~ Rapport de ZHPDiag v2013.10.12.33 - Nicolas Coolman  (12/10/2013)
~ Lancé par Adrien (13/10/2013 10:23:24)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Traduit par Nicolas Coolman
~ Etat de la version : 
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16721

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : H2XRK
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Security Client v4.3.0215.0
Spybot - Search & Destroy v2.0.12
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v4.06 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Java 7 Update 21

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8103 MB (68% free)
System Restore: Activé (Enable)
System drive C: has 3 GB (7%) free of 37 GB

---\\ Mode de connexion au système
~ Computer Name: ADRIEN-PC-FIXE
~ User Name: Adrien
~ All Users Names: LogMeInRemoteUser, HomeGroupUser$, Adrien, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Adrien\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Adrien\AppData\Roaming\
~ %Desktop% : C:\Users\Adrien\Desktop\
~ %Favorites% : C:\Users\Adrien\Favorites\
~ %LocalAppData% : C:\Users\Adrien\AppData\Local\
~ %StartMenu% : C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 3 Go of 37 Go)
D: Hard drive, Flash drive, Thumb drive (Free 4 Go of 19 Go)
E: CD-ROM drive (Not Inserted)
F: Hard drive, Flash drive, Thumb drive (Free 253 Go of 488 Go)
G: Hard drive, Flash drive, Thumb drive (Free 0 Go of 443 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 35 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.D28B35DE88D27EFB27DF4B1E8319E3C0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/09/2013 - 23:55:10.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.314C17917AC8523EC77A710215012A65] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/09/2013 - 02:10:19.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes musiques (My Musics) : 1/10
~ Mes Favoris (My Favorites) : 1/48
~ Mes Documents (My Documents) : 1/55
~ Mon Bureau (My Desktop) : 5/709
~ Menu demarrer (Programs) : 1/28
~ Hidden Files:  Scanned in 00mn 00s



---\\ Processus lancés
[MD5.5FD0A7F1966B0FA55F39CFA38B82A4B2] - (.CANON INC. - Canon Advanced Printing Technology Printer.) -- C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.exe   [406944] [PID.3108]
[MD5.834D50E7B6890A87DEB8BD83773816F2] - (.CANON INC. - Canon Advanced Printing Technology Printer.) -- C:\Windows\system32\spool\DRIVERS\x64\3\CNAB7SWK.exe   [1021320] [PID.3256]
[MD5.C948AC73822CA662CF44185B909EA18B] - (.Microsoft Corporation - Microsoft Office Document Cache.) -- D:\Logiciels installés\Office Professionnel 2010\Office14\MSOSYNC.exe   [720064] [PID.3404]
[MD5.C3C077A40B42178B33A40E2D3D1BED3F] - (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe   [20133824] [PID.3428]
[MD5.C5B5552E5C1A0079C1F7313E7CC7707E] - (.Google - Google Calendar Sync.) -- D:\Logiciels installés\Google Calendar\Google Calendar Sync\GoogleCalendarSync.exe   [542264] [PID.3632]
[MD5.5658972765AF193BDC813197B5AA8C85] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Adrien\AppData\Roaming\Dropbox\bin\Dropbox.exe   [29768376] [PID.3888]
[MD5.B5A4EBA9487F08BECC843A87422B8052] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDTray.exe   [3825176] [PID.3896]
[MD5.C64E9B1C9EA057DCECDCB98F34377811] - (.Microsoft Corporation - Microsoft OneNote Quick Launcher.) -- D:\Logiciels installés\Office Professionnel 2010\Office14\ONENOTEM.exe   [228552] [PID.3908]
[MD5.C316AFAE719B1C1CE1B903673BC6A641] - (...) -- D:\Logiciels installés\17 - Logitech\SetPoint\x86\SetPoint32.exe   [77824] [PID.3920]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [253816] [PID.3928]
[MD5.0D3745CA2F064F2D6B6388C6AA5D3BC7] - (.Google Inc. - Google Chrome.) -- C:\Users\Adrien\AppData\Local\Google\Chrome\Application\chrome.exe   [844752] [PID.3948]
[MD5.C5F101D7E53AA530BB0496EB9556807C] - (.Nicolas Coolman - ZHPDiag.) -- D:\Logiciels installés\27 - ZHP Diag\ZHPDiag\ZHPDiag.exe   [8076288] [PID.4160]
[MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe   [55184] [PID.1336]
[MD5.206387AB881E93A1A6EB89966C8651F1] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDFSSvc.exe   [1103392] [PID.1692]
[MD5.A529CFE32565C0B145578FFB2B32C9A5] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDUpdSvc.exe   [1369624] [PID.1836]
[MD5.CB63BDB77BB86549FC3303C2F11EDC18] - (.Safer-Networking Ltd. - Windows Security Center integration..) -- D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDWSCSvc.exe   [168384] [PID.984]
[MD5.7F32D4C47A50E7223491E8FB9359907D] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe   [325656] [PID.1388]
[MD5.2C16648A12999AE69A9EBF41974B0BA2] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe   [2656280] [PID.2992]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.fr
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Chrome In-App Payments service v.0.0.4.11 (Activé)
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)
~ Google Browser: 12 Scanned in 00mn 23s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKLM] [adobe.com/AdobeAAMDetect] - (.Adobe Systems - A plugin to detect whether the Adobe Application Manager is installed.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Adrien\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Adrien\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [amazon.com/AmazonMP3DownloaderPlugin] - (.Amazon.com, Inc. - Amazon MP3 Downloader Plugin 1.0.17.) -- C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll
~ Firefox Browser: 7 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16521 (win8_gdr_soc_ie.130216-2100)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
~ IE Browser: 14 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 04s
~ Nombre de lignes (Lines number): 15475



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Spybot-S&D IE Protection [64Bits] - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer-Networking Ltd. - Blocks URLs that could install spyware, mal.) -- D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- D:\Logiciels installés\Office Professionnel 2010\Office14\GROOVEEX.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- D:\Logiciels installés\Office Professionnel 2010\Office14\URLREDIR.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
~ BHO: 7 Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Gercop Copropriété V2.lnk . (.Gercop - Informatique - Gercop - Copropriété.)  -- C:\Program Files (x86)\GERCOP\CoproV2\CoproV2.exe 
O4 - GS\Desktop [Public]: Guitar Pro 6.lnk . (...)  -- F:\4 - Logiciels Installés\Guitar Pro 6\GuitarPro.exe
O4 - GS\Desktop [Public]: iTunes.lnk . (.Apple Inc. - iTunes.)  -- D:\Logiciels installés\18 - Itunes\iTunes.exe 
O4 - GS\Desktop [Public]: mySongBook Player.lnk . (...)  -- F:\4 - Logiciels Installés\mySongBook Player\mySongBook.exe
O4 - GS\Desktop [Public]: QuickTime Player.lnk . (.Apple Inc. - QuickTime Player.)  -- D:\Logiciels installés\26 - Quicktime\QuickTimePlayer.exe  =>.Apple Inc
O4 - GS\Desktop [Public]: Sauvegarde Restauration GERCOP.lnk . (.GERCOP INFORMATIQUE - SAUVEGARDE - RESTAURATION.)  -- C:\Program Files (x86)\GERCOP\SauveRest\SauveRest.exe 
O4 - GS\Desktop [Public]: Spybot-S&D Start Center.lnk . (.Safer-Networking Ltd. - Start Center.)  -- D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDWelcome.exe 
O4 - GS\Desktop [Public]: Zune.lnk . (...)  -- C:\Program Files (x86)\Zune\Zune.exe (.not file.)
O4 - GS\Program [Public]: Adobe Application Manager.lnk . (.Adobe Systems Incorporated - Adobe Application Manager.)  -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe 
O4 - GS\Program [Public]: Apple Software Update.lnk . (...)  -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe  =>.Apple Inc
O4 - GS\Program [Public]: LogMeIn.lnk . (.LogMeIn, Inc. - LogMeIn Desktop Application.)  -- D:\Logiciels installés\23 - Logmein\x64\LogMeInToolkit.exe 
O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.)  -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Microsoft Security Essentials.lnk . (...)  -- C:\Program Files (x86)\Microsoft Security Client\msseces.exe (.not file.)
O4 - GS\Program [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets du Bureau Windows.)  -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Spybot-S&D Start Center.lnk . (.Safer-Networking Ltd. - Start Center.)  -- D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDWelcome.exe 
O4 - GS\Program [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Interface utilisateur de Mise à niveau expr.)  -- C:\Windows\system32\WindowsAnytimeUpgradeUI.exe 
O4 - GS\Program [Public]: Windows DVD Maker.lnk . (...)  -- C:\Program Files (x86)\DVD Maker\DVDMaker.exe (.not file.)
O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft  Windows Fax and Scan.)  -- C:\Windows\system32\WFS.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Mobile Device Center.lnk . (.Microsoft Corporation - Windows Mobile Device Center.)  -- C:\Windows\Installer\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}\wmdc.exe 
O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.)  -- C:\Windows\system32\xpsrchvw.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.)  -- C:\Windows\system32\calc.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.)  -- C:\Windows\system32\displayswitch.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Accessoire du panneau de saisie mathématiqu.)  -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.)  -- C:\Windows\system32\mblctr.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: NetworkProjection.lnk . (.Microsoft Corporation - Connect to a Network Projector.)  -- C:\Windows\system32\NetProj.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.)  -- C:\Windows\system32\mspaint.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.)  -- C:\Windows\system32\mstsc.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.)  -- C:\Windows\system32\SnippingTool.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.)  -- C:\Windows\system32\SoundRecorder.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.)  -- C:\Windows\system32\StikyNot.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.)  -- C:\Windows\System32\mobsync.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Mise en route.)  -- C:\Windows\system32\OobeFldr.dll  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.)  -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.)  -- C:\Windows\system32\charmap.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.)  -- C:\Windows\system32\dfrgui.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.)  -- C:\Windows\system32\cleanmgr.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.)  -- C:\Windows\system32\perfmon.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.)  -- C:\Windows\system32\msinfo32.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.)  -- C:\Windows\system32\rstrui.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...)  -- C:\Windows\system32\taskschd.msc
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.)  -- C:\Windows\system32\migwiz\postmig.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et paramè.)  -- C:\Windows\system32\migwiz\migwiz.exe  =>.Microsoft Corporation
O4 - GS\QuickLaunch [Adrien]: Glary Utilities.lnk . (.Glarysoft Ltd - Glary Utilities.)  -- D:\Logiciels installés\24 - Glary Utilities\Glary Utilities\Integrator.exe 
O4 - GS\QuickLaunch [Adrien]: Guitar Pro 6.lnk . (...)  -- F:\4 - Logiciels Installés\Guitar Pro 6\GuitarPro.exe
O4 - GS\QuickLaunch [Adrien]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\QuickLaunch [Adrien]: Light Image Resizer 4.lnk . (.ObviousIdea SARL - ImageResizer.)  -- D:\Logiciels installés\20 - Light Image Resizer\Image Resizer 4\Resize.exe 
O4 - GS\QuickLaunch [Adrien]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.)  -- D:\Logiciels installés\25 - Malware Bytes\Malwarebytes' Anti-Malware\mbam.exe 
O4 - GS\QuickLaunch [Adrien]: Microsoft Outlook.lnk . (.Microsoft Corporation - Microsoft Outlook.)  -- D:\Logiciels installés\Office Professionnel 2010\Office14\OUTLOOK.exe 
O4 - GS\QuickLaunch [Adrien]: mySongBook Player.lnk . (...)  -- F:\4 - Logiciels Installés\mySongBook Player\mySongBook.exe
O4 - GS\TaskBar [Adrien]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.)  -- C:\Windows\system32\calc.exe  =>.Microsoft Corporation
O4 - GS\TaskBar [Adrien]: Gercop Copropriété V2.lnk . (.Gercop - Informatique - Gercop - Copropriété.)  -- C:\Program Files (x86)\GERCOP\CoproV2\CoproV2.exe 
O4 - GS\TaskBar [Adrien]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Users\Adrien\AppData\Local\Google\Chrome\Application\chrome.exe 
O4 - GS\TaskBar [Adrien]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\TaskBar [Adrien]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.)  -- D:\Logiciels installés\25 - Malware Bytes\Malwarebytes' Anti-Malware\mbam.exe 
O4 - GS\TaskBar [Adrien]: Microsoft Excel 2010.lnk . (...)  -- C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
O4 - GS\TaskBar [Adrien]: Microsoft Outlook 2010.lnk . (...)  -- C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe
O4 - GS\TaskBar [Adrien]: Microsoft Word 2010.lnk . (...)  -- C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
O4 - GS\TaskBar [Adrien]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.)  -- C:\Windows\system32\notepad.exe  =>.Microsoft Corporation
O4 - GS\TaskBar [Adrien]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.)  -- C:\Windows\system32\StikyNot.exe  =>.Microsoft Corporation
O4 - GS\TaskBar [Adrien]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe  =>.Microsoft Corporation
O4 - GS\TaskBar [Adrien]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O4 - GS\Program [Adrien]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\Program [Adrien]: Spotify.lnk . (.Spotify Ltd - Spotify.)  -- C:\Users\Adrien\AppData\Roaming\Spotify\spotify.exe 
O4 - GS\Accessories [Adrien]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.)  -- C:\Windows\system32\cmd.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Adrien]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.)  -- C:\Windows\system32\notepad.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Adrien]: Run.lnk - Clé orpheline
O4 - GS\Accessories [Adrien]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Adrien]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\SystemTools [Adrien]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.)  -- C:\Windows\system32\eudcedit.exe  =>.Microsoft Corporation
O4 - GS\Desktop [Adrien]: 1 - Cabinet GESTADE - Drop Box.lnk . (...)  -- F:\Dropbox\Cabinet GESTADE 
O4 - GS\Desktop [Adrien]: 10 - Zune - Pellicule.lnk . (...)  -- F:\Dropbox\! Zune\À partir de HTC 7 Pro T7576 (2)\Pellicule 
O4 - GS\Desktop [Adrien]: 2 - ! Gestade Perso !.lnk . (...)  -- F:\Dropbox\! Gestade Perso ! 
O4 - GS\Desktop [Adrien]: 3 - PDFTKBuilder - Raccourci.lnk . (...)  -- D:\Logiciels installés\19 - PDF Fusion\PDFTK Builder\PDFTKBuilder.exe
O4 - GS\Desktop [Adrien]: 4 - Light Image Resizer.lnk . (.ObviousIdea SARL - ImageResizer.)  -- D:\Logiciels installés\20 - Light Image Resizer\Image Resizer 4\Resize.exe 
O4 - GS\Desktop [Adrien]: 5 - Prospection.lnk . (...)  -- F:\Dropbox\Prospection 
O4 - GS\Desktop [Adrien]: 6 - Scan Fujitsu.lnk . (...)  -- \\ADMIN-PC\Dropbox\Scan Fujitsu\Noir et Blanc - OCR 
O4 - GS\Desktop [Adrien]: 7 - Scan PC Compta - 2.lnk . (...)  -- \\ORDI-COMPTAB-2\Scan PC Compta - 2\Dropbox 
O4 - GS\Desktop [Adrien]: 8 - New Scans.lnk . (...)  -- F:\Scans 
O4 - GS\Desktop [Adrien]: 9 - MP3'S Made in Drop Box - Raccourci.lnk . (...)  -- F:\MP3'S Made in Drop Box 
O4 - GS\Desktop [Adrien]: Dropbox PC Mlle Perez.lnk . (...)  -- \\ADMIN-PC\Dropbox 
O4 - GS\Desktop [Adrien]: Gérance.lnk . (...)  -- C:\ps3\MENU27.exe
O4 - GS\Desktop [Adrien]: Microsoft Outlook 2010.lnk . (...)  -- C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe
O4 - GS\Desktop [Adrien]: Scans - PC1.lnk - Clé orpheline
O4 - GS\Desktop [Adrien]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.)  -- D:\Logiciels installés\27 - ZHP Diag\ZHPDiag\ZHPhep.exe  =>.Nicolas Coolman
O4 - GS\Desktop [Adrien]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.)  -- D:\Logiciels installés\27 - ZHP Diag\ZHPDiag\ZHPFix\ZHPhep.exe  =>.Nicolas Coolman
O4 - GS\TaskBar [Administrateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\TaskBar [Administrateur]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe  =>.Microsoft Corporation
O4 - GS\TaskBar [Administrateur]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O4 - GS\Program [Administrateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\Accessories [Administrateur]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.)  -- C:\Windows\system32\cmd.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Administrateur]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.)  -- C:\Windows\system32\notepad.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Administrateur]: Run.lnk - Clé orpheline
O4 - GS\Accessories [Administrateur]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Administrateur]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\SystemTools [Administrateur]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.)  -- C:\Windows\system32\eudcedit.exe  =>.Microsoft Corporation
~ Global Startup: 101 Scanned in 00mn 05s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: Canon LBP2900 Status Window.lnk . (.CANON INC. - Canon Advanced Printing Technology Printer.)  -- C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.exe  =>.Canon Inc
O4 - GS\Startup [Public]: Google Calendar Sync.lnk . (.Google - Google Calendar Sync.)  -- D:\Logiciels installés\Google Calendar\Google Calendar Sync\GoogleCalendarSync.exe 
O4 - GS\Startup [Public]: Logitech SetPoint.lnk . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).)  -- D:\Logiciels installés\17 - Logitech\SetPoint\SetPoint.exe 
O4 - GS\Startup [Adrien]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.)  -- C:\Users\Adrien\AppData\Roaming\Dropbox\bin\Dropbox.exe 
O4 - GS\Startup [Adrien]: OneNote 2010 - Capture d’écran et lancement.lnk . (.Microsoft Corporation - Microsoft OneNote Quick Launcher.)  -- D:\Logiciels installés\Office Professionnel 2010\Office14\ONENOTEM.exe  =>.Microsoft Corporation
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe  =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [CNAP2 Launcher] . (.CANON INC. - Canon Advanced Printing Technology Printer.) -- C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.exe  =>.Canon Inc
O4 - HKLM\..\Run: [Windows Mobile Device Center] . (.Microsoft Corporation - Gestionnaire pour appareils Windows Mobile.) -- C:\Windows\WindowsMobile\wmdc.exe 
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe 
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe 
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe 
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe 
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] . (.Logitech, Inc. - Logitech KHAL Main Process.) -- C:\Windows\KHALMNPR.exe 
O4 - HKLM\..\Run: [LogMeIn GUI] . (.LogMeIn, Inc. - LogMeIn Desktop Application.) -- D:\Logiciels installés\23 - Logmein\x64\LogMeInSystray.exe 
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Adrien\AppData\Local\Google\Update\GoogleUpdate.exe  =>.Google Inc
O4 - HKCU\..\Run: [CNAP2 Launcher] . (.CANON INC. - Canon Advanced Printing Technology Printer.) -- C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.exe  =>.Canon Inc
O4 - HKCU\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- D:\Logiciels installés\Office Professionnel 2010\Office14\MSOSYNC.exe 
O4 - HKCU\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe 
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe  =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- D:\Logiciels installés\Office Professionnel 2010\Office14\BCSSync.exe  =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDTray.exe 
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe  =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- D:\Logiciels installés\26 - Quicktime\QTTask.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1665733596-3821526926-772604731-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Adrien\AppData\Local\Google\Update\GoogleUpdate.exe  =>.Google Inc
O4 - HKUS\S-1-5-21-1665733596-3821526926-772604731-1000\..\Run: [CNAP2 Launcher] . (.CANON INC. - Canon Advanced Printing Technology Printer.) -- C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.exe  =>.Canon Inc
O4 - HKUS\S-1-5-21-1665733596-3821526926-772604731-1000\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- D:\Logiciels installés\Office Professionnel 2010\Office14\MSOSYNC.exe 
O4 - HKUS\S-1-5-21-1665733596-3821526926-772604731-1000\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe 
O4 - HKUS\S-1-5-21-1665733596-3821526926-772604731-1000\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe  =>.Microsoft Corporation
~ Application:  Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~1\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~1\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Winsock: 7 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7312ED58-2E9B-4E5A-A7AC-AB98556E02E4}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{7312ED58-2E9B-4E5A-A7AC-AB98556E02E4}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{7312ED58-2E9B-4E5A-A7AC-AB98556E02E4}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  =>.Google Inc
O23 - Service: LMIGuardianSvc (LMIGuardianSvc) . (.LogMeIn, Inc. - LMIGuardianSvc.) - D:\Logiciels installés\23 - Logmein\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) . (.LogMeIn, Inc. - LogMeIn Maintenance Service.) - D:\Logiciels installés\23 - Logmein\x64\RaMaint.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LogMeIn (LogMeIn) . (.LogMeIn, Inc. - LogMeIn.) - D:\Logiciels installés\23 - Logmein\x64\LogMeIn.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
~ Services: 11 Scanned in 00mn 02s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk * ) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Adobe Flash Player Updater.job   [1002]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GlaryInitialize.job   [368]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job   [1064]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1068]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1665733596-3821526926-772604731-1000Core.job   [1030]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1665733596-3821526926-772604731-1000UA.job   [1082]
[MD5.A283108E14F3970432C21AF4C0CB1BCE] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe   [257416]
[MD5.22621F4BC16C5C47E76E40F251F0CC79] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe   [3905304]  =>Piriform Ltd
[MD5.00000000000000000000000000000000] [APT] [GlaryInitialize] (...) -- D:\Logiciels install‚s\24 - Glary Utilities\Glary Utilities\initialize.exe (.not file.)   [0]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [116648]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1665733596-3821526926-772604731-1000Core] (.Google Inc..) -- C:\Users\Adrien\AppData\Local\Google\Update\GoogleUpdate.exe   [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1665733596-3821526926-772604731-1000UA] (.Google Inc..) -- C:\Users\Adrien\AppData\Local\Google\Update\GoogleUpdate.exe   [136176]
[MD5.00000000000000000000000000000000] [APT] [Check for updates] (...) -- D:\Logiciels install‚s\21 - Spybot\Spybot - Search & Destroy 2\SDUpdate.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [Refresh immunization] (...) -- D:\Logiciels install‚s\21 - Spybot\Spybot - Search & Destroy 2\SDImmunize.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [Scan the system] (...) -- D:\Logiciels install‚s\21 - Spybot\Spybot - Search & Destroy 2\SDScan.exe (.not file.)   [0]
~ Scheduled Task: 17 Scanned in 00mn 02s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll  =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe  =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe  =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver:  (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver:  (Serial) . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver:  (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 63 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.20 (x64 edition) - (.Igor Pavlov.) [HKLM][64Bits] -- {23170F69-40C1-2702-0920-000001000000}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe SVG Viewer - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe SVG Viewer
O42 - Logiciel: Amazon MP3 Downloader 1.0.17 - (.Amazon Services LLC.) [HKLM][64Bits] -- Amazon MP3 Downloader
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {CCE825DB-347A-4004-A186-5F4A6FDD8547}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {D70884EA-E2CE-4539-91DB-4766CC1E5F5F}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}  =>.Apple Inc
O42 - Logiciel: Asmedia ASM104x USB 3.0 Host Controller Driver - (.Asmedia Technology.) [HKLM][64Bits] -- {E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Bullzip PDF Printer 7.2.0.1320 - (.Bullzip.) [HKLM][64Bits] -- Bullzip PDF Printer_is1
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>Piriform Ltd
O42 - Logiciel: CDDRV_Installer - (.Logitech.) [HKLM][64Bits] -- {0C826C5B-B131-423A-A229-C71B3CACCD6A}
O42 - Logiciel: CDex - Open Source Digital Audio CD Extractor - (.Georgy Berdyshev.) [HKLM][64Bits] -- CDex
O42 - Logiciel: Canon LBP2900 - (...) [HKLM][64Bits] -- Canon LBP2900
O42 - Logiciel: Canon LBP3310 - (...) [HKLM][64Bits] -- Canon LBP3310
O42 - Logiciel: Cisco WebEx Meetings - (.Cisco WebEx LLC.) [HKLM][64Bits] -- ActiveTouchMeetingClient
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU][64Bits] -- Dropbox
O42 - Logiciel: Foxit Reader - (.Foxit Corporation.) [HKLM][64Bits] -- Foxit Reader_is1
O42 - Logiciel: Gercop Copropriété V2 - (.GERCOP INFORMATIQUE.) [HKLM][64Bits] -- {5BD10CF5-FE56-4D3E-8B21-6686A3BDC5FB}
O42 - Logiciel: Gestionnaire pour appareils Windows Mobile - (.Microsoft Corporation.) [HKLM][64Bits] -- {626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}
O42 - Logiciel: Glary Utilities 2.56.0.1822 - (.Glarysoft Ltd.) [HKLM][64Bits] -- Glary Utilities_is1
O42 - Logiciel: Google Calendar Sync - (...) [HKLM][64Bits] -- Google Calendar Sync
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {192A227B-A8C8-4C6D-B939-21FAEB007E1E}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Guitar Pro 6 - (.Arobas Music.) [HKLM][64Bits] -- {14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Java 7 Update 21 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217021FF}
O42 - Logiciel: KhalInstallWrapper - (.Logitech.) [HKLM][64Bits] -- {F3F18612-7B5D-4C05-86C9-AB50F6F71727}
O42 - Logiciel: Light Image Resizer 4.4.1.4 - (.ObviousIdea.) [HKLM][64Bits] -- {EBE030DD-D404-4D92-85E9-8C3624820808}_is1
O42 - Logiciel: LogMeIn - (.LogMeIn, Inc..) [HKLM][64Bits] -- {CB7AF84A-1B7F-4C6B-8A58-EB7CDE48C23A}
O42 - Logiciel: Logique - Windows system - PS/4 - (.LOGIQUE SAS.) [HKLM][64Bits] -- {61C2B821-5610-4648-9989-6348E67FA77A}
O42 - Logiciel: Logitech SetPoint - (.Logitech.) [HKLM][64Bits] -- {F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {27726449-83B8-428D-92DE-101346C1E15C}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Outils Gercop - (.Gercop.) [HKLM][64Bits] -- {CB1E9957-8E7B-4EC6-BF59-6F7046D26B4F}
O42 - Logiciel: PDFTK Builder 3.5.3 - (...) [HKLM][64Bits] -- PDFTK Builder_is1
O42 - Logiciel: PeaZip 4.7.2 - (.Giorgio Tani.) [HKLM][64Bits] -- {5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {7BE15435-2D3E-4B58-867F-9C75BED0208C}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Sauvegarde Restauration GERCOP - (.GERCOP INFORMATIQUE.) [HKLM][64Bits] -- {2B499A8E-8FD8-4BAC-AB7D-162EB988EC3A}
O42 - Logiciel: Spotify - (.Spotify AB.) [HKCU][64Bits] -- Spotify
O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1
O42 - Logiciel: Windows Mobile Device Updater Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {F2CB8C3C-9C9E-4FAB-9067-655601C5F748}
O42 - Logiciel: Zune - (.Microsoft Corporation.) [HKLM][64Bits] -- Zune
O42 - Logiciel: Zune - (.Microsoft Corporation.) [HKLM][64Bits] -- {9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}
O42 - Logiciel: Zune Language Pack (CHS) - (.Microsoft Corporation.) [HKLM][64Bits] -- {2A9DFFD8-4E09-4B91-B957-454805B0D7C4}
O42 - Logiciel: Zune Language Pack (CHT) - (.Microsoft Corporation.) [HKLM][64Bits] -- {A5A53EA8-A11E-49F0-BDF5-AE536426A31A}
O42 - Logiciel: Zune Language Pack (CSY) - (.Microsoft Corporation.) [HKLM][64Bits] -- {A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}
O42 - Logiciel: Zune Language Pack (DAN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8B112338-2B08-4851-AF84-E7CAD74CEB32}
O42 - Logiciel: Zune Language Pack (DEU) - (.Microsoft Corporation.) [HKLM][64Bits] -- {BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}
O42 - Logiciel: Zune Language Pack (ELL) - (.Microsoft Corporation.) [HKLM][64Bits] -- {3589A659-F732-4E65-A89A-5438C332E59D}
O42 - Logiciel: Zune Language Pack (ESP) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6B33492E-FBBC-4EC3-8738-09E16E395A10}
O42 - Logiciel: Zune Language Pack (FIN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {B4870774-5F3A-46D9-9DFE-06FB5599E26B}
O42 - Logiciel: Zune Language Pack (FRA) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C68D33B1-0204-4EBE-BC45-A6E432B1D13A}
O42 - Logiciel: Zune Language Pack (HUN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C6BE19C6-B102-4038-B2A6-1C313872DBB4}
O42 - Logiciel: Zune Language Pack (IND) - (.Microsoft Corporation.) [HKLM][64Bits] -- {92ECE3F9-591E-4C12-8A62-B9FCE38BF646}
O42 - Logiciel: Zune Language Pack (ITA) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C5D37FFA-7483-410B-982B-91E93FD3B7DA}
O42 - Logiciel: Zune Language Pack (JPN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {D8A781C9-3892-4E2E-9320-480CF896CFBB}
O42 - Logiciel: Zune Language Pack (KOR) - (.Microsoft Corporation.) [HKLM][64Bits] -- {51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}
O42 - Logiciel: Zune Language Pack (MSL) - (.Microsoft Corporation.) [HKLM][64Bits] -- {76BA306B-2AA0-47C0-AB6B-F313AB56C136}
O42 - Logiciel: Zune Language Pack (NLD) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6740BCB0-5863-47F4-80F4-44F394DE4FE2}
O42 - Logiciel: Zune Language Pack (NOR) - (.Microsoft Corporation.) [HKLM][64Bits] -- {5DEFD397-4012-46C3-B6DA-E8013E660772}
O42 - Logiciel: Zune Language Pack (PLK) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8960A0A1-BB5A-479E-92CF-65AB9D684B43}
O42 - Logiciel: Zune Language Pack (PTB) - (.Microsoft Corporation.) [HKLM][64Bits] -- {07EEE598-5F21-4B57-B40B-46592625B3D9}
O42 - Logiciel: Zune Language Pack (PTG) - (.Microsoft Corporation.) [HKLM][64Bits] -- {5C93E291-A1CC-4E51-85C6-E194209FCDB4}
O42 - Logiciel: Zune Language Pack (RUS) - (.Microsoft Corporation.) [HKLM][64Bits] -- {57C51D56-B287-4C11-9192-EC3C46EF76A4}
O42 - Logiciel: Zune Language Pack (SVE) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6EB931CD-A7DA-4A44-B74A-89C8EB50086F}
O42 - Logiciel: erLT - (.Logitech, Inc..) [HKLM][64Bits] -- {A498D9EB-927B-459B-85D6-DD6EF8C2C564}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {0E5D76AD-A3FB-48D5-8400-8903B10317D3}
O42 - Logiciel: mySongBook Player - (.Arobas Music.) [HKLM][64Bits] -- {42F6B687-F7B1-41A8-87CB-043FBBE4621D}_is1
~ Logic: 119 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\APN PIP]
[HKCU\Software\ASUS]
[HKCU\Software\Adobe]
[HKCU\Software\Amazon]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Arobas Music]
[HKCU\Software\Canon]
[HKCU\Software\Carbonite]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CompanionLink]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Foxit Software]
[HKCU\Software\GERCOP LOGIQUE]
[HKCU\Software\Gercop]
[HKCU\Software\GlarySoft]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Leadertech]
[HKCU\Software\LogMeIn]
[HKCU\Software\LogiShrd]
[HKCU\Software\Logitech]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MarineCat]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\ObviousIdea]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PowerPack]
[HKCU\Software\RealVNC]
[HKCU\Software\Realtek]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Seagate Software]
[HKCU\Software\TeamViewer]
[HKCU\Software\WebEx]
[HKCU\Software\Wow6432Node]
[HKLM\Software\7-Zip]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Bullzip]
[HKLM\Software\CBSTEST]
[HKLM\Software\Canon]
[HKLM\Software\Carbonite]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\GEAR Software]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Intel]
[HKLM\Software\Knowles]
[HKLM\Software\LogMeIn, Inc.]
[HKLM\Software\LogMeIn]
[HKLM\Software\Logishrd]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\RealVNC]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sonic]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\ActiveTouch]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\Amazon]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Borland]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Foxit Software]
[HKLM\Software\Wow6432Node\GlarySoft]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Kodak]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\ObviousIdea]
[HKLM\Software\Wow6432Node\OldTimer Tools]
[HKLM\Software\Wow6432Node\PIP]
[HKLM\Software\Wow6432Node\PeaZip]
[HKLM\Software\Wow6432Node\PeaZip_additional]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Safer Networking Limited]
[HKLM\Software\Wow6432Node\TeamViewer]
[HKLM\Software\Wow6432Node\WebEx]
[HKLM\Software\Wow6432Node]
~ Key Software: 159 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/11/2012 - 15:31:14 - [6,059] ----D C:\Program Files (x86)\Amazon
O43 - CFD: 27/12/2012 - 21:58:10 - [2,316] ----D C:\Program Files (x86)\Apple Software Update  =>.Apple Inc
O43 - CFD: 05/12/2011 - 16:33:58 - [2,269] ----D C:\Program Files (x86)\ASM104xUSB3
O43 - CFD: 27/12/2012 - 21:57:51 - [0,602] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 29/05/2013 - 18:10:01 - [522,999] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 22/09/2013 - 14:08:25 - [185,391] ----D C:\Program Files (x86)\GERCOP
O43 - CFD: 14/10/2012 - 21:04:14 - [68,138] ----D C:\Program Files (x86)\Google
O43 - CFD: 26/12/2012 - 14:05:53 - [17,427] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 05/12/2011 - 16:33:26 - [13,357] ----D C:\Program Files (x86)\Intel
O43 - CFD: 10/10/2013 - 03:23:11 - [4,885] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 29/05/2013 - 18:09:52 - [123,219] ----D C:\Program Files (x86)\Java
O43 - CFD: 05/12/2011 - 16:51:34 - [38,002] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 05/12/2011 - 16:55:40 - [0,012] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 01/08/2013 - 14:35:59 - [1,500] ----D C:\Program Files (x86)\Microsoft Security Client
O43 - CFD: 10/10/2013 - 03:05:00 - [40,851] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 05/12/2011 - 16:54:05 - [1,722] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 05/12/2011 - 16:54:05 - [0,757] ----D C:\Program Files (x86)\Microsoft Sync Framework
O43 - CFD: 05/12/2011 - 16:54:14 - [0,312] ----D C:\Program Files (x86)\Microsoft Synchronization Services
O43 - CFD: 05/12/2011 - 16:52:09 - [1,314] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 06/12/2011 - 15:36:51 - [7,789] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 05/12/2011 - 16:54:23 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 05/12/2011 - 16:30:47 - [5,682] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [37,357] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 05/12/2011 - 16:30:23 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 12/07/2013 - 03:22:42 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 12/04/2011 - 11:16:36 - [5,895] ----D C:\Program Files (x86)\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - 11:16:36 - [4,791] ----D C:\Program Files (x86)\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 12/04/2011 - 11:16:36 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2010 - 05:31:38 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 12/04/2011 - 11:16:36 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 28/12/2011 - 19:26:26 - [3,893] ----D C:\Program Files (x86)\Your Company Name
O43 - CFD: 14/06/2013 - 16:27:01 - [142,378] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 27/12/2012 - 21:58:20 - [105,341] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 06/12/2011 - 11:11:50 - [7,804] ----D C:\Program Files (x86)\Common Files\Borland Shared
O43 - CFD: 05/12/2011 - 16:54:14 - [0,095] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 05/12/2011 - 16:29:34 - [2,009] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 05/12/2011 - 16:32:51 - [13,585] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 29/05/2013 - 18:10:01 - [1,189] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 26/12/2012 - 14:06:16 - [1,847] ----D C:\Program Files (x86)\Common Files\LogiShrd
O43 - CFD: 12/09/2013 - 19:27:21 - [199,040] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 05/12/2011 - 16:33:27 - [0,155] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 16/11/2012 - 04:00:32 - [10,355] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 22/04/2012 - 16:37:52 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 27/12/2012 - 21:58:32 - [2,774] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 24/05/2013 - 02:55:49 - [0,002] ----D C:\ProgramData\abelhadigital.com
O43 - CFD: 12/06/2013 - 13:54:39 - [0] ----D C:\ProgramData\Adobe
O43 - CFD: 27/12/2012 - 21:58:08 - [36,737] ----D C:\ProgramData\Apple
O43 - CFD: 27/12/2012 - 21:58:20 - [82,816] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 05/12/2011 - 16:16:38 - [0] -SH-D C:\ProgramData\Bureau
O43 - CFD: 05/12/2011 - 19:51:20 - [19,798] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 02/08/2013 - 01:58:36 - [0] --H-D C:\ProgramData\CanonIJFax
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 05/12/2011 - 16:16:38 - [0] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Favorites
O43 - CFD: 23/01/2013 - 17:37:54 - [0] ----D C:\ProgramData\Guitar Pro 6
O43 - CFD: 26/12/2012 - 14:06:44 - [0,001] ----D C:\ProgramData\LogiShrd
O43 - CFD: 26/12/2012 - 14:07:23 - [27,747] ----D C:\ProgramData\Logitech
O43 - CFD: 13/10/2013 - 10:15:09 - [0,016] ----D C:\ProgramData\LogMeIn
O43 - CFD: 28/07/2013 - 10:02:53 - [6,205] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 25/02/2013 - 19:43:28 - [0] ----D C:\ProgramData\McAfee
O43 - CFD: 05/12/2011 - 16:16:38 - [0] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 21/05/2013 - 10:02:45 - [1455,127] -S--D C:\ProgramData\Microsoft
O43 - CFD: 10/10/2013 - 03:07:39 - [0,351] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 05/12/2011 - 16:16:38 - [0] -SH-D C:\ProgramData\Modèles
O43 - CFD: 24/01/2013 - 23:43:57 - [0] ----D C:\ProgramData\mySongBook Player
O43 - CFD: 05/12/2011 - 21:41:45 - [0] ----D C:\ProgramData\PDF Writer
O43 - CFD: 22/05/2013 - 10:57:52 - [0,268] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 25/10/2012 - 14:50:22 - [0] ----D C:\ProgramData\Sun
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Templates
O43 - CFD: 29/05/2013 - 18:11:16 - [34,612] ----D C:\ProgramData\WebEx
O43 - CFD: 06/12/2011 - 12:52:29 - [0,002] ----D C:\ProgramData\Windows Genuine Advantage
O43 - CFD: 24/05/2013 - 02:55:49 - [0] ----D C:\Users\Adrien\AppData\Roaming\abelhadigital.com
O43 - CFD: 02/08/2012 - 09:28:43 - [4,250] ----D C:\Users\Adrien\AppData\Roaming\Adobe
O43 - CFD: 22/11/2012 - 15:31:29 - [0,010] ----D C:\Users\Adrien\AppData\Roaming\Amazon
O43 - CFD: 27/12/2012 - 23:57:50 - [0,177] ----D C:\Users\Adrien\AppData\Roaming\Apple Computer
O43 - CFD: 13/12/2011 - 10:47:36 - [0,018] ----D C:\Users\Adrien\AppData\Roaming\CompanionLink
O43 - CFD: 13/10/2013 - 10:22:46 - [799,858] ----D C:\Users\Adrien\AppData\Roaming\Dropbox
O43 - CFD: 03/04/2012 - 10:25:35 - [112,549] ----D C:\Users\Adrien\AppData\Roaming\Foxit Software
O43 - CFD: 16/01/2013 - 22:23:37 - [0,002] ----D C:\Users\Adrien\AppData\Roaming\Gercop
O43 - CFD: 28/07/2013 - 09:51:37 - [0,097] ----D C:\Users\Adrien\AppData\Roaming\Glarysoft
O43 - CFD: 14/12/2011 - 11:35:26 - [0,009] ----D C:\Users\Adrien\AppData\Roaming\gSyncit
O43 - CFD: 23/01/2013 - 17:37:57 - [0,035] ----D C:\Users\Adrien\AppData\Roaming\Guitar Pro 6
O43 - CFD: 05/12/2011 - 16:16:44 - [0] ----D C:\Users\Adrien\AppData\Roaming\Identities
O43 - CFD: 05/12/2011 - 16:33:21 - [0] ----D C:\Users\Adrien\AppData\Roaming\InstallShield
O43 - CFD: 09/05/2012 - 18:04:08 - [0] ----D C:\Users\Adrien\AppData\Roaming\Leadertech
O43 - CFD: 26/12/2012 - 14:07:23 - [0,039] ----D C:\Users\Adrien\AppData\Roaming\Logitech
O43 - CFD: 05/12/2011 - 19:18:38 - [0,001] ----D C:\Users\Adrien\AppData\Roaming\Macromedia
O43 - CFD: 28/07/2013 - 10:04:34 - [3,102] ----D C:\Users\Adrien\AppData\Roaming\Malwarebytes
O43 - CFD: 12/04/2011 - 11:28:08 - [0] ----D C:\Users\Adrien\AppData\Roaming\Media Center Programs
O43 - CFD: 08/09/2013 - 17:20:08 - [38,462] -S--D C:\Users\Adrien\AppData\Roaming\Microsoft
O43 - CFD: 24/01/2013 - 23:43:58 - [0,016] ----D C:\Users\Adrien\AppData\Roaming\mySongBook Player
O43 - CFD: 29/08/2013 - 10:26:25 - [0,080] ----D C:\Users\Adrien\AppData\Roaming\ObviousIdea
O43 - CFD: 05/12/2011 - 21:41:45 - [0] ----D C:\Users\Adrien\AppData\Roaming\PDF Writer
O43 - CFD: 14/10/2012 - 14:02:19 - [0,006] ----D C:\Users\Adrien\AppData\Roaming\PeaZip
O43 - CFD: 19/06/2012 - 11:05:14 - [0,002] ----D C:\Users\Adrien\AppData\Roaming\RealVNC
O43 - CFD: 06/02/2013 - 11:48:31 - [43,222] ----D C:\Users\Adrien\AppData\Roaming\Spotify
O43 - CFD: 11/10/2013 - 12:13:20 - [1,092] ----D C:\Users\Adrien\AppData\Roaming\TeamViewer
O43 - CFD: 29/05/2013 - 18:11:21 - [0,006] ----D C:\Users\Adrien\AppData\Roaming\webex
O43 - CFD: 13/10/2013 - 10:24:10 - [0,444] ----D C:\Users\Adrien\AppData\Roaming\ZHP  =>.Nicolas Coolman
O43 - CFD: 28/07/2013 - 09:39:03 - [0,328] ----D C:\Users\Adrien\AppData\Local\Adobe
O43 - CFD: 27/12/2012 - 21:58:11 - [0] ----D C:\Users\Adrien\AppData\Local\Apple
O43 - CFD: 27/12/2012 - 21:58:39 - [67,940] ----D C:\Users\Adrien\AppData\Local\Apple Computer
O43 - CFD: 05/12/2011 - 16:16:41 - [0] -SH-D C:\Users\Adrien\AppData\Local\Application Data
O43 - CFD: 05/12/2011 - 19:11:17 - [1,245] ----D C:\Users\Adrien\AppData\Local\Apps
O43 - CFD: 05/12/2011 - 19:11:25 - [0] ----D C:\Users\Adrien\AppData\Local\Deployment
O43 - CFD: 24/09/2013 - 14:03:30 - [0] ----D C:\Users\Adrien\AppData\Local\ElevatedDiagnostics
O43 - CFD: 11/11/2012 - 21:27:18 - [1,542] ----D C:\Users\Adrien\AppData\Local\fontconfig
O43 - CFD: 11/11/2012 - 21:27:18 - [0,001] ----D C:\Users\Adrien\AppData\Local\gegl-0.2
O43 - CFD: 14/10/2012 - 21:04:14 - [589,818] ----D C:\Users\Adrien\AppData\Local\Google
O43 - CFD: 05/12/2011 - 16:16:41 - [0] -SH-D C:\Users\Adrien\AppData\Local\Historique
O43 - CFD: 09/06/2013 - 23:36:29 - [0] ----D C:\Users\Adrien\AppData\Local\LogMeIn
O43 - CFD: 25/10/2012 - 19:17:12 - [1357,797] ----D C:\Users\Adrien\AppData\Local\Microsoft
O43 - CFD: 05/12/2011 - 16:51:32 - [0] ----D C:\Users\Adrien\AppData\Local\Microsoft Help
O43 - CFD: 05/12/2011 - 21:41:45 - [0] ----D C:\Users\Adrien\AppData\Local\PDF Writer
O43 - CFD: 21/05/2013 - 10:01:29 - [0] ----D C:\Users\Adrien\AppData\Local\Programs
O43 - CFD: 04/02/2013 - 20:33:31 - [65,200] ----D C:\Users\Adrien\AppData\Local\Spotify
O43 - CFD: 13/10/2013 - 10:24:09 - [54,229] ----D C:\Users\Adrien\AppData\Local\Temp
O43 - CFD: 05/12/2011 - 16:16:41 - [0] -SH-D C:\Users\Adrien\AppData\Local\Temporary Internet Files
O43 - CFD: 05/12/2011 - 16:16:43 - [0] ----D C:\Users\Adrien\AppData\Local\VirtualStore
O43 - CFD: 02/12/2012 - 15:59:28 - [0,017] ----D C:\Users\Adrien\AppData\Local\webkit
O43 - CFD: 17/08/2012 - 09:08:34 - [0,031] ----D C:\Users\Adrien\AppData\Local\Windows Live
O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 13/09/2013 - 10:31:54 - [0] R---D C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 11/10/2013 - 10:35:24 - [0,001] ----D C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 12/01/2013 - 23:38:17 - [0,002] ----D C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 18/12/2011 - 20:24:26 - [0] ----D C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LOGIQUE PS-4
O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 11/10/2013 - 10:35:29 - [0,002] R---D C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ 256 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 391 Scanned in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.280E90CBF4B2DDD169F0728CB44D726F] - 09/10/2013 - 08:24:17 ---A- . (.Microsoft Corporation - Default Hub Driver for USB.) -- C:\Windows\System32\Drivers\usbhub.sys   [343040]
O44 - LFC:[MD5.311C1DD1088E55BEAE15954D17F50646] - 09/10/2013 - 08:24:17 ---A- . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) -- C:\Windows\System32\Drivers\usbehci.sys   [52736]
O44 - LFC:[MD5.56661BB55AE4633677F846FFCD080ECA] - 09/10/2013 - 08:24:17 ---A- . (.Microsoft Corporation - Nettoyage de la mise à jour.) -- C:\Windows\SysNative\scavengeui.dll   [461312]
O44 - LFC:[MD5.56661BB55AE4633677F846FFCD080ECA] - 09/10/2013 - 08:24:17 ---A- . (.Microsoft Corporation - Nettoyage de la mise à jour.) -- C:\Windows\System32\scavengeui.dll   [461312]
O44 - LFC:[MD5.9406D801042FAF859CF81B2C886413DC] - 09/10/2013 - 08:24:17 ---A- . (.Microsoft Corporation - OHCI USB Miniport Driver.) -- C:\Windows\System32\Drivers\usbohci.sys   [25600]
O44 - LFC:[MD5.E73A7A04FDAC9DD46EE2A4257F09E91C] - 09/10/2013 - 08:24:17 ---A- . (.Microsoft Corporation - Pilote de port USB 1.1 & 2.0.) -- C:\Windows\System32\Drivers\usbport.sys   [325120]
O44 - LFC:[MD5.A83D0EC9AE4C31704442099D40BA2471] - 09/10/2013 - 08:24:17 ---A- . (.Microsoft Corporation - UHCI USB Miniport Driver.) -- C:\Windows\System32\Drivers\usbuhci.sys   [30720]
O44 - LFC:[MD5.ACCEA6BC68D0C9A78EB97EE159028B4E] - 09/10/2013 - 08:24:17 ---A- . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) -- C:\Windows\System32\Drivers\usbccgp.sys   [99840]
O44 - LFC:[MD5.861C197502A5057E68F0AC75D9EFCDD7] - 09/10/2013 - 08:24:17 ---A- . (.Microsoft Corporation - Universal Serial Bus Driver.) -- C:\Windows\System32\Drivers\usbd.sys   [7808]
O44 - LFC:[MD5.88612F1CE3BF42256913BF6E61C70D52] - 09/10/2013 - 08:24:18 ---A- . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys   [983488]
O44 - LFC:[MD5.764DF431D13537A575752009E7740F18] - 09/10/2013 - 08:24:18 ---A- . (.Microsoft Corporation - WinFX OpenType/CFF Rasterizer.) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll   [124112]
O44 - LFC:[MD5.764DF431D13537A575752009E7740F18] - 09/10/2013 - 08:24:18 ---A- . (.Microsoft Corporation - WinFX OpenType/CFF Rasterizer.) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll   [124112]
O44 - LFC:[MD5.70833F5A59F65908698093889C34BCA2] - 09/10/2013 - 08:24:21 ---A- . (.Microsoft Corporation - Win32 Emulation on NT64.) -- C:\Windows\SysNative\wow64.dll   [243712]
O44 - LFC:[MD5.70833F5A59F65908698093889C34BCA2] - 09/10/2013 - 08:24:21 ---A- . (.Microsoft Corporation - Win32 Emulation on NT64.) -- C:\Windows\System32\wow64.dll   [243712]
O44 - LFC:[MD5.A3FCC4F97551087D65F8FEE879FEF736] - 09/10/2013 - 08:24:22 ---A- . (.Microsoft Corporation - Bibliothèque de l’application auxiliaire de.) -- C:\Windows\SysNative\tdh.dll   [859648]
O44 - LFC:[MD5.A3FCC4F97551087D65F8FEE879FEF736] - 09/10/2013 - 08:24:22 ---A- . (.Microsoft Corporation - Bibliothèque de l’application auxiliaire de.) -- C:\Windows\System32\tdh.dll   [859648]
O44 - LFC:[MD5.CAAAC014C5C56A69F710B5F1B836DE22] - 09/10/2013 - 08:24:22 ---A- . (.Microsoft Corporation - DLL Couche NT.) -- C:\Windows\SysNative\ntdll.dll   [1732032]
O44 - LFC:[MD5.CAAAC014C5C56A69F710B5F1B836DE22] - 09/10/2013 - 08:24:22 ---A- . (.Microsoft Corporation - DLL Couche NT.) -- C:\Windows\System32\ntdll.dll   [1732032]
O44 - LFC:[MD5.63A580C88CFAF72A92550940054569EF] - 09/10/2013 - 08:24:23 ---A- . (.Microsoft Corporation - API avancées Windows 32.) -- C:\Windows\SysNative\advapi32.dll   [878080]
O44 - LFC:[MD5.63A580C88CFAF72A92550940054569EF] - 09/10/2013 - 08:24:23 ---A- . (.Microsoft Corporation - API avancées Windows 32.) -- C:\Windows\System32\advapi32.dll   [878080]
O44 - LFC:[MD5.314C17917AC8523EC77A710215012A65] - 09/10/2013 - 08:24:23 ---A- . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\Drivers\afd.sys   [497152]
O44 - LFC:[MD5.9A9F9F1A77D6A80EE28B57664F00013E] - 09/10/2013 - 08:24:23 ---A- . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Micro.) -- C:\Windows\SysNative\mswsock.dll   [327168]
O44 - LFC:[MD5.9A9F9F1A77D6A80EE28B57664F00013E] - 09/10/2013 - 08:24:23 ---A- . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Micro.) -- C:\Windows\System32\mswsock.dll   [327168]
O44 - LFC:[MD5.5B9A6A310326D9C438F2C19FBBE97C97] - 09/10/2013 - 08:24:23 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\SysNative\ntoskrnl.exe   [5549504]
O44 - LFC:[MD5.5B9A6A310326D9C438F2C19FBBE97C97] - 09/10/2013 - 08:24:23 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe   [5549504]
O44 - LFC:[MD5.19320B121BFE7462EADD50A42C81AFD0] - 09/10/2013 - 08:24:23 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\SysNative\win32k.sys   [3155968]
O44 - LFC:[MD5.19320B121BFE7462EADD50A42C81AFD0] - 09/10/2013 - 08:24:23 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys   [3155968]
O44 - LFC:[MD5.0EB0E5D22B1760F2DBCE632F2DD7A54D] - 09/10/2013 - 08:24:24 ---A- . (.Microsoft Corporation - Fichier DLL du service DAV pour le Web.) -- C:\Windows\SysNative\WebClnt.dll   [259584]
O44 - LFC:[MD5.0EB0E5D22B1760F2DBCE632F2DD7A54D] - 09/10/2013 - 08:24:24 ---A- . (.Microsoft Corporation - Fichier DLL du service DAV pour le Web.) -- C:\Windows\System32\WebClnt.dll   [259584]
O44 - LFC:[MD5.597C3699384E53CC59587ED50CCE5CA2] - 09/10/2013 - 08:24:24 ---A- . (.Microsoft Corporation - Hid Class Library.) -- C:\Windows\System32\Drivers\hidclass.sys   [76800]
O44 - LFC:[MD5.856E76B3641746ABBC2946BED1372098] - 09/10/2013 - 08:24:24 ---A- . (.Microsoft Corporation - Hid Parsing Library.) -- C:\Windows\System32\Drivers\hidparse.sys   [32896]
O44 - LFC:[MD5.40AF23633D197905F03AB5628C558C51] - 09/10/2013 - 08:24:24 ---A- . (.Microsoft Corporation - Pilote TCP/IP.) -- C:\Windows\System32\Drivers\tcpip.sys   [1903552]
O44 - LFC:[MD5.80B0F7D5CCF86CEB5D402EAAF61FEC31] - 09/10/2013 - 08:24:24 ---A- . (.Microsoft Corporation - USB Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\usbcir.sys   [100864]
O44 - LFC:[MD5.B32AB94A432289AC2DF77A3DCAD32EED] - 09/10/2013 - 08:24:24 ---A- . (.Microsoft Corporation - Web DAV Client DLL.) -- C:\Windows\SysNative\davclnt.dll   [102400]
O44 - LFC:[MD5.B32AB94A432289AC2DF77A3DCAD32EED] - 09/10/2013 - 08:24:24 ---A- . (.Microsoft Corporation - Web DAV Client DLL.) -- C:\Windows\System32\davclnt.dll   [102400]
O44 - LFC:[MD5.1A4F75E63C9FB84B85DFFC6B63FD5404] - 09/10/2013 - 08:24:24 ---A- . (.Microsoft Corporation - Windows NT WebDav Minirdr.) -- C:\Windows\System32\Drivers\mrxdav.sys   [140800]
O44 - LFC:[MD5.142671F462619CB64BA74F5B70136CB4] - 09/10/2013 - 08:24:25 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\SysNative\atmlib.dll   [46080]
O44 - LFC:[MD5.142671F462619CB64BA74F5B70136CB4] - 09/10/2013 - 08:24:25 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll   [46080]
O44 - LFC:[MD5.E1BB958681BE311E7CFF06CFEC5F1F2B] - 09/10/2013 - 08:24:25 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\SysNative\atmfd.dll   [368128]
O44 - LFC:[MD5.E1BB958681BE311E7CFF06CFEC5F1F2B] - 09/10/2013 - 08:24:25 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll   [368128]
O44 - LFC:[MD5.9028D1621C43DF8DFBD1C76860412A11] - 09/10/2013 - 08:24:25 ---A- . (.Microsoft Corporation - Bibliothèque de contrôles de l’expérience u.) -- C:\Windows\SysNative\comctl32.dll   [633856]
O44 - LFC:[MD5.9028D1621C43DF8DFBD1C76860412A11] - 09/10/2013 - 08:24:25 ---A- . (.Microsoft Corporation - Bibliothèque de contrôles de l’expérience u.) -- C:\Windows\System32\comctl32.dll   [633856]
O44 - LFC:[MD5.A5ED9421B8D09ED4F57CDA386307713E] - 09/10/2013 - 08:24:25 ---A- . (.Microsoft Corporation - DCI Manager.) -- C:\Windows\SysNative\dciman32.dll   [14336]
O44 - LFC:[MD5.A5ED9421B8D09ED4F57CDA386307713E] - 09/10/2013 - 08:24:25 ---A- . (.Microsoft Corporation - DCI Manager.) -- C:\Windows\System32\dciman32.dll   [14336]
O44 - LFC:[MD5.D6BAE9B4B210D71CDDADC224CEFCDB5F] - 09/10/2013 - 08:24:25 ---A- . (.Microsoft Corporation - Font Subsetting DLL.) -- C:\Windows\SysNative\fontsub.dll   [100864]
O44 - LFC:[MD5.D6BAE9B4B210D71CDDADC224CEFCDB5F] - 09/10/2013 - 08:24:25 ---A- . (.Microsoft Corporation - Font Subsetting DLL.) -- C:\Windows\System32\fontsub.dll   [100864]
O44 - LFC:[MD5.796B47A4B82EF1C39F13435B88834C48] - 09/10/2013 - 08:24:25 ---A- . (.Microsoft Corporation - Language Pack.) -- C:\Windows\SysNative\lpk.dll   [41472]
O44 - LFC:[MD5.796B47A4B82EF1C39F13435B88834C48] - 09/10/2013 - 08:24:25 ---A- . (.Microsoft Corporation - Language Pack.) -- C:\Windows\System32\lpk.dll   [41472]
O44 - LFC:[MD5.E2C933EDBC389386EBE6D2BA953F43D8] - 09/10/2013 - 08:24:25 ---A- . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) -- C:\Windows\System32\Drivers\Wdf01000.sys   [785624]
O44 - LFC:[MD5.C53BA50404665A17707D9D4FD78699CB] - 10/10/2013 - 02:01:44 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\SysNative\MRT.exe   [80541720]
O44 - LFC:[MD5.C53BA50404665A17707D9D4FD78699CB] - 10/10/2013 - 02:01:44 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe   [80541720]
O44 - LFC:[MD5.F026C6F104758D0EB215B017016FAE27] - 10/10/2013 - 02:06:01 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysNative\mshtml.dll   [19252224]
O44 - LFC:[MD5.F026C6F104758D0EB215B017016FAE27] - 10/10/2013 - 02:06:01 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll   [19252224]
O44 - LFC:[MD5.CCDB8FDC289AA9AFA5F8827A2ADB21AD] - 10/10/2013 - 02:06:03 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\SysNative\ieframe.dll   [15404544]
O44 - LFC:[MD5.CCDB8FDC289AA9AFA5F8827A2ADB21AD] - 10/10/2013 - 02:06:03 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll   [15404544]
O44 - LFC:[MD5.D28B35DE88D27EFB27DF4B1E8319E3C0] - 10/10/2013 - 02:06:04 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\SysNative\wininet.dll   [2241024]
O44 - LFC:[MD5.D28B35DE88D27EFB27DF4B1E8319E3C0] - 10/10/2013 - 02:06:04 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll   [2241024]
O44 - LFC:[MD5.16A3E229F60FA4B05573A0937AB3C3CB] - 10/10/2013 - 02:06:04 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\SysNative\jsproxy.dll   [53248]
O44 - LFC:[MD5.16A3E229F60FA4B05573A0937AB3C3CB] - 10/10/2013 - 02:06:04 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll   [53248]
O44 - LFC:[MD5.882AC0DD997CFC90FBB468D698BD55C6] - 10/10/2013 - 02:06:05 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysNative\urlmon.dll   [1365504]
O44 - LFC:[MD5.882AC0DD997CFC90FBB468D698BD55C6] - 10/10/2013 - 02:06:05 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll   [1365504]
O44 - LFC:[MD5.D383602755758FA81166B0FD8AFE6D40] - 10/10/2013 - 02:06:06 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\SysNative\jscript9.dll   [3959296]
O44 - LFC:[MD5.D383602755758FA81166B0FD8AFE6D40] - 10/10/2013 - 02:06:06 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll   [3959296]
O44 - LFC:[MD5.7B4E06047031B2AAA4AE10F00C59BFC7] - 10/10/2013 - 02:06:07 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\SysNative\jscript.dll   [855552]
O44 - LFC:[MD5.7B4E06047031B2AAA4AE10F00C59BFC7] - 10/10/2013 - 02:06:07 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll   [855552]
O44 - LFC:[MD5.214E39F0A8E382F1889B26B46DE0AF81] - 10/10/2013 - 02:06:07 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\SysNative\msfeeds.dll   [603136]
O44 - LFC:[MD5.214E39F0A8E382F1889B26B46DE0AF81] - 10/10/2013 - 02:06:07 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll   [603136]
O44 - LFC:[MD5.199BD40B1890E1EEFF7438B59787534F] - 10/10/2013 - 02:06:08 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\SysNative\iertutil.dll   [2647552]
O44 - LFC:[MD5.199BD40B1890E1EEFF7438B59787534F] - 10/10/2013 - 02:06:08 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll   [2647552]
O44 - LFC:[MD5.742B2C69643527763E162C0BA923D086] - 10/10/2013 - 02:06:09 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\SysNative\iesysprep.dll   [136704]
O44 - LFC:[MD5.742B2C69643527763E162C0BA923D086] - 10/10/2013 - 02:06:09 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\System32\iesysprep.dll   [136704]
O44 - LFC:[MD5.A80B91A93EDFFDE3DD2646D6E4CDDC44] - 10/10/2013 - 02:06:09 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\SysNative\iesetup.dll   [67072]
O44 - LFC:[MD5.A80B91A93EDFFDE3DD2646D6E4CDDC44] - 10/10/2013 - 02:06:09 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll   [67072]
O44 - LFC:[MD5.4163195B6D07D3434BDEA78C293B7E0E] - 10/10/2013 - 02:06:09 ---A- . (.Microsoft Corporation - Registers custom PKEYs for IE.) -- C:\Windows\SysNative\RegisterIEPKEYs.exe   [89600]
O44 - LFC:[MD5.4163195B6D07D3434BDEA78C293B7E0E] - 10/10/2013 - 02:06:09 ---A- . (.Microsoft Corporation - Registers custom PKEYs for IE.) -- C:\Windows\System32\RegisterIEPKEYs.exe   [89600]
O44 - LFC:[MD5.38CFAC1BAFEBC8B0AF8A22093803D38E] - 10/10/2013 - 02:06:09 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\SysNative\iernonce.dll   [39936]
O44 - LFC:[MD5.38CFAC1BAFEBC8B0AF8A22093803D38E] - 10/10/2013 - 02:06:09 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\System32\iernonce.dll   [39936]
O44 - LFC:[MD5.C4DDAC3F3062739C4C2BB759B36E005D] - 10/10/2013 - 02:06:09 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\SysNative\ie4uinit.exe   [51712]
O44 - LFC:[MD5.C4DDAC3F3062739C4C2BB759B36E005D] - 10/10/2013 - 02:06:09 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe   [51712]
O44 - LFC:[MD5.991A9D6B797B4D7E9EB29BE1FB4B1D28] - 10/10/2013 - 02:06:10 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\SysNative\ieui.dll   [526336]
O44 - LFC:[MD5.991A9D6B797B4D7E9EB29BE1FB4B1D28] - 10/10/2013 - 02:06:10 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\System32\ieui.dll   [526336]
O44 - LFC:[MD5.990235D752A40F5F8243ED537FAB2035] - 10/10/2013 - 02:06:11 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\SysNative\mshtml.tlb   [2706432]
O44 - LFC:[MD5.990235D752A40F5F8243ED537FAB2035] - 10/10/2013 - 02:06:11 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb   [2706432]
O44 - LFC:[MD5.5DA98D9266F07E613C4CA3AE5A77D627] - 10/10/2013 - 02:23:56 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT   [416944]
O44 - LFC:[MD5.5DA98D9266F07E613C4CA3AE5A77D627] - 10/10/2013 - 02:23:56 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT   [416944]
O44 - LFC:[MD5.3E3B44F2F22C27FCA7714ADE8E9FF828] - 13/10/2013 - 09:15:02 ---A- . (...) -- C:\Windows\PFRO.log   [958]
O44 - LFC:[MD5.63DC53E22D78522C8D979F5E5590DDB6] - 13/10/2013 - 09:15:06 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.D74E3C688AA4F552EB9F55CB8EA67170] - 13/10/2013 - 09:15:07 ---A- . (...) -- C:\Windows\setupact.log   [56]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 13/10/2013 - 09:15:07 ---A- . (...) -- C:\Windows\setuperr.log   [0]
O44 - LFC:[MD5.77205C026133A5A7532EF0D99200ED26] - 13/10/2013 - 09:17:10 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1206834]
O44 - LFC:[MD5.6A83B694079084D926FF775DBADFAAFE] - 13/10/2013 - 09:21:28 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI   [1557650]
O44 - LFC:[MD5.BC5448E1869C08FE024D6EFA5EEA8464] - 13/10/2013 - 09:21:28 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat   [107256]
O44 - LFC:[MD5.C51518E072B4D25AC566A15DFDEA7D06] - 13/10/2013 - 09:21:28 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat   [131648]
O44 - LFC:[MD5.ADB664481115C8B24D072B2191706507] - 13/10/2013 - 09:21:28 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat   [618936]
O44 - LFC:[MD5.077CEF7DEFFAE2D07CD6113F95064B84] - 13/10/2013 - 09:21:28 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat   [707220]
O44 - LFC:[MD5.6A83B694079084D926FF775DBADFAAFE] - 13/10/2013 - 09:21:28 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1557650]
O44 - LFC:[MD5.BC5448E1869C08FE024D6EFA5EEA8464] - 13/10/2013 - 09:21:28 ---A- . (...) -- C:\Windows\System32\perfc009.dat   [107256]
O44 - LFC:[MD5.C51518E072B4D25AC566A15DFDEA7D06] - 13/10/2013 - 09:21:28 ---A- . (...) -- C:\Windows\System32\perfc00C.dat   [131648]
O44 - LFC:[MD5.ADB664481115C8B24D072B2191706507] - 13/10/2013 - 09:21:28 ---A- . (...) -- C:\Windows\System32\perfh009.dat   [618936]
O44 - LFC:[MD5.077CEF7DEFFAE2D07CD6113F95064B84] - 13/10/2013 - 09:21:28 ---A- . (...) -- C:\Windows\System32\perfh00C.dat   [707220]
~ Files: 100 Scanned in 00mn 04s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/04/2158 - 22:17:31 ----D - C:\Windows\Prefetch\ReadyBoot
~ Prefetcher: 1 Scanned in 00mn 00s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\LOGICI~2\OFFICE~1\Office14\GROOVEEX.DLL
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDTray.exe" [Enabled] .(.Safer-Networking Ltd..) -- D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDTray.exe
O47 - AAKE:Key Export SP - "D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDFSSvc.exe" [Enabled] .(.Safer-Networking Ltd..) -- D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDFSSvc.exe
O47 - AAKE:Key Export SP - "D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDUpdate.exe" [Enabled] .(.Safer-Networking Ltd..) -- D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDUpdate.exe
O47 - AAKE:Key Export SP - "D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDUpdSvc.exe" [Enabled] .(.Safer-Networking Ltd..) -- D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDUpdSvc.exe
~ Keys Export: 4 Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ LSA: 8 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\AdobeAAMUpdater-1.0  [Key] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe  =>.Adobe Systems Incorporated
O53 - SMSR:HKLM\...\startupreg\APSDaemon  [Key] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O53 - SMSR:HKLM\...\startupreg\iTunesHelper  [Key] . (.Apple Inc. - iTunesHelper.) -- D:\Logiciels installés\18 - Itunes\iTunesHelper.exe
O53 - SMSR:HKLM\...\startupreg\Spotify Web Helper  [Key] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Adrien\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O53 - SMSR:HKLM\...\startupreg\Zune Launcher  [Key] . (.Microsoft Corporation - Zune Auto-Launcher.) -- C:\Program Files\Zune\ZuneLauncher.exe
~ SMSR Keys: 5 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ MWPE Keys: 4 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [491088]
O58 - SDL:[MD5.19166026A93206F9C6A8CD3A1F010AE4] - 02/04/2009 - 21:30:14 ---A- . (...) -- C:\Windows\SysWOW64\drivers\ASUSHWIO.SYS   [10296]
~ Drivers: 16 Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 10/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Login Data   [28672]
O61 - LFC: 10/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\PepperFlash\11.9.900.117\manifest.fingerprint   [14]  =>.Google PepperFlash
O61 - LFC: 10/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\PepperFlash\11.9.900.117\manifest.json   [2054]  =>.Google PepperFlash
O61 - LFC: 10/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\PepperFlash\11.9.900.117\pepflashplayer.dll   [13584776]  =>.Google PepperFlash
O61 - LFC: 10/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\6136_18241\crl-set   [706]
O61 - LFC: 10/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\6136_18241\manifest.fingerprint   [12]
O61 - LFC: 10/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\6136_18241\manifest.json   [34]
O61 - LFC: 10/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\6136_20320\crl-set   [935]
O61 - LFC: 10/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\6136_20320\manifest.fingerprint   [12]
O61 - LFC: 10/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\6136_20320\manifest.json   [34]
O61 - LFC: 10/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVR4502.tmp.cvr   [0]
O61 - LFC: 10/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVR4BAE.tmp.cvr   [0]
O61 - LFC: 10/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVR5839.tmp.cvr   [0]
O61 - LFC: 10/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVR65A2.tmp.cvr   [0]
O61 - LFC: 10/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVR6D21.tmp.cvr   [0]
O61 - LFC: 10/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVRB43E.tmp.cvr   [0]
O61 - LFC: 10/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll   [3558400]
O61 - LFC: 10/10/2013 - 10:24:32 ---A- . (.Dropbox, Inc..) -- C:\Users\Adrien\AppData\Roaming\Dropbox\bin\Dropbox.exe   [29768376]
O61 - LFC: 10/10/2013 - 10:24:32 ---A- . (.Dropbox, Inc..) -- C:\Users\Adrien\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe   [229288]
O61 - LFC: 10/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\UProof\CMAdj.12.bin   [1250]
O61 - LFC: 11/10/2013 - 10:24:24 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists   [261990]
O61 - LFC: 11/10/2013 - 10:24:24 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Archived History   [57344]
O61 - LFC: 11/10/2013 - 10:24:24 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Archived History-journal   [512]
O61 - LFC: 11/10/2013 - 10:24:24 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Current Tabs   [15389]
O61 - LFC: 11/10/2013 - 10:24:24 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old   [151]
O61 - LFC: 11/10/2013 - 10:24:24 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old   [151]
O61 - LFC: 11/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache   [55714]
O61 - LFC: 11/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Last Session   [20684]
O61 - LFC: 11/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Last Tabs   [156673]
O61 - LFC: 11/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_docs.google.com_0.localstorage   [3072]
O61 - LFC: 11/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_docs.google.com_0.localstorage-journal   [3608]
O61 - LFC: 11/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor   [138240]
O61 - LFC: 11/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal   [16384]
O61 - LFC: 11/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs   [39936]
O61 - LFC: 11/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs-journal   [4640]
O61 - LFC: 11/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\X3GFLNEX\macromedia.com\support\flashplayer\sys\settings.sol   [412]
O61 - LFC: 11/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old   [790]
O61 - LFC: 11/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Shortcuts   [225280]
O61 - LFC: 11/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal   [12824]
O61 - LFC: 11/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Visited Links   [131072]
O61 - LFC: 11/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Drive\cloud_graph\dict_2.db   [3178496]
O61 - LFC: 11/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Drive\sync_config.db   [10240]
O61 - LFC: 11/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\4604_8064\crl-set   [797]
O61 - LFC: 11/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\4604_8064\manifest.fingerprint   [12]
O61 - LFC: 11/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\4604_8064\manifest.json   [34]
O61 - LFC: 11/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVR16AE.tmp.cvr   [0]
O61 - LFC: 11/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVR28E8.tmp.cvr   [0]
O61 - LFC: 11/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVR29A1.tmp.cvr   [0]
O61 - LFC: 11/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVR4F0D.tmp.cvr   [0]
O61 - LFC: 11/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVR6AE7.tmp.cvr   [0]
O61 - LFC: 11/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVR7A32.tmp.cvr   [0]
O61 - LFC: 11/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVR9A31.tmp.cvr   [0]
O61 - LFC: 11/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVR9F3E.tmp.cvr   [0]
O61 - LFC: 11/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVRB0AC.tmp.cvr   [0]
O61 - LFC: 11/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVRB77F.tmp.cvr   [0]
O61 - LFC: 11/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVRDD38.tmp.cvr   [0]
O61 - LFC: 11/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVRF06C.tmp.cvr   [0]
O61 - LFC: 11/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVRF48F.tmp.cvr   [0]
O61 - LFC: 11/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVRF71F.tmp.cvr   [0]
O61 - LFC: 11/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVRF9EA.tmp.cvr   [0]
O61 - LFC: 11/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\CVRFAB6.tmp.cvr   [0]
O61 - LFC: 11/10/2013 - 10:24:31 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\Gercop\COPROV2\Pricop21810821676\Consul.DB   [18432]
O61 - LFC: 11/10/2013 - 10:24:31 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\scoped_dir6436_32519\Cookies   [6144]
O61 - LFC: 11/10/2013 - 10:24:31 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\scoped_dir6436_32519\Cookies-journal   [1544]
O61 - LFC: 11/10/2013 - 10:24:31 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\scoped_dir6436_32519\data_0   [45056]
O61 - LFC: 11/10/2013 - 10:24:31 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\scoped_dir6436_32519\data_1   [270336]
O61 - LFC: 11/10/2013 - 10:24:31 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\scoped_dir6436_32519\data_2   [1056768]
O61 - LFC: 11/10/2013 - 10:24:31 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\scoped_dir6436_32519\data_3   [8192]
O61 - LFC: 11/10/2013 - 10:24:31 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\scoped_dir6436_32519\index   [262512]
O61 - LFC: 11/10/2013 - 10:24:31 ---A- . (.TeamViewer.) -- C:\Users\Adrien\AppData\Local\Temp\Gercop\Assistance\TeamViewerQS.exe   [3148416]
O61 - LFC: 11/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\WMZuneComm.etl.005   [4096]
O61 - LFC: 11/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\aggregation.dbx   [7168]
O61 - LFC: 11/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b8d0   [602816]
O61 - LFC: 11/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b92a   [58000]
O61 - LFC: 11/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b92f   [60832]
O61 - LFC: 11/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b935   [62048]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b93c   [55408]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b942   [50544]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b949   [49984]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b94f   [48016]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b954   [46400]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b959   [53248]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b962   [33328]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b966   [47504]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b96b   [29664]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b96f   [46752]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b974   [45488]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b97b   [41952]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b980   [26704]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b985   [24208]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b98a   [27088]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b98f   [25792]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b994   [52288]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b999   [46144]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b99d   [53104]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b9a3   [45312]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b9ab   [49200]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b9b2   [57808]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b9ba   [73184]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b9c0   [60960]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b9c2   [55120]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b9c4   [52992]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b9c6   [47424]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b9c8   [57664]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b9cd   [58816]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b9cf   [56992]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b9d1   [51760]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b9d3   [51440]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b9d5   [56592]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b9d7   [54928]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b9d9   [46336]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b9da   [55312]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257b9dc   [77168]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257bae5   [74144]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257c485   [82256]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257c58b   [83536]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257d506   [91088]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\5257deaa   [81888]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257bad3   [160]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257bb4c   [172]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257bb5a   [160]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257bb74   [172]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257bf20   [172]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257c06b   [160]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257c1da   [160]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257c20b   [136]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257c32d   [156]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257c57d   [176]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257c65b   [160]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257c7e8   [176]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257cd03   [172]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257cd30   [160]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257cdd0   [160]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257cde5   [172]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257d518   [160]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257d538   [172]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257d53b   [172]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257d608   [160]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257d616   [172]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257db81   [160]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257e04f   [172]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\5257e2c4   [152]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\new_trace   [0]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\sigstore.dbx   [472747008]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Gercop\CoproV2\COPROV2.INI   [1627]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Gercop\CoproV2\LibOd.Txt   [313]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Office\Recent\! A Maniement GERCOP.LNK   [810]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Office\Recent\1 - Schindler.LNK   [970]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Office\Recent\10 - Ilex.LNK   [1042]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Office\Recent\10 - Matrice R.A.R. courrier à En-tête Cabinet GESTADE.LNK   [1255]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Office\Recent\11-10-13§Courrier Copropriétaire.LNK   [1886]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Office\Recent\18370001.LNK   [1703]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Office\Recent\2 - Bordereau de Régularisation des charges - Laser Couleur - 11-10-13.LNK   [1195]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Office\Recent\5 - Mise en Route Chauffage - 11-10-13.LNK   [1230]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Office\Recent\6 - 11-10-13 Monsieur Laurent Nicolas.LNK   [1018]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Office\Recent\835 - Matrice OS.LNK   [1177]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Office\Recent\835 - OS Ilex - 11-10-13.LNK   [1201]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Office\Recent\835 - R.A.R. Résilation Schindler - 11-10-13.LNK   [1189]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Office\Recent\Courrier Copropriétaire.LNK   [1094]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Office\Recent\DEVIS N°0731 - GESTADE - 5 - rue Monceau.LNK   [1353]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Office\Recent\Mandat de Gestion Locative - Mme Buard.LNK   [1165]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Office\Recent\Mandat de Gestion Locative - Monsieur Amiel - 14-06-12.LNK   [1213]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Office\Recent\Mandat de Gestion Locative - Mr Laurent Nicolas.LNK   [1246]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Outlook\Outlook.xml   [4508]
O61 - LFC: 11/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Word\Présentation%20GESTADE303284142242017607\Présentation%20GESTADE.doc.lnk   [1081]
O61 - LFC: 11/10/2013 - 10:24:33 --H-- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Office\Recent\index.dat   [2303]
O61 - LFC: 11/10/2013 - 10:24:33 R--A- . (.cb.) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Word\Présentation%20GESTADE303284142242017607\Présentation%20GESTADE((Unsaved-303284311227507424)).asd   [29184]
O61 - LFC: 13/10/2013 - 10:24:24 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Cookies   [1117184]
O61 - LFC: 13/10/2013 - 10:24:24 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal   [16384]
O61 - LFC: 13/10/2013 - 10:24:24 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT   [16]
O61 - LFC: 13/10/2013 - 10:24:24 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG   [151]
O61 - LFC: 13/10/2013 - 10:24:24 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-001559   [616]
O61 - LFC: 13/10/2013 - 10:24:24 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Extension State\CURRENT   [16]
O61 - LFC: 13/10/2013 - 10:24:24 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG   [151]
O61 - LFC: 13/10/2013 - 10:24:24 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-003278   [427]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Favicons   [24295424]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal   [16384]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\History   [7647232]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\History-journal   [16384]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage   [3072]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage-journal   [3608]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage   [3072]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage-journal   [3608]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Managed Mode Settings   [8]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Preferences   [189046]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT   [16]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG   [276]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-005513   [166]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Top Sites   [139264]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal   [16384]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity   [4785]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Web Data   [421888]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal   [16384]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Local State   [53810]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom   [7557748]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set   [1651150]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies   [6144]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal   [2576]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist   [135184]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Safe Browsing Download   [696504]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist   [18916]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist   [6592]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Drive\cacerts   [3245]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Drive\cloud_graph\dict_2.db-shm   [32768]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Drive\cloud_graph\dict_2.db-wal   [0]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Drive\lockfile   [0]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Drive\pid   [4]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Drive\snapshot.db   [19195904]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Drive\snapshot.db-shm   [32768]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Drive\snapshot.db-wal   [20992]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Drive\sync_config.db-shm   [32768]
O61 - LFC: 13/10/2013 - 10:24:25 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Google\Drive\sync_config.db-wal   [0]
O61 - LFC: 13/10/2013 - 10:24:27 --HA- . (...) -- C:\Users\Adrien\AppData\Local\IconCache.db   [6974710]
O61 - LFC: 13/10/2013 - 10:24:28 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\au-descriptor-1.7.0_40-b43.xml   [8891]
O61 - LFC: 13/10/2013 - 10:24:31 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\scoped_dir3888_3696\Cookies   [6144]
O61 - LFC: 13/10/2013 - 10:24:31 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\scoped_dir3888_3696\Cookies-journal   [1544]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\PyWinTypes27.dll   [110080]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\_ctypes.pyd   [87040]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\_elementtree.pyd   [128512]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\_hashlib.pyd   [711680]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\_multiprocessing.pyd   [26624]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\_socket.pyd   [44032]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\_ssl.pyd   [1153024]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\_win32sysloader.pyd   [8192]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\bz2.pyd   [68608]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\main.exe.manifest   [963]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\pyexpat.pyd   [127488]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\pysqlite2._sqlite.pyd   [557056]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\pythoncom27.dll   [364544]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx   [25575]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\html\drive_thankyou.html   [1512]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\ar\LC_MESSAGES\syncclient.mo   [30311]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\bg\LC_MESSAGES\syncclient.mo   [34262]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\bn\LC_MESSAGES\syncclient.mo   [41782]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\ca\LC_MESSAGES\syncclient.mo   [26310]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\cs\LC_MESSAGES\syncclient.mo   [26170]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\da\LC_MESSAGES\syncclient.mo   [25313]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\de\LC_MESSAGES\syncclient.mo   [26946]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\el\LC_MESSAGES\syncclient.mo   [36347]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\en\LC_MESSAGES\syncclient.mo   [24269]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\en_GB\LC_MESSAGES\syncclient.mo   [24286]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\en_US\LC_MESSAGES\syncclient.mo   [413]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\es\LC_MESSAGES\syncclient.mo   [26512]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\fi\LC_MESSAGES\syncclient.mo   [25210]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\fil\LC_MESSAGES\syncclient.mo   [26474]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\fr\LC_MESSAGES\syncclient.mo   [26793]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\gu\LC_MESSAGES\syncclient.mo   [40212]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\he\LC_MESSAGES\syncclient.mo   [27944]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\hi\LC_MESSAGES\syncclient.mo   [41007]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\hr\LC_MESSAGES\syncclient.mo   [25662]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\hu\LC_MESSAGES\syncclient.mo   [26767]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\id\LC_MESSAGES\syncclient.mo   [25141]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\it\LC_MESSAGES\syncclient.mo   [26103]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\ja\LC_MESSAGES\syncclient.mo   [29592]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\kn\LC_MESSAGES\syncclient.mo   [45425]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\ko\LC_MESSAGES\syncclient.mo   [27170]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\lt\LC_MESSAGES\syncclient.mo   [26417]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\lv\LC_MESSAGES\syncclient.mo   [25968]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\ml\LC_MESSAGES\syncclient.mo   [45861]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\mr\LC_MESSAGES\syncclient.mo   [40374]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\nl\LC_MESSAGES\syncclient.mo   [25894]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\no\LC_MESSAGES\syncclient.mo   [25075]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\pl\LC_MESSAGES\syncclient.mo   [25544]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\pt\LC_MESSAGES\syncclient.mo   [26125]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\pt_BR\LC_MESSAGES\syncclient.mo   [26125]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\pt_PT\LC_MESSAGES\syncclient.mo   [26065]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\ro\LC_MESSAGES\syncclient.mo   [26508]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\ru\LC_MESSAGES\syncclient.mo   [32868]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\sk\LC_MESSAGES\syncclient.mo   [26613]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\sl\LC_MESSAGES\syncclient.mo   [25946]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\sr\LC_MESSAGES\syncclient.mo   [33680]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\sv\LC_MESSAGES\syncclient.mo   [25212]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\ta\LC_MESSAGES\syncclient.mo   [45303]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\te\LC_MESSAGES\syncclient.mo   [42978]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\th\LC_MESSAGES\syncclient.mo   [39944]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\tr\LC_MESSAGES\syncclient.mo   [26651]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\uk\LC_MESSAGES\syncclient.mo   [33168]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\vi\LC_MESSAGES\syncclient.mo   [28136]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\zh-Hans\LC_MESSAGES\syncclient.mo   [24784]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\zh-Hant\LC_MESSAGES\syncclient.mo   [25101]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\zh\LC_MESSAGES\syncclient.mo   [24784]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\zh_CN\LC_MESSAGES\syncclient.mo   [24784]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\zh_HK\LC_MESSAGES\syncclient.mo   [25143]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\i18n\locale\zh_TW\LC_MESSAGES\syncclient.mo   [25101]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\__init__.py   [0]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\__init__.pyo   [198]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\docs.ico   [13753]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-gdoc16.png   [292]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-gdoc256.png   [8221]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-gdoc32.png   [1124]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-gdoc48.png   [1625]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-gdraw16.png   [437]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-gdraw256.png   [8865]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-gdraw32.png   [1254]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-gdraw48.png   [1753]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-gform16.png   [360]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-gform256.png   [8615]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-gform32.png   [1194]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-gform48.png   [1699]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-glink16.png   [866]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-glink256.png   [16273]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-glink32.png   [1946]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-glink48.png   [2770]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-gsheet16.png   [305]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-gsheet256.png   [8216]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-gsheet32.png   [1176]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-gsheet48.png   [1633]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-gslides16.png   [312]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-gslides256.png   [8675]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-gslides32.png   [1139]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-gslides48.png   [1640]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-sync16.png   [1533]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-sync16.xpm   [2895]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-sync256.png   [19252]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-sync32.xpm   [2492]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\drive-sync64.png   [4432]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\exclaim.png   [605]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\file.png   [121]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\folder-mac.icns   [117965]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\folder-winseven.ico   [57802]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\folder-winxp.ico   [15406]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\folder.png   [115]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\gdoc.icns   [298141]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\gdoc.ico   [26671]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\gdraw.icns   [305541]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\gdraw.ico   [27212]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\gform.icns   [305412]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\gform.ico   [27036]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\glink.icns   [419431]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\glink.ico   [37282]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\gnote.icns   [90463]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\gnote.ico   [28554]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\gscript.icns   [303839]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\gscript.ico   [26883]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\gsheet.icns   [298895]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\gsheet.ico   [26661]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\gslides.icns   [303147]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\gslides.ico   [27114]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\gtable.icns   [310308]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\gtable.ico   [27253]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\image_resources.py   [6747]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\image_resources.pyo   [7205]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\info1-mac.png   [16824]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\info1-windows7.png   [9749]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\info1-windowsxp.png   [10976]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\info2-default.png   [2778]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\info2-mac.png   [9762]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\info2-win7.png   [8184]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\info2-winxp.png   [8062]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate1-inverse.png   [324]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate1-inverse_2x.png   [3300]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate1.png   [322]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate1_2x.png   [3301]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate2-inverse.png   [381]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate2-inverse_2x.png   [3529]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate2.png   [382]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate2_2x.png   [3535]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate3-inverse.png   [341]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate3-inverse_2x.png   [3377]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate3.png   [336]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate3_2x.png   [3299]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate4-inverse.png   [381]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate4-inverse_2x.png   [3487]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate4.png   [383]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate4_2x.png   [3431]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate5-inverse.png   [323]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate5-inverse_2x.png   [3295]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate5.png   [322]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate5_2x.png   [3301]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate6-inverse.png   [390]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate6-inverse_2x.png   [3509]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate6.png   [401]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate6_2x.png   [3566]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate7-inverse.png   [333]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate7-inverse_2x.png   [3294]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate7.png   [337]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate7_2x.png   [3301]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate8-inverse.png   [378]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate8-inverse_2x.png   [3472]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate8.png   [382]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-animate8_2x.png   [3460]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-error-inverse.png   [252]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-error-inverse_2x.png   [3146]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-error.png   [257]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-error_2x.png   [3140]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-inactive-inverse.png   [254]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-inactive-inverse_2x.png   [3122]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-inactive.png   [259]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-inactive_2x.png   [3098]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-normal-inverse.png   [262]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-normal-inverse_2x.png   [3154]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-normal.png   [269]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-normal_2x.png   [3147]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-pause-inverse_2x.png   [3130]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-paused-inverse.png   [263]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-paused-inverse_2x.png   [3149]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-paused.png   [261]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\mac-paused_2x.png   [3164]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\menu_warning.png   [237]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\menu_warning_2x.png   [1317]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\overlays\Blacklisted.ico   [40903]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\overlays\Shared.ico   [35679]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\overlays\Synced.ico   [35679]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\overlays\Syncing.ico   [35424]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\sharedfolder-mac.icns   [117416]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\sharedfolder-winseven.ico   [55019]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\sharedfolder-winxp.ico   [15406]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\shareguyicon.png   [179]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\sheets.ico   [5962]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\slides.ico   [5285]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\sync.icns   [117146]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\sync.ico   [33576]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\sync.png   [1312]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\sync_128.png   [7846]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\toprighticon.png   [3355]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\warning-hdpi_2x.png   [1259]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\win-animate1.png   [656]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\win-animate2.png   [689]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\win-animate3.png   [625]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\win-animate4.png   [632]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\win-animate5.png   [643]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\win-animate6.png   [642]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\win-animate7.png   [612]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\win-animate8.png   [619]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\win-normal.png   [612]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\win7-error.png   [600]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\win7-inactive.png   [599]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\win7-paused.png   [584]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\winxp-error.png   [606]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\winxp-inactive.png   [598]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\images\winxp-paused.png   [583]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\js\XMLHttpRequest.js   [713]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\resources\mime\drive.mime.types   [24425]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\select.pyd   [10240]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\support\gen_py\__init__.py   [0]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\unicodedata.pyd   [686080]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\win32api.pyd   [98816]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\win32com.shell.shell.pyd   [320512]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\win32crypt.pyd   [11264]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\win32event.pyd   [18432]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\win32evtlog.pyd   [33792]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\win32file.pyd   [119808]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\win32inet.pyd   [38912]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\win32pdh.pyd   [25600]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\win32pipe.pyd   [24064]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\win32process.pyd   [35840]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\win32profile.pyd   [17408]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\win32security.pyd   [108544]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\win32trace.pyd   [15872]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\win32ts.pyd   [22528]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\win32ui.pyd   [778752]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\win32wnet.pyd   [25088]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\windows._cacheinvalidation.pyd   [504832]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\wx._controls_.pyd   [1062400]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\wx._core_.pyd   [1175040]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\wx._gdi_.pyd   [805888]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\wx._html2.pyd   [70656]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\wx._misc_.pyd   [735232]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\wx._windows_.pyd   [811008]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\wx._wizard.pyd   [122368]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\config.dbx   [20480]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\deleted.dbx   [14336]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\filecache.dbx   [291491840]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\host.db   [57]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\host.dbx   [189]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\kernel32.dll   [989696]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\mfc90.dll   [1156600]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\mfc90u.dll   [1162744]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\mfcm90.dll   [59904]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\mfcm90u.dll   [59904]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\msvcp100.dll   [421200]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\msvcr100.dll   [773968]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\psapi.dll   [23040]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\shell32.dll   [8461312]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (.Python Software Foundation.) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\python27.dll   [2436608]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (.wxWidgets development team.) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\wxbase294u_net_vc90.dll   [154112]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (.wxWidgets development team.) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\wxbase294u_vc90.dll   [1985024]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (.wxWidgets development team.) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\wxmsw294u_adv_vc90.dll   [1234944]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (.wxWidgets development team.) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\wxmsw294u_core_vc90.dll   [4598272]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (.wxWidgets development team.) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\wxmsw294u_html_vc90.dll   [595968]
O61 - LFC: 13/10/2013 - 10:24:32 ---A- . (.wxWidgets development team.) -- C:\Users\Adrien\AppData\Local\Temp\_MEI34282\wxmsw294u_webview_vc90.dll   [91648]
O61 - LFC: 13/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\PENDING_mycc1g   [6144]
O61 - LFC: 13/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\TO_HASH_hdfjjc   [5120]
O61 - LFC: 13/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\UPDATED_garzrc   [6144]
O61 - LFC: 13/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\525a575f   [64352]
O61 - LFC: 13/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\525a57fa   [55440]
O61 - LFC: 13/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\525a5847   [64432]
O61 - LFC: 13/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\l\525a5853   [51728]
O61 - LFC: 13/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\notifications.dbx   [2048]
O61 - LFC: 13/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\photo.dbx   [17408]
O61 - LFC: 13/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\525a5758   [124]
O61 - LFC: 13/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\525a5763   [124]
O61 - LFC: 13/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\525a5815   [172]
O61 - LFC: 13/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\shellext\l\525a5833   [164]
O61 - LFC: 13/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Dropbox\unlink.db   [216]
O61 - LFC: 13/10/2013 - 10:24:33 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\Microsoft\Sticky Notes\StickyNotes.snt   [26624]
O61 - LFC: 13/10/2013 - 10:24:34 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\ZHP\Log.txt   [17010]  =>.Nicolas Coolman
O61 - LFC: 13/10/2013 - 10:24:34 ---A- . (...) -- C:\Users\Adrien\AppData\Roaming\ZHP\TestsZHPDiag.txt   [2922]  =>.Nicolas Coolman
~ 304 Fichiers temporaires (Temporary files)
~ Files: 498 Scanned in 00mn 15s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 14/09/2013 - C:\Windows\system32\drivers\afd.sys (AFD)  .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep)  .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP
O64 - Services: CurCS - 04/07/2012 - C:\Windows\system32\browser.dll (bowser)  .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs)  .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS)  .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\cng.sys (CNG)  .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\cscsvc.dll (CSC)  .(.Microsoft Corporation - DLL du service CSC.) - LEGACY_CSC
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\dfsc.sys (DfsC)  .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache)  .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE
O64 - Services: CurCS - 01/08/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl)  .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\fastfat.sys (fastfat)  .(.Microsoft Corporation - Fast FAT File System Driver.) - LEGACY_FASTFAT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo)  .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr)  .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - 24/01/2013 - C:\Windows\system32\drivers\fvevol.sys (fvevol)  .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\http.sys (HTTP)  .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy)  .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD)  .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg)  .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio)  .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 30/04/2013 - D:\Logiciels installés\23 - Logmein\x64\RaInfo.sys (LMIInfo)  .(.LogMeIn, Inc. - RemotelyAnywhere Kernel Information Provide.) - LEGACY_LMIINFO
O64 - Services: CurCS - 30/04/2013 - C:\Windows\system32\drivers\LMIRfsDriver.sys (LMIRfsDriver)  .(.LogMeIn, Inc. - LogMeIn Rfs Drivemap Driver.) - LEGACY_LMIRFSDRIVER
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv)  .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr)  .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - 18/06/2013 - C:\Windows\System32\DRIVERS\MpFilter.sys (MpFilter)  .(.Microsoft Corporation - Microsoft antimalware file system filter dr.) - LEGACY_MPFILTER
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv)  .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - 04/07/2013 - C:\Windows\system32\webclnt.dll (MRxDAV)  .(.Microsoft Corporation - Fichier DLL du service DAV pour le Web.) - LEGACY_MRXDAV
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb10)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv)  .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup)  .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP
O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS)  .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS)  .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT)  .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 18/06/2013 - C:\Windows\System32\DRIVERS\NisDrvWFP.sys (NisDrv)  .(.Microsoft Corporation - Microsoft Network Realtime Inspection Drive.) - LEGACY_NISDRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy)  .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw)  .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH)  .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\drivers\pacer.sys (Psched)  .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (rdbss)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD)  .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD)  .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP)  .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr)  .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr)  .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\srvsvc.dll (srv)  .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\srvsvc.dll (srv2)  .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet)  .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\vmstorfltres.dll (storflt)  .(.Microsoft Corporation - Fichier DLL de ressources du filtre de stoc.) - LEGACY_STORFLT
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\tcpipcfg.dll (Tcpip)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP
O64 - Services: CurCS - 03/10/2012 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg)  .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\tcpipcfg.dll (tdx)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX
O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\DRIVERS\udfs.sys (udfs)  .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave)  .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx)  .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX
O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap)  .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6)  .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
O64 - Services: CurCS - 25/06/2013 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000)  .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf)  .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\ws2ifsl.sys (ws2ifsl)  .(.Microsoft Corporation - Couche IFS Winsock2.) - LEGACY_WS2IFSL
O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\WudfPf.sys (WudfPf)  .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF
~ Legacy: 71 Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Adrien\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Adrien\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ FASS Keys: 19 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Adrien\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
~ Keys:  Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [853504]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll   [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll   [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [100864]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll   [193536]
~ Services: 33 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.6785F137EA722DE370916C91DB7798EA] [SPRF][02/07/2013] (...) -- C:\Users\Adrien\Desktop\PDFWriterSetup.exe   [1278400]
~ Files: 1 Scanned in 00mn 01s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-Prov-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe
O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-McrMgr-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Media Center Extender Manager.) -- C:\Windows\ehome\mcrmgr.exe
O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-PeerDist-WSD-In" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-PeerDist-WSD-Out" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteDesktop-UserMode-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe  =>.Microsoft Corporation
O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe  =>.Microsoft Corporation
O87 - FAEL: "NetPres-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe  =>.Microsoft Corporation
O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe  =>.Microsoft Corporation
O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe  =>.Microsoft Corporation
O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe  =>.Microsoft Corporation
O87 - FAEL: "SPPSVC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) -- C:\Windows\system32\sppsvc.exe
O87 - FAEL: "SPPSVC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) -- C:\Windows\system32\sppsvc.exe
O87 - FAEL: "{12989A38-9299-4000-8221-C76C0036698D}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Microsoft SharePoint Workspace.) -- D:\Logiciels installés\Office Professionnel 2010\Office14\GROOVE.exe
O87 - FAEL: "{F1B33572-B53D-4C39-948F-06140777FEB0}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft SharePoint Workspace.) -- D:\Logiciels installés\Office Professionnel 2010\Office14\GROOVE.exe
O87 - FAEL: "{52CBE687-8C48-4188-BA04-21265965E55B}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- D:\Logiciels installés\Office Professionnel 2010\Office14\ONENOTE.exe  =>.Microsoft Corporation
O87 - FAEL: "{8408D68B-76E8-4CE5-81AC-9B33F8D6E146}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- D:\Logiciels installés\Office Professionnel 2010\Office14\ONENOTE.exe  =>.Microsoft Corporation
O87 - FAEL: "{166F8D7F-B1D3-4E67-A43D-25CE33344886}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft Outlook.) -- D:\Logiciels installés\Office Professionnel 2010\Office14\outlook.exe
O87 - FAEL: "{4FF91693-FFA2-4932-AB4A-2C5120F08FF2}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "{80DA7F5E-8928-4233-8E98-640982714836}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{F85921D5-E409-4673-AFE4-F3CDE5326847}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{5C3D26CF-8D54-4BD2-9A1C-3B45CA88EEC0}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{90A5F336-0DAD-4AA9-819F-C69EB36B48E7}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{4C37758B-1358-42F1-A3AA-FF64BEA0E484}" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{0215217D-B545-417D-8E08-3A4A44B6FDA0}" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{EAE70F0C-9B8B-4FC9-8ACB-0BCACE050457}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{5CE7374E-0ACE-4302-9A60-2D75F097F390}" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{3B935826-62F1-41A8-9000-32258CC35070}" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{E69E7CC7-1F7C-47EB-9A64-4FA9744D4F55}" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{42EF32D8-7A95-4F62-AE5B-1B5880B33752}" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{AF933F2E-6430-4284-A544-6932A7CC95F3}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{05681147-9F6A-4A10-83F6-FE61F488023C}" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{ECE6893F-3DB1-4E64-B3E2-42447DF11517}" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{7DA9293D-0F88-43C6-9573-31FD9618ADED}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Mobile Device Center Sync Host.) -- C:\Windows\WindowsMobile\wmdHost.exe
O87 - FAEL: "{600DE422-D4BF-4B76-9A4F-6298908378C7}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Mobile Device Center Sync Host.) -- C:\Windows\WindowsMobile\wmdHost.exe
O87 - FAEL: "{47EB2762-E3ED-4EB7-A1FF-CF29F2BD40AE}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{B266FF6A-047B-45A4-8DAF-D0E682063396}" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{5E6F4872-4C5B-4C84-99A4-1A85EA72D5DB}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{F982518D-96B4-4DEF-A514-A5DF9FB895E9}" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{3A645989-B770-4E37-BD63-84D020661126}" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{2D74483F-4872-4E41-B03F-FA5C9F95416D}" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Zune\Zune.exe (.not file.)
O87 - FAEL: "{3E5D2677-8170-4A5A-B0BC-9CBAD33B9F36}" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{13315EF4-B7DA-4545-9798-EE1C7F8A35D0}" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "{A19F9075-2932-43B9-B32D-0CE685E9F051}" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "{43124CD8-AEF2-45DB-A820-93A044B2E035}" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{3C3140B9-7E1D-4F87-A62D-5187175ABB8C}" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{C61AC04A-DF1B-4858-8563-148A260A7AE7}" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{C9120CBA-A0FA-4526-AFE8-55CA29DC87AC}" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{10598225-E4B2-4EF8-B89D-1523734E32D9}" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Zune\ZuneNSS.exe (.not file.)
O87 - FAEL: "{B209F081-9EF8-4EE0-849B-43F77BDA7F9F}" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Zune\ZuneNSS.exe (.not file.)
O87 - FAEL: "{FB013213-151E-4678-81F0-A92AA807FD77}" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Zune\ZuneNSS.exe (.not file.)
O87 - FAEL: "{9BCED6A1-186D-4386-802D-183A42D5E4C4}" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Zune\ZuneNSS.exe (.not file.)
O87 - FAEL: "{74C3352B-DEE2-483B-A42F-5AB6592F3BDB}" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{07C438F0-10A7-4125-9BC0-36CBD3DE40DC}" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{F00C7425-BB54-4CC8-9E35-2EC688F0FEF9}" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{E24E9E4C-8A00-4057-9683-315E7F67A34C}" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{C6BE4BF6-E651-43D9-AD6F-C727A443CFAF}" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{F9D2DDE3-9E29-470A-B56D-B7A11B40A8A1}" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{4B34923F-4A5C-4715-8A9C-04FB36D3F496}" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Zune\ZuneNSS.exe (.not file.)
O87 - FAEL: "{04F18578-B01E-4F51-B242-A9DC5CC18E27}" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Zune\ZuneNSS.exe (.not file.)
O87 - FAEL: "{690B010A-79B0-454F-82AD-B3F7D8521DFD}" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Zune\ZuneNSS.exe (.not file.)
O87 - FAEL: "{4D9AA615-3503-4566-8A6F-998150CA00AF}" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Zune\ZuneNSS.exe (.not file.)
O87 - FAEL: "{76BB016A-77AB-4331-BA40-99700F2C29F5}" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{53BB7C62-8A29-4CD2-9F92-51526011558B}" | In - Private - P6 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\Users\Adrien\AppData\Roaming\Dropbox\bin\Dropbox.exe
O87 - FAEL: "{0123B3D0-C959-4832-9DD3-AD04F9DC4975}" | In - Private - P17 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\Users\Adrien\AppData\Roaming\Dropbox\bin\Dropbox.exe
O87 - FAEL: "{70ECC753-4F43-4AF5-95ED-D4B0F6553EED}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{AA32774F-E98C-4495-B043-F78E7F71C543}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{3C663D34-61F0-413A-8522-3A4AB9D8EA35}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{3D3ACDE4-2BD6-47F0-84D3-A4C5E8FDD9BB}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{07D7B4C5-3A9B-4112-8089-9A6F03B51EDB}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{036C2259-4D18-4BC9-8C67-4EA5A2C4FE7E}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{18B5B677-E7FF-4DD2-9F55-A431CABDBAED}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{AA235A42-DA9C-484C-B0EB-767BC0D63B20}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{E1DF9021-9825-47A7-B2CF-F77E8D79C413}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{2E31ED64-06B1-432E-AE34-C9434F0BE92B}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{76388FCE-15C9-482D-A4B2-C6CDBA3C4CC5}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{25ADDF10-D27A-49FD-88B7-A456F4539FD7}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{F99442DB-54E1-4D9B-AD73-22B14BDDC1D8}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "{373BA2F9-0878-42DF-82B3-0298651F111C}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "{54ABBA08-2233-49E4-91A9-BAA314A9ECAF}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "{62972EEA-5A99-4BE4-AB03-C412484B55F8}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "{A93D6EE5-88A4-484E-9565-7CC3F72E48AD}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{748EECFD-4115-4853-84EC-EA5CA51EDB88}" | In - None - P6 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
O87 - FAEL: "{75465E9F-7E35-48AC-BD45-F483E8F6F1EA}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{3F814552-4DBB-41B3-9E29-31F84ADB80BA}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{08282E2E-185C-4F68-A2B8-D2EA8990B620}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{38277E52-13BE-4446-BC74-2B7900307721}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{2C15925F-68A0-439F-A03D-46C1532F6F91}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- D:\Logiciels installés\18 - Itunes\iTunes.exe
O87 - FAEL: "{5E99437E-1C49-4DFF-8661-DEF3C12A5D5F}" | In - Private - P6 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\Users\Adrien\AppData\Roaming\Spotify\spotify.exe
O87 - FAEL: "{6FDFFFCC-FA0F-462A-831D-79E3140CAA54}" | In - Private - P17 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\Users\Adrien\AppData\Roaming\Spotify\spotify.exe
O87 - FAEL: "TCP Query User{A18A8AD7-E471-40D0-9592-54D11747429B}C:\users\adrien\appdata\roaming\dropbox\bin\dropbox.exe" | In - Public - P6 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\users\adrien\appdata\roaming\dropbox\bin\dropbox.exe
O87 - FAEL: "UDP Query User{B979AC99-FCA9-4197-A3F7-1E6BEB829176}C:\users\adrien\appdata\roaming\dropbox\bin\dropbox.exe" | In - Public - P17 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\users\adrien\appdata\roaming\dropbox\bin\dropbox.exe
O87 - FAEL: "TCP Query User{CE25CEE0-9165-4AB9-B4C9-F6170FC92B2A}D:\logiciels installés\office professionnel 2010\office14\winword.exe" | In - Private - P6 - TRUE | .(.Microsoft Corporation.) -- D:\logiciels installés\office professionnel 2010\office14\winword.exe
O87 - FAEL: "UDP Query User{6242414D-35C1-476A-80E7-98C5A73E30AB}D:\logiciels installés\office professionnel 2010\office14\winword.exe" | In - Private - P17 - TRUE | .(.Microsoft Corporation.) -- D:\logiciels installés\office professionnel 2010\office14\winword.exe
~ Firewall: 253 Scanned in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "21681F3FD5B750C4689CBA056F7F7172" . (.KhalInstallWrapper.) -- C:\Windows\Installer\{F3F18612-7B5D-4C05-86C9-AB50F6F71727}\ARPPRODUCTICON.exe
O90 - PUC: "2B0163E6D0340BE4183EB2758E9BEDD8" . (.Bonjour.) -- C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\Bonjour.ico
O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico  =>.Apple Inc
O90 - PUC: "53451EB7E3D285B468F7C957EB0D02C8" . (.QuickTime.) -- C:\Windows\Installer\{7BE15435-2D3E-4B58-867F-9C75BED0208C}\Installer.ico
O90 - PUC: "5FC01DB565EFE3D4B81266683ADB5CBF" . (.Gercop Copropriété V2.) -- C:\Windows\Installer\{5BD10CF5-FE56-4D3E-8B21-6686A3BDC5FB}\ARPPRODUCTICON.exe
O90 - PUC: "63ACBD2914B91DD449A1EA1D94DD730F" . (.Mise à jour du pilote du Gestionnaire pour appareils Windows Mobile.) -- C:\Windows\Installer\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}\WindowsMobileDeviceCenter.ico
O90 - PUC: "93B0BF4E199C7EE459DDA1A187753DD3" . (.Asmedia ASM104x USB 3.0 Host Controller Driver.) -- C:\Windows\Installer\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}\ARPPRODUCTICON.exe
O90 - PUC: "A48FA7BCF7B1B6C4A885BEC7ED842CA3" . (.LogMeIn.) -- C:\Windows\Installer\{CB7AF84A-1B7F-4C6B-8A58-EB7CDE48C23A}\LMIicon.ico
O90 - PUC: "AE48807DEC2E935419BD7466CCE1F5F5" . (.Apple Mobile Device Support.) -- C:\Windows\Installer\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}\Installer.ico
O90 - PUC: "B5C628C0131BA3242A927CB1C3CADCA6" . (.CDDRV_Installer.) -- C:\Windows\Installer\{0C826C5B-B131-423A-A229-C71B3CACCD6A}\ARPPRODUCTICON.exe
O90 - PUC: "B722A2918C8AD6C49B9312AFBE00E7E1" . (.Google Drive.) -- C:\Windows\Installer\{192A227B-A8C8-4C6D-B939-21FAEB007E1E}\DriveIcon
O90 - PUC: "BD528ECCA74340041A68F5A4F6DD5874" . (.Apple Application Support.) -- C:\Windows\Installer\{CCE825DB-347A-4004-A186-5F4A6FDD8547}\WinInstall.ico
O90 - PUC: "BE9D894AB729B954586DDDE68F2C5C46" . (.erLT.) -- C:\Windows\Installer\{A498D9EB-927B-459B-85D6-DD6EF8C2C564}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "DA67D5E0BF3A5D84480098301B30713D" . (.iTunes.) -- C:\Windows\Installer\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}\Installer.ico
O90 - PUC: "DC276626FCFB9A94EAEFBAF0DEB3CFB5" . (.Gestionnaire pour appareils Windows Mobile.) -- C:\Windows\Installer\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}\wmdc.exe
~ Update Products: 79 Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.6C5471E4619D611C1DC06C795C6CD5FB] [WIS][09/06/2013] (.LogMeIn, Inc. - LogMeIn.) -- C:\Windows\Installer\2aed7.msi   [20402176]
[MD5.98B71EBBC205A824FF4030FECA79B6C1] [WIS][10/10/2013] (.Google, Inc. - Google Drive.) -- C:\Windows\Installer\7a8008.msi   [31623168]
[MD5.CAC92727C33BEC0A79965C61BBB1C82F] [WIS][07/08/2012] (.Igor Pavlov - 7-Zip (x64 edition) Package.) -- C:\Windows\Installer\91f5237.msi   [1376768]
[MD5.9C3A0CEC4A0861CDDB615AF661FD63C2] [WIS][12/07/2010] (.GERCOP INFORMATIQUE - Gercop Copropriété V2.) -- C:\Windows\Installer\dd94.msi   [1142272]
[MD5.C3A82B561E279E9B965009EEEEA2BCFF] [WIS][09/12/2010] (.GERCOP INFORMATIQUE - Sauvegarde Restauration GERCOP.) -- C:\Windows\Installer\dd98.msi   [256512]
[MD5.E2F488DEA69AC2F4AD1BD27277206650] [WIS][12/07/2010] (.Gercop - Outils Gercop.) -- C:\Windows\Installer\dd9c.msi   [164696]
~ WIS: 79 Scanned in 00mn 06s



---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 09/10/2013 257416 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 11/08/2012 55184 |  (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 462184 |  (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 19/03/2012 276248 |  (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 15/07/2012 116648 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 15/07/2012 116648 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 12/12/2012 641504 |  (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 20/07/2009 160784 |  (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
SR - | Auto 07/06/2013 376144 |  (LMIGuardianSvc) . (.LogMeIn, Inc..) - D:\Logiciels installés\23 - Logmein\x64\LMIGuardianSvc.exe
SR - | Auto 07/06/2013 226640 |  (LMIMaint) . (.LogMeIn, Inc..) - D:\Logiciels installés\23 - Logmein\x64\RaMaint.exe
SR - | Auto 20/12/2010 325656 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 30/04/2013 407424 |  (LogMeIn) . (.LogMeIn, Inc..) - D:\Logiciels installés\23 - Logmein\x64\LogMeIn.exe
SR - | Auto 13/11/2012 1103392 |  (SDScannerService) . (.Safer-Networking Ltd..) - D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDFSSvc.exe
SR - | Auto 13/11/2012 1369624 |  (SDUpdateService) . (.Safer-Networking Ltd..) - D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDUpdSvc.exe
SR - | Auto 13/11/2012 168384 |  (SDWSCService) . (.Safer-Networking Ltd..) - D:\Logiciels installés\21 - Spybot\Spybot - Search & Destroy 2\SDWSCSvc.exe
SR - | Auto 20/12/2010 2656280 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 06s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Adrien at 13/10/2013 10:27:15
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Adrien at 13/10/2013 10:27:17

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR:  Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 12946 - (12/10/2013)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 2

[HKLM\Software\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}]   =>Toolbar.Ask
[HKCU\Software\APN PIP]   =>Toolbar.Ask
[HKLM\Software\Wow6432Node\PIP]   =>Toolbar.Ask
[HKCU\Software\AppDataLow\Software\Smartbar]   =>Hijacker.SmartBar^
[HKCU\Software\Conduit]   =>Toolbar.Conduit^
~ Additionnel Scan: 244220 Items scanned in 00mn 12s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar   =>Hijacker.SmartBar
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit   =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask   =>Toolbar.Ask
~ MSI: 3 link(s) detected in 00mn 12s



End of the scan (2088 lines in 04mn 07s)(0)