:\Users\Wizzou\AppData\Local\Packages\BrowserChoice_cw5n1h2txyewy\Settings\roaming.lock   [0]
O61 - LFC: 23/02/2013 - 16:54:15 ---A- C:\Users\Wizzou\Links\Desktop.lnk   [482]
O61 - LFC: 23/02/2013 - 16:54:15 ---A- C:\Users\Wizzou\Links\Downloads.lnk   [933]
O61 - LFC: 23/02/2013 - 16:54:15 ---A- C:\Users\Wizzou\Links\RecentPlaces.lnk   [383]
O61 - LFC: 23/02/2013 - 16:54:47 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\7UVYIEV1\0db8808d-316a-4905-b18d-ad295f5dcaba[2].jpg   [44797]
O61 - LFC: 23/02/2013 - 16:54:47 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\7UVYIEV1\5534bd13-843e-4bc7-9c89-0c7e125b4522[2].jpg   [146422]
O61 - LFC: 23/02/2013 - 16:54:53 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\WILKFXCQ\images[1]   [591]
O61 - LFC: 23/02/2013 - 16:54:57 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\NZ046EOQ\primaryImageCA3R7RMQ.jpg   [13799]
O61 - LFC: 23/02/2013 - 16:54:57 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\NZ046EOQ\primaryImageCAJ0FHX2.jpg   [13706]
O61 - LFC: 23/02/2013 - 16:54:57 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frmusicalbum9120f601-0100-11db-89ca-0019b92a3933primaryImageresize=truewidth=240height=240contenttype=imagejpeg   [13706]
O61 - LFC: 23/02/2013 - 16:54:57 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frmusicalbumf9bc0e00-0100-11db-89ca-0019b92a3933primaryImageresize=truewidth=240height=240contenttype=imagejpeg   [13799]
O61 - LFC: 23/02/2013 - 16:55:09 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\WILKFXCQ\primaryImageCA2RL22F.jpg   [9819]
O61 - LFC: 23/02/2013 - 16:55:09 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\WILKFXCQ\primaryImageCA432JYQ.jpg   [15420]
O61 - LFC: 23/02/2013 - 16:55:09 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\CUsersWizzouMusicDonjon de Naheulbeukdonjon-32bonusescapadezangdar.mp3_badrequest   [0]
O61 - LFC: 23/02/2013 - 16:55:09 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frmusicalbum5c918d07-0100-11db-89ca-0019b92a3933primaryImageresize=truewidth=240height=240contenttype=imagejpeg   [15420]
O61 - LFC: 23/02/2013 - 16:55:09 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frmusicalbumf6c58807-0100-11db-89ca-0019b92a3933primaryImageresize=truewidth=240height=240contenttype=imagejpeg   [9819]
O61 - LFC: 23/02/2013 - 16:55:21 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\WWFJQKHI\images[1]   [593]
O61 - LFC: 23/02/2013 - 16:55:23 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\7UVYIEV1\primaryImageCA00WZGB.jpg   [9404]
O61 - LFC: 23/02/2013 - 16:55:23 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frmusicalbum46df4907-0100-11db-89ca-0019b92a3933primaryImageresize=truewidth=480height=480contenttype=imagejpeg   [9404]
O61 - LFC: 23/02/2013 - 16:56:24 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\WWFJQKHI\primaryImageCAK429XI.jpg   [50373]
O61 - LFC: 23/02/2013 - 16:56:24 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frmusicalbum9f4c7c00-0100-11db-89ca-0019b92a3933primaryImageresize=truewidth=480height=480contenttype=imagejpeg   [50373]
O61 - LFC: 23/02/2013 - 16:57:05 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\NZ046EOQ\primaryImageCABAZERP.jpg   [14645]
O61 - LFC: 23/02/2013 - 16:57:05 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frmusicalbumc1160507-0100-11db-89ca-0019b92a3933primaryImageresize=truewidth=240height=240contenttype=imagejpeg   [14645]
O61 - LFC: 23/02/2013 - 16:57:06 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\NZ046EOQ\primaryImageCATBTALJ.jpg   [21117]
O61 - LFC: 23/02/2013 - 16:57:06 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frmusicalbumcbbf5e07-0100-11db-89ca-0019b92a3933primaryImageresize=truewidth=240height=240contenttype=imagejpeg   [21117]
O61 - LFC: 23/02/2013 - 16:57:07 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\7UVYIEV1\primaryImageCA8V03KR.jpg   [3867]
O61 - LFC: 23/02/2013 - 16:57:07 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frmusicalbumd7e74a06-0100-11db-89ca-0019b92a3933primaryImageresize=truewidth=100height=100contenttype=imagejpeg   [3867]
O61 - LFC: 23/02/2013 - 16:59:28 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\SystemAppData\package.dat   [106]
O61 - LFC: 23/02/2013 - 16:59:36 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Studios.PinballFx2_8wekyb3d8bbwe\SystemAppData\package.dat   [128]
O61 - LFC: 23/02/2013 - 16:59:44 ---A- C:\Users\Wizzou\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\SystemAppData\package.dat   [150]
O61 - LFC: 23/02/2013 - 16:59:46 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\SystemAppData\package.dat   [144]
O61 - LFC: 23/02/2013 - 16:59:47 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\SystemAppData\package.dat   [116]
O61 - LFC: 23/02/2013 - 16:59:54 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\SystemAppData\package.dat   [104]
O61 - LFC: 23/02/2013 - 16:59:57 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Camera_8wekyb3d8bbwe\SystemAppData\package.dat   [106]
O61 - LFC: 23/02/2013 - 16:59:58 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Taptiles_8wekyb3d8bbwe\SystemAppData\package.dat   [104]
O61 - LFC: 23/02/2013 - 17:00:09 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\SystemAppData\package.dat   [118]
O61 - LFC: 23/02/2013 - 17:00:12 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\SystemAppData\package.dat   [108]
O61 - LFC: 23/02/2013 - 17:00:13 ---A- C:\Users\Wizzou\AppData\Local\Packages\microsoft.microsoftskydrive_8wekyb3d8bbwe\SystemAppData\package.dat   [134]
O61 - LFC: 23/02/2013 - 17:00:21 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\SystemAppData\package.dat   [112]
O61 - LFC: 23/02/2013 - 17:00:23 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.MicrosoftMinesweeper_8wekyb3d8bbwe\SystemAppData\package.dat   [128]
O61 - LFC: 23/02/2013 - 17:00:24 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\SystemAppData\package.dat   [100]
O61 - LFC: 23/02/2013 - 17:00:25 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\SystemAppData\package.dat   [108]
O61 - LFC: 23/02/2013 - 17:00:30 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\SystemAppData\package.dat   [114]
O61 - LFC: 23/02/2013 - 17:00:36 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\SystemAppData\package.dat   [110]
O61 - LFC: 23/02/2013 - 17:00:40 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\SystemAppData\package.dat   [110]
O61 - LFC: 23/02/2013 - 17:00:56 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\SystemAppData\package.dat   [112]
O61 - LFC: 23/02/2013 - 17:00:57 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Studios.Wordament_8wekyb3d8bbwe\SystemAppData\package.dat   [124]
O61 - LFC: 23/02/2013 - 17:00:59 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\SystemAppData\package.dat   [120]
O61 - LFC: 23/02/2013 - 17:01:00 ---A- C:\Users\Wizzou\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\SystemAppData\package.dat   [126]
O61 - LFC: 23/02/2013 - 17:12:43 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Studios.PinballFx2_8wekyb3d8bbwe\AC\Microsoft\Windows\1036\StructuredQuerySchema.bin   [361866]
O61 - LFC: 23/02/2013 - 17:13:05 -SHA- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Studios.PinballFx2_8wekyb3d8bbwe\AC\INetHistory\BackgroundTransferApi\container.dat   [0]
O61 - LFC: 23/02/2013 - 17:21:15 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Studios.PinballFx2_8wekyb3d8bbwe\LocalState\Profile_-1.dat   [5184]
O61 - LFC: 23/02/2013 - 17:21:47 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Studios.PinballFx2_8wekyb3d8bbwe\LocalState\AUTOSAVE\SaveGame_-1.dat   [64]
O61 - LFC: 23/02/2013 - 17:22:09 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 23/02/2013 - 17:22:23 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Studios.PinballFx2_8wekyb3d8bbwe\Settings\settings.dat   [8192]
O61 - LFC: 24/02/2013 - 00:43:15 ---A- C:\Users\Wizzou\AppData\Local\PMB Files\38\D6\38D6BDDB6319B2F774168D022B00A2E48FA91714.ct1   [326]
O61 - LFC: 24/02/2013 - 00:43:15 ---A- C:\Users\Wizzou\AppData\Local\PMB Files\76\D5\76D5C99B2DC077C1BA97C2DC1A45D0D878C5735A.ct1   [326]
O61 - LFC: 24/02/2013 - 00:43:15 ---A- C:\Users\Wizzou\AppData\Local\PMB Files\9D\24\9D2477F40840777583A8294C099BEF237E4A4B65.ct1   [328]
O61 - LFC: 24/02/2013 - 00:43:15 ---A- C:\Users\Wizzou\AppData\Local\PMB Files\CC\3C\CC3CBCBC2AE0E13471CB8778D19E0E9920E3ACAE.ct1   [326]
O61 - LFC: 24/02/2013 - 01:02:49 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\WILKFXCQ\primaryImageCATOPU92.jpg   [54692]
O61 - LFC: 24/02/2013 - 01:02:49 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frmusicalbume4eb9706-0100-11db-89ca-0019b92a3933primaryImageresize=truewidth=480height=480contenttype=imagejpeg   [54692]
O61 - LFC: 24/02/2013 - 03:00:02 ---A- C:\Users\Wizzou\AppData\Local\Packages\BrowserChoice_cw5n1h2txyewy\Settings\settings.dat   [8192]
O61 - LFC: 24/02/2013 - 03:00:02 -SHA- C:\Users\Wizzou\AppData\Local\Packages\BrowserChoice_cw5n1h2txyewy\Settings\settings.dat.LOG1   [8192]
O61 - LFC: 24/02/2013 - 03:00:02 -SHA- C:\Users\Wizzou\AppData\Local\Packages\BrowserChoice_cw5n1h2txyewy\Settings\settings.dat.LOG2   [0]
O61 - LFC: 24/02/2013 - 03:06:32 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Adera.Win8\66a4985f98e92ae8e17b1242c7b59009\Adera.Win8.ni.exe   [4466176]
O61 - LFC: 24/02/2013 - 03:06:32 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Adera.Win8\66a4985f98e92ae8e17b1242c7b59009\Adera.Win8.ni.exe.aux   [7364]
O61 - LFC: 24/02/2013 - 03:06:34 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\MetroNative\974e19536c160ed2539cf77c32f4ae40\MetroNative.ni.dll   [183296]
O61 - LFC: 24/02/2013 - 03:06:34 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\MetroNative\974e19536c160ed2539cf77c32f4ae40\MetroNative.ni.dll.aux   [1844]
O61 - LFC: 24/02/2013 - 03:06:35 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.Xbox\42919800bf42413eba6072ce9045e6d1\Microsoft.Xbox.ni.dll   [430592]
O61 - LFC: 24/02/2013 - 03:06:35 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.Xbox\42919800bf42413eba6072ce9045e6d1\Microsoft.Xbox.ni.dll.aux   [1336]
O61 - LFC: 24/02/2013 - 03:06:36 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Studios.PinballFx2_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Notificatioc5a47191#\e4d26c73978468ccac7ff5b00e0bbd1a\NotificationsExtensions.ni.dll   [243712]
O61 - LFC: 24/02/2013 - 03:06:36 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.Studios.PinballFx2_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Notificatioc5a47191#\e4d26c73978468ccac7ff5b00e0bbd1a\NotificationsExtensions.ni.dll.aux   [1484]
O61 - LFC: 24/02/2013 - 21:17:17 ---A- C:\Users\Wizzou\AppData\Roaming\TS3Client\ts3clientui_qt.secrets.conf   [869]
O61 - LFC: 24/02/2013 - 21:17:19 ---A- C:\Users\Wizzou\AppData\Roaming\TS3Client\chats\WlZnNGZFVmlvM2FKRHdGODFGVVpZQ01oZzZRPQ==\channel.txt   [459]
O61 - LFC: 24/02/2013 - 21:17:19 ---A- C:\Users\Wizzou\AppData\Roaming\TS3Client\chats\WlZnNGZFVmlvM2FKRHdGODFGVVpZQ01oZzZRPQ==\server.txt   [216]
O61 - LFC: 24/02/2013 - 21:21:25 ---A- C:\Users\Wizzou\AppData\Roaming\TS3Client\cache\WlZnNGZFVmlvM2FKRHdGODFGVVpZQ01oZzZRPQ==\channels\cache.dat   [4]
O61 - LFC: 24/02/2013 - 21:21:25 ---A- C:\Users\Wizzou\AppData\Roaming\TS3Client\chats\WlZnNGZFVmlvM2FKRHdGODFGVVpZQ01oZzZRPQ==\channel.html   [5164]
O61 - LFC: 24/02/2013 - 21:21:25 ---A- C:\Users\Wizzou\AppData\Roaming\TS3Client\chats\WlZnNGZFVmlvM2FKRHdGODFGVVpZQ01oZzZRPQ==\server.html   [22049]
O61 - LFC: 24/02/2013 - 21:21:26 ---A- C:\Users\Wizzou\AppData\Roaming\TS3Client\resolved.dat   [50]
O61 - LFC: 24/02/2013 - 21:21:26 ---A- C:\Users\Wizzou\AppData\Roaming\TS3Client\subscribemode.dat   [4]
O61 - LFC: 24/02/2013 - 21:21:27 ---A- C:\Users\Wizzou\AppData\Roaming\TS3Client\settings.db   [41984]
O61 - LFC: 25/02/2013 - 00:34:25 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\WWFJQKHI\primaryImageCAZOQJE7.jpg   [5336]
O61 - LFC: 25/02/2013 - 00:34:25 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frmusicalbum46df4907-0100-11db-89ca-0019b92a3933primaryImageresize=truewidth=320height=320contenttype=imagejpeg   [5336]
O61 - LFC: 25/02/2013 - 10:33:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\7UVYIEV1\primaryImageCAE2ER4E.jpg   [52739]
O61 - LFC: 25/02/2013 - 10:33:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frmusicalbume2a37807-0100-11db-89ca-0019b92a3933primaryImageresize=truewidth=480height=480contenttype=imagejpeg   [52739]
O61 - LFC: 25/02/2013 - 18:29:33 -S-A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\AC9005F5466BD463DF06D711B370595F   [316]
O61 - LFC: 25/02/2013 - 23:12:34 ---A- C:\Users\Wizzou\Downloads\ZHPDiag2.exe   [5402780]
O61 - LFC: 25/02/2013 - 23:43:06 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\WWFJQKHI\Spotlight-Music[1].xml   [3334]
O61 - LFC: 25/02/2013 - 23:43:06 -S-A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\F063BF7EF604434CBE00FF198F0D9B10   [4448]
O61 - LFC: 25/02/2013 - 23:43:06 -S-A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\F063BF7EF604434CBE00FF198F0D9B10   [334]
O61 - LFC: 25/02/2013 - 23:43:09 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\NZ046EOQ\music[1]   [67523]
O61 - LFC: 25/02/2013 - 23:43:10 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\7UVYIEV1\_music_chart_zune_albums[1]   [16302]
O61 - LFC: 25/02/2013 - 23:43:10 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\7UVYIEV1\_music_chart_zune_artists[1]   [4801]
O61 - LFC: 25/02/2013 - 23:43:10 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\NZ046EOQ\22835e4e-a2b4-4609-97ae-4f6a627932dc[1].jpg   [199810]
O61 - LFC: 25/02/2013 - 23:43:10 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\NZ046EOQ\2ebd16a6-59ea-4b8f-ba9f-acb34df33949[1].jpg   [211201]
O61 - LFC: 25/02/2013 - 23:43:10 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\NZ046EOQ\33319666-a1d0-4c60-8650-592178351df1[1].jpg   [250352]
O61 - LFC: 25/02/2013 - 23:43:10 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\NZ046EOQ\49af98f8-f665-4c20-b490-fa50dd7da82c[1].jpg   [265345]
O61 - LFC: 25/02/2013 - 23:43:11 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\7UVYIEV1\17b47531-d9bc-497c-9714-aa9db74c5d92[1].jpg   [16526]
O61 - LFC: 25/02/2013 - 23:43:11 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\7UVYIEV1\824e2559-0a48-4e6c-963f-3a8457325657[1].jpg   [7323]
O61 - LFC: 25/02/2013 - 23:43:11 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\7UVYIEV1\primaryImageCAJKZ5V8.jpg   [16164]
O61 - LFC: 25/02/2013 - 23:43:11 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\NZ046EOQ\26229b7c-f679-42c9-ac25-ad4dbe62deb5[1].jpg   [338475]
O61 - LFC: 25/02/2013 - 23:43:11 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\WWFJQKHI\1bab386a-cda5-4920-9df9-130c180b0b60[1].jpg   [6460]
O61 - LFC: 25/02/2013 - 23:43:11 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\WWFJQKHI\42df9261-e039-4167-b3f3-56f8316362fe[1].jpg   [9551]
O61 - LFC: 25/02/2013 - 23:43:11 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\WWFJQKHI\6752eaf2-401d-4881-868b-a473b5dfab6c[1].jpg   [13361]
O61 - LFC: 25/02/2013 - 23:43:11 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\WWFJQKHI\6cfff9aa-ae13-4f35-87ad-1f541aea87d0[1].jpg   [20474]
O61 - LFC: 25/02/2013 - 23:43:11 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\WWFJQKHI\ef09b20e-0513-446b-bcec-b48061858f63[1].jpg   [27655]
O61 - LFC: 25/02/2013 - 23:43:11 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage17b47531-d9bc-497c-9714-aa9db74c5d92resize=truewidth=420height=320contenttype=imagejpeg   [16526]
O61 - LFC: 25/02/2013 - 23:43:11 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage1bab386a-cda5-4920-9df9-130c180b0b60resize=truewidth=258height=194contenttype=imagejpeg   [6460]
O61 - LFC: 25/02/2013 - 23:43:11 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage42df9261-e039-4167-b3f3-56f8316362feresize=truewidth=258height=194contenttype=imagejpeg   [9551]
O61 - LFC: 25/02/2013 - 23:43:11 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage6752eaf2-401d-4881-868b-a473b5dfab6cresize=truewidth=258height=194contenttype=imagejpeg   [13361]
O61 - LFC: 25/02/2013 - 23:43:11 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage6cfff9aa-ae13-4f35-87ad-1f541aea87d0resize=truewidth=420height=320contenttype=imagejpeg   [20474]
O61 - LFC: 25/02/2013 - 23:43:11 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimage824e2559-0a48-4e6c-963f-3a8457325657resize=truewidth=258height=194contenttype=imagejpeg   [7323]
O61 - LFC: 25/02/2013 - 23:43:11 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frimageef09b20e-0513-446b-bcec-b48061858f63resize=truewidth=420height=320contenttype=imagejpeg   [27655]
O61 - LFC: 25/02/2013 - 23:43:11 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frmusicalbum9f4c7c00-0100-11db-89ca-0019b92a3933primaryImageresize=truewidth=240height=240contenttype=imagejpeg   [16164]
O61 - LFC: 25/02/2013 - 23:43:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\7UVYIEV1\albums[1]   [26618]
O61 - LFC: 25/02/2013 - 23:43:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\WILKFXCQ\albums[2]   [55591]
O61 - LFC: 25/02/2013 - 23:43:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\WILKFXCQ\albums[3]   [63498]
O61 - LFC: 25/02/2013 - 23:43:14 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\WWFJQKHI\albums[1]   [77878]
O61 - LFC: 25/02/2013 - 23:52:07 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\WILKFXCQ\primaryImageCA4GOSSL.jpg   [29000]
O61 - LFC: 25/02/2013 - 23:52:07 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\httpimage.catalog.zune.netv3.2fr-frmusicalbum67b4e006-0100-11db-89ca-0019b92a3933primaryImageresize=truewidth=480height=480contenttype=imagejpeg   [29000]
O61 - LFC: 26/02/2013 - 12:21:12 ---A- C:\Users\Wizzou\AppData\Local\Apps\2.0\Data\WCVMGM0H.VJE\CHBDB3DZ.YN6\curs..tion_9e9e83ddf3ed3ead_0005.0001_f98d05d4713e76ec\Data\AddOnDatabase.dat   [67576]
O61 - LFC: 26/02/2013 - 12:21:12 ---A- C:\Users\Wizzou\AppData\Local\Apps\2.0\Data\WCVMGM0H.VJE\CHBDB3DZ.YN6\curs..tion_9e9e83ddf3ed3ead_0005.0001_f98d05d4713e76ec\Data\GameReleaseDatabase.dat   [1030]
O61 - LFC: 26/02/2013 - 12:21:12 ---A- C:\Users\Wizzou\AppData\Local\Apps\2.0\Data\WCVMGM0H.VJE\CHBDB3DZ.YN6\curs..tion_9e9e83ddf3ed3ead_0005.0001_f98d05d4713e76ec\Data\GameServerDatabase.dat   [1025]
O61 - LFC: 26/02/2013 - 12:21:12 ---A- C:\Users\Wizzou\AppData\Local\Apps\2.0\Data\WCVMGM0H.VJE\CHBDB3DZ.YN6\curs..tion_9e9e83ddf3ed3ead_0005.0001_f98d05d4713e76ec\Data\SavedGameDatabase.dat   [1021]
O61 - LFC: 26/02/2013 - 12:21:54 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\7UVYIEV1\genre[1]   [2955]
O61 - LFC: 26/02/2013 - 12:21:54 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\WILKFXCQ\album[1]   [78578]
O61 - LFC: 26/02/2013 - 12:21:55 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\7UVYIEV1\album[1]   [77314]
O61 - LFC: 26/02/2013 - 12:21:56 -S-A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157   [338]
O61 - LFC: 26/02/2013 - 12:22:01 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache\WWFJQKHI\configuration[1].xml   [7334]
O61 - LFC: 26/02/2013 - 12:22:26 -S-A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\4309200C3DBAD0F6F0DFACE9165FD092   [264]
O61 - LFC: 26/02/2013 - 12:22:27 -S-A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\E2EF7F0FB7284B9ACFD4F65D02218479   [264]
O61 - LFC: 26/02/2013 - 12:25:20 ---A- C:\Users\Wizzou\Downloads\adwcleaner.exe   [594019]
O61 - LFC: 26/02/2013 - 12:27:13 --HA- C:\Users\Wizzou\AppData\Local\IconCache.db   [72215]
O61 - LFC: 26/02/2013 - 12:28:26 ---A- C:\Users\Wizzou\AppData\Local\PMB Files\cert\secmod.db   [16384]
O61 - LFC: 26/02/2013 - 12:28:28 ---A- C:\Users\Wizzou\AppData\Local\PMB Files\cert\cert8.db   [65536]
O61 - LFC: 26/02/2013 - 12:28:28 ---A- C:\Users\Wizzou\AppData\Local\PMB Files\cert\key3.db   [16384]
O61 - LFC: 26/02/2013 - 12:32:40 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\AppState.xml   [0]
O61 - LFC: 26/02/2013 - 12:32:43 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\PlayReady\mspr.hds   [528384]
O61 - LFC: 26/02/2013 - 12:32:44 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\Database\edb.chk   [8192]
O61 - LFC: 26/02/2013 - 12:32:45 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\CUsersWizzouMusicDonjon de Naheulbeukdonjon-17.mp3_badrequest   [0]
O61 - LFC: 26/02/2013 - 12:32:45 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\CUsersWizzouMusicDonjon de Naheulbeukdonjon-bonus-bouclierssaldur.mp3_badrequest   [0]
O61 - LFC: 26/02/2013 - 12:32:45 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\CUsersWizzouMusicDonjon de Naheulbeukdonjon-saison4resume.mp3_badrequest   [0]
O61 - LFC: 26/02/2013 - 12:32:45 ---A- C:\Users\Wizzou\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\ImageCache\20\CUsersWizzouMusicdonjon-de-naheulbeuk03-nextgen.mp3_badrequest   [0]
O61 - LFC: 26/02/2013 - 12:33:51 ---A- C:\Users\Wizzou\AppData\Local\Apps\2.0\Data\WCVMGM0H.VJE\CHBDB3DZ.YN6\curs..tion_9e9e83ddf3ed3ead_0005.0001_f98d05d4713e76ec\Data\4.0.0.10\user.config   [2871]
O61 - LFC: 26/02/2013 - 12:42:36 ---A- C:\Users\Wizzou\AppData\Roaming\Yontoo\dat\Desktop.OS.dll   [41760]
O61 - LFC: 26/02/2013 - 12:42:38 ---A- C:\Users\Wizzou\AppData\Roaming\Yontoo\PlugIns.cache   [9]
O61 - LFC: 26/02/2013 - 12:42:38 ---A- C:\Users\Wizzou\AppData\Roaming\Yontoo\dat\HeartBeat.dat   [17696]
O61 - LFC: 26/02/2013 - 12:58:06 ---A- C:\Users\Wizzou\Downloads\telecharger-zhpdiag.html   [32485]
O61 - LFC: 26/02/2013 - 12:58:38 ---A- C:\Users\Wizzou\Downloads\ZHPDiag2(1).exe   [5406463]
O61 - LFC: 26/02/2013 - 12:58:53 ---A- C:\Users\Wizzou\AppData\Local\Apps\2.0\Data\WCVMGM0H.VJE\CHBDB3DZ.YN6\curs..tion_9e9e83ddf3ed3ead_0005.0001_f98d05d4713e76ec\Data\CategoryDatabase.dat   [527482]
O61 - LFC: 26/02/2013 - 12:58:53 ---A- C:\Users\Wizzou\AppData\Local\Apps\2.0\Data\WCVMGM0H.VJE\CHBDB3DZ.YN6\curs..tion_9e9e83ddf3ed3ead_0005.0001_f98d05d4713e76ec\Data\GameDatabase.dat   [1968403]
O61 - LFC: 26/02/2013 - 12:58:53 ---A- C:\Users\Wizzou\AppData\Local\Apps\2.0\Data\WCVMGM0H.VJE\CHBDB3DZ.YN6\curs..tion_9e9e83ddf3ed3ead_0005.0001_f98d05d4713e76ec\Data\GameInstanceDatabase.dat   [53590]
O61 - LFC: 26/02/2013 - 12:58:53 ---A- C:\Users\Wizzou\AppData\Local\Apps\2.0\Data\WCVMGM0H.VJE\CHBDB3DZ.YN6\curs..tion_9e9e83ddf3ed3ead_0005.0001_f98d05d4713e76ec\Data\NotificationDatabase.dat   [1116]
O61 - LFC: 26/02/2013 - 13:01:39 ---A- C:\Users\Wizzou\AppData\Local\PMB Files\pando.save   [38937]
~ Scan Files in 00mn 18s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.3.5 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [190976]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [149504]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [149504]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [309248]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [1366016]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [1071104]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [99840]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll   [358400]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [107520]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [62976]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [438784]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [305664]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [3345920]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [826368]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [565760]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [894464]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [69632]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [151552]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [105472]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [1282560]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [219648]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [80896]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [209920]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [291328]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [190976]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll   [1964544]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [47104]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll   [207872]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll   [161792]
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll   [178176]
~ Scan Services in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.D717494BDC17E71DDB69FA2A6A021401] [SPRF][21/02/2013] (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller 11.6 r602.) -- C:\Users\Wizzou\AppData\Local\Temp\fp_pl_pfs_installer.exe   [16472944]
[MD5.0B719FBC2E7868ECC18115580FB203BB] [SPRF][31/07/2012] (.NVIDIA Corporation - NVIDIA 3D Vision Control Panel 64bit API.) -- C:\Users\Wizzou\AppData\Local\Temp\nvSCPAPI64.dll   [1059176]
[MD5.53BFC21B7DEC48D1F51FCCB00626B9D6] [SPRF][31/07/2012] (.NVIDIA Corporation - NVIDIA Stereo Initialization dll, Version 305.46.) -- C:\Users\Wizzou\AppData\Local\Temp\nvStInit.dll   [20328]
[MD5.40E899E546566C1D14B28841A296CADB] [SPRF][31/07/2012] (.NVIDIA Corporation - NVIDIA Stereo Initialization dll, Version 305.46.) -- C:\Users\Wizzou\AppData\Local\Temp\nvStInit64.dll   [21864]
[MD5.8D7A6834FF9B10811D2FA274E88467BB] [SPRF][31/07/2012] (.NVIDIA Corporation - Stereoscpic 3D driver Installer API.) -- C:\Users\Wizzou\AppData\Local\Temp\nvStInst.exe   [611688]
[MD5.B9270BA1B0D210F786D2E001A7BB902B] [SPRF][21/02/2013] (.Eclipse Foundation - SWT for Windows native library.) -- C:\Users\Wizzou\AppData\Local\Temp\swt-win32-3740.dll   [430080]
[MD5.3AE0F11F3D91179443113CAB0F94F944] [SPRF][21/02/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\Wizzou\AppData\Local\Temp\uninst1.exe   [372736]
[MD5.6D69000BB6FFD6585C9F49720205EB78] [SPRF][26/02/2013] (...) -- C:\Users\Wizzou\Desktop\adwcleaner.exe   [594019]
~ Scan Files in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-In-TCP" |In - None - P6 - TRUE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "MCX-In-TCP" |In - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Prov-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcx2prov.exe (.not file.)
O87 - FAEL: "MCX-McrMgr-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcrmgr.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "{80ABFAF8-7AB0-4FF2-BCC6-5AB1D8B5FE1F}" | In - None - P6 - TRUE | .(.CyberLink Corp. - CyberLink PowerDVD Cinema 10 Main Program.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
O87 - FAEL: "{370B34DF-729B-4233-97AF-E7DE7131CBAA}" | In - None - P6 - TRUE | .(.CyberLink Corp. - ASUSDVD.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.exe
O87 - FAEL: "{8C1E2AF3-0F6E-4381-986C-58F072642968}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{4269230C-506E-426C-B72F-083E8682B0F7}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{188113F4-41B4-4D1C-81F4-69BF84314606}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{D5A682F6-E5E9-40E9-9070-B89B594D7E2B}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{552084C9-1D3D-449F-9400-C05E55EC8055}" | In - Private - P6 - TRUE | .(.Curse - Curse Client.) -- C:\Users\Wizzou\AppData\Local\Apps\2.0\GXJ3P1PN.DY4\5NO1JWWZ.HAQ\curs..tion_9e9e83ddf3ed3ead_0005.0001_f98d05d4713e76ec\CurseClient.exe
O87 - FAEL: "{ADF16780-A7A0-46CD-B206-B180057ED1B1}" | In - Private - P17 - TRUE | .(.Curse - Curse Client.) -- C:\Users\Wizzou\AppData\Local\Apps\2.0\GXJ3P1PN.DY4\5NO1JWWZ.HAQ\curs..tion_9e9e83ddf3ed3ead_0005.0001_f98d05d4713e76ec\CurseClient.exe
O87 - FAEL: "{6298A51A-4996-44DA-851A-81C4E5923DD4}" | In - Private - P6 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
O87 - FAEL: "{81803EA6-C13C-42B0-9AA8-4D603E1CDC5D}" | In - Private - P17 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
O87 - FAEL: "{F1F5629C-F4D0-4525-AA03-60C6A1A4CC77}" | In - Private - P6 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
O87 - FAEL: "{5D83C452-651B-4D84-8F3F-E18B95245DEF}" | In - Private - P17 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
O87 - FAEL: "{F918F19F-9D6E-4F19-BE49-E4F75DF2ADB8}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Diablo III\Diablo III.exe (.not file.)
O87 - FAEL: "{96D8C265-8EE2-49EE-9E22-95A6FDE07D29}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Diablo III\Diablo III.exe (.not file.)
O87 - FAEL: "TCP Query User{62189699-4922-49DD-9CE2-175B89121827}C:\program files (x86)\tera\tera-launcher.exe" | In - Private - P6 - TRUE | .(.Solid State Networks - TERA.) -- C:\program files (x86)\tera\tera-launcher.exe
O87 - FAEL: "UDP Query User{0556BC45-51F6-4453-A3EC-6CFCA297DF0F}C:\program files (x86)\tera\tera-launcher.exe" | In - Private - P17 - TRUE | .(.Solid State Networks - TERA.) -- C:\program files (x86)\tera\tera-launcher.exe
O87 - FAEL: "{3BA7010D-9F9E-41A5-9EEA-93249C72F03B}" | In - Domain - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{2762A434-7451-4F4F-B8EA-461CF2587FAB}" | In - Domain - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{38E64695-F9DD-44B2-9FA7-97C2998EAEA1}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{D7E15881-AB8F-4837-A244-3AAB4E9175BE}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{D25B216F-393F-456E-A8B7-5E8A3AD07B6A}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{EDAB8D6D-A981-408B-844A-56E78FBC145B}" | In - Private - P6 - TRUE | .(.Valve Corporation - Steam Client Bootstrapper (buildbot_winslave04_steam_steam_rel_client_win.) -- C:\Program Files (x86)\Steam\Steam.exe
O87 - FAEL: "{876C8DF1-F183-4C4E-A408-86E531950FB9}" | In - Private - P17 - TRUE | .(.Valve Corporation - Steam Client Bootstrapper (buildbot_winslave04_steam_steam_rel_client_win.) -- C:\Program Files (x86)\Steam\Steam.exe
~ Scan Firewall in 00mn 01s



---\\ Scan Additionnel (O88)
Database Version : v2.10977 - (26/02/2013)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 2
Fichiers trouvés  (Files found) : 2

[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]   =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]   =>Toolbar.Bing
C:\Program Files (x86)\yontoo   =>Adware.Yontoo
C:\Users\Wizzou\AppData\Roaming\yontoo   =>Adware.Yontoo
C:\Users\Wizzou\AppData\Local\Temp\uninst1.exe   =>Toolbar.Babylon
~ Scan Additionnel in 00mn 06s



---\\ Recherche détournement de DNS routeur (O89) (None)

---\\ Product Upgrade Codes (O90)
O90 - PUC: "00004159070000000000000000F01FEC" . (.Microsoft Office.) -- C:\WINDOWS\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe
O90 - PUC: "03FF80700C870B74180F8C6440CD67C9" . (.Nero Express Help (CHM).) -- C:\WINDOWS\Installer\{0708FF30-78C0-47B0-81F0-C84604DC769C}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\WINDOWS\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon
O90 - PUC: "3058F5C62D55893458C863B2A7A75FC1" . (.Firebird SQL Server - MAGIX Edition.) -- C:\Windows\Installer\{6C5F8503-55D2-4398-858C-362B7A7AF51C}\ProgramIcon.exe
O90 - PUC: "35588CBA077879B44BE3A50946A7B536" . (.Nero ControlCenter.) -- C:\WINDOWS\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ARPPRODUCTICON.exe
O90 - PUC: "3A80BAA3921F5DB44B90EA76F43957D9" . (.Prerequisite installer.) -- C:\WINDOWS\Installer\{3AAB08A3-F129-4BD5-B409-AE674F93759D}\ARPPRODUCTICON.exe
O90 - PUC: "647C499C0D6CABE40BE9FDB78183B196" . (.Nero ControlCenter Help (CHM).) -- C:\WINDOWS\Installer\{C994C746-C6D0-4EBA-B09E-DF7B18381B69}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D
O90 - PUC: "68AB67CA7DA7FFFFB744AA0000000010" . (.Adobe Reader X (10.1.3) MUI.) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico
O90 - PUC: "7040BB568CC47CD459E2E3FEFD5006A2" . (.Nero Update.) -- C:\WINDOWS\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe
O90 - PUC: "86C7A848CDA03914A898C2AE875EA6C0" . (.Nero Express.) -- C:\WINDOWS\Installer\{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}\ARPPRODUCTICON.exe
O90 - PUC: "AE990CA2C1CCE4E4DBCF3035CD1FD30D" . (.Nero 12 Essentials OEM.a01.) -- C:\WINDOWS\Installer\{2AC099EA-CC1C-4E4E-BDFC-0353DCF13DD0}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "DE532CED4A8571542A874CE1D8EABAB3" . (.PowerDVD.) -- C:\Windows\Installer\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\ARPPRODUCTICON.exe
O90 - PUC: "FA0364E07BA0E0449A87A187CFF4349B" . (.Nero Launcher.) -- C:\WINDOWS\Installer\{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}\ARPPRODUCTICON.exe
~ Scan Files in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 04/04/2012 63928 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 21/02/2013 251248 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 13/07/2012 310952 |  (Amsp) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
SR - | Auto  920736 |  (asComSvc) . (...) - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
SR - | Auto 01/06/2012 951936 |  (asHmComSvc) . (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
SR - | Auto 17/02/2012 149120 |  (AsSysCtrlService) . (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
SR - | Auto 24/05/2011 1840128 |  (Fabs) . (.MAGIX AG.) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
SS - | Demand 26/04/2011 2702848 |  (FirebirdServerMAGIXInstance) . (.MAGIX®.) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
SR - | Auto 20/04/2012 635104 |  (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 25/06/2012 166720 |  (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 17/07/2012 277824 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Demand 16/02/2013 115608 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 14/07/2012 769432 |  (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 31/07/2012 891240 |  (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Demand 25/02/2013 543144 |  (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - | Auto 31/07/2012 382312 |  (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 17/07/2012 365376 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 06/07/2012 27792 |  (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\System32\viakaraokesrv.exe
SR - | Auto  0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 15/02/2013 23552 |  (Yontoo Desktop Updater) . (.Microsoft.) - C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
~ Scan Services in 00mn 01s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ Scan MBR in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Wizzou at 26/02/2013 13:03:37

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 04s



End of the scan (1417 lines in 03mn 14s)(0)