Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2013.9.29.55 - Nicolas Coolman (29/09/2013)
~ Lanc� par mohamed (30/09/2013 13:19:43)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : D�sactiv�e par l'utilisateur
~ El�vation des Privil�ges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16688
MFIE: Mozilla Firefox 23.0.1
GCIE: Google Chrome v29.0.1547.76 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Fran�ais
Windows 8 Home Premium Edition, 64-bit (Build 9200)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : DPBQ6
Windows License : OK
~ Windows Remaining Initializations Number : 998
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du syst�me
Windows Defender W8
---\\ Logiciels d'optimisation du syst�me
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 25
---\\ Informations sur le syst�me
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3979 MB (57% free)
System Restore: Activ� (Enable)
System drive C: has 214 GB (76%) free of 279 GB
---\\ Mode de connexion au syst�me
~ Computer Name: MSB
~ User Name: mohamed
~ All Users Names: mohamed, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\mohamed\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\mohamed\AppData\Roaming\
~ %Desktop% : C:\Users\mohamed\Desktop\
~ %Favorites% : C:\Users\mohamed\Favorites\
~ %LocalAppData% : C:\Users\mohamed\AppData\Local\
~ %StartMenu% : C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enum�ration des unit�s disques
C: Hard drive, Flash drive, Thumb drive (Free 214 Go of 279 Go)
D: Hard drive, Flash drive, Thumb drive (Free 398 Go of 398 Go)
---\\ Etat du Centre de S�curit� Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 29 Scanned in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.6DBE239FF1C9650A794C974B8C7913D7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/08/2013 - 05:12:06.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioth�que de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.36D6A3201721558A8AFBCC09C2DA4C2C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.06/11/2012 - 04:53:44.) -- C:\Windows\system32\Drivers\AFD.sys [560640]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parall�le.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de p�riph�rique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/2102
~ Mes musiques (My Musics) : 1/46
~ Mes Favoris (My Favorites) : 1/2
~ Mes Documents (My Documents) : 1/45
~ Mon Bureau (My Desktop) : 4/7187
~ Menu demarrer (Programs) : 1/20
~ Hidden Files: Scanned in 00mn 06s
---\\ Processus lanc�s
[MD5.79174FD5F4DE078642BE1CACB124BFCA] - (.ASUS - ASUS InstantOn.) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [1126784] [PID.5840]
[MD5.A2791CF11D1ED52DBCD75D2FFD4D50E7] - (.ASUSTek Computer Inc. - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [178848] [PID.4444]
[MD5.2C35624F79B9ADBFE47090879F0D8673] - (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208] [PID.2344]
[MD5.DC4044C6102DE12837143B257C25EDDC] - (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe [648512] [PID.5704]
[MD5.DA544EE19F1ABC4A2B6D998D998E1E4A] - (...) -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe [119808] [PID.4988]
[MD5.B7BCA8A30CE13A283CDBDECEF5616C39] - (.ASUS - ACMON.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192] [PID.6852]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.3520] =>Toolbar.Google
[MD5.ECF45E3FC8C63E44ED45D38A8672E7F1] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [275768] [PID.3716]
[MD5.97202E9C0D86387888435470CCAF45BE] - (.ASUSTeK - ACEngSvr Module.) -- C:\Windows\SysWOW64\ACEngSvr.exe [192000] [PID.5140]
[MD5.21293443961A4E2597453EE7A9347F22] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe [54840] [PID.5872]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.3764]
[MD5.29769215DEB6E8418EF3656B0423776E] - (.ASUSTeK Computer Inc. - ASUS Quick Gesture Exe.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20352] [PID.684]
[MD5.25A51D18D48F1E144ABEC667E98C6261] - (.ASUSTeK Computer Inc. - ASUS Live Update.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1558176] [PID.5760]
[MD5.B4CF3FB7E9B8EA69757541DCE6CA20ED] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [276376] [PID.2816]
[MD5.72EF708552059546B1AAA82E7AA59439] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [17304] [PID.2784]
[MD5.18F20138A715E0677A24A0986BC9AEA2] - (.Adobe Systems, Inc. - Adobe Flash Player 11.8 r800.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe [1862024] [PID.3272]
[MD5.60A3399135BEFC6F4BADBD6C13A4AC24] - (.Microsoft Corporation - H�te Microsoft WWA.) -- C:\Windows\syswow64\wwahost.exe [333824] [PID.7068]
[MD5.1B54057F38EF2CCEC85EC2BD14678A04] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8030720] [PID.4544]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://feed.snap.do =>Hijacker.SmartBar
G0 - GCSP: Preference [User Data\Default] http://feed.snap.do =>Hijacker.SmartBar
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activ�)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activ�)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activ�)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activ�)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activ�)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Chrome In-App Payments service v.0.0.4.11 (Activ�)
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activ�)
~ Google Browser: 13 Scanned in 00mn 04s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.04.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
~ Firefox Browser: 6 Scanned in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) [64Bits] - {D8278076-BC68-4484-9233-6E7F1628B56C} . (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) (No version) -- (.not file.)
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: Yahoo! Toolbar [64Bits] - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. - Yahoo! Toolbar.) (2008, 7, 28, 01) -- C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
~ IE Browser: 13 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8888;https=127.0.0.1:8888 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: &Yahoo! Toolbar Helper [64Bits] - {02478D38-C3F9-4efb-9B51-7695ECA05670} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer [64Bits] - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class [64Bits] - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} . (.Yahoo! Inc - Yahoo! Single Instance for Mail.) -- C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class [64Bits] - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ BHO: 12 Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{4F524A2D-5637-006A-76A7-7A786E7484D7} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Adobe Reader XI.lnk . (.Adobe Systems Incorporated - Adobe Reader.) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
O4 - GS\Desktop [Public]: ASUS Vibe Fun Center.lnk . (.ASUSTeK Computer Inc. - AsusVibe Application.) -- C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - GS\Desktop [Public]: ASUS Install.lnk . (.ASUSTek Computer INC. - AsInsWiz.) -- C:\eSupport\eDriver\AsInsWiz.exe
O4 - GS\Desktop [Public]: ASUS Instant Connect Installer.lnk . (...) -- C:\Windows\Installer\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}\_77CD0D17CE4BC69D3FCD39.exe
O4 - GS\Desktop [Public]: ASUS InstantOn.lnk . (...) -- C:\Windows\Installer\{749F674B-2674-47E8-879C-5626A06B2A91}\_5071C9DBC1BB2B48AAB6B3.exe
O4 - GS\Desktop [Public]: ASUS Product Demo Movie.Lnk . (.ASUS - ASUS Product Demo Movie.) -- C:\Windows\ASUSProductDemoMovie\ASUS Product Demo Movie.exe
O4 - GS\Desktop [Public]: ASUS Tutor.lnk . (...) -- C:\windows\Installer\{58172D66-2F69-4215-9AEC-ED8196023736}\_ECAE39551DF09CB0079E46.exe
O4 - GS\Desktop [Public]: eManual.Lnk . (.ASUSTek Computer Inc. - EManual Application.) -- C:\eSupport\Manual\eManual.exe
O4 - GS\Desktop [Public]: Galerie de photos Windows Live.lnk . (.Hewlett-Packard Co. - WLPG launcher.) -- C:\Program Files (x86)\HP\Print Projects\Common01\Bin\HpqWLPG03.exe =>.Microsoft Corporation
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: LibreOffice 4.1.lnk . (.The Document Foundation - LibreOffice.) -- C:\Program Files (x86)\LibreOffice 4\program\soffice.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Video Download Capture.lnk . (.Apowersoft - Video Download Capture.) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
O4 - GS\Desktop [Public]: WebStorage Sync Agent.lnk . (.ASUS Cloud Corporation - ASUS WebStorage Panel.) -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe
O4 - GS\Desktop [Public]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Program [Public]: Adobe Reader XI.lnk . (...) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O4 - GS\Program [Public]: Browser Choice.lnk . (...) -- C:\Windows\BrowserChoice\html\default.html
O4 - GS\Program [Public]: Desktop.lnk - Cl� orpheline
O4 - GS\Program [Public]: Movie Maker.lnk . (.Microsoft Corporation - Movie Maker.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Photo Gallery.lnk . (.Microsoft Corporation - Photo Gallery.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\wlmail.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Messenger.lnk . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - GS\Program [Public]: Windows Store.lnk . (...) -- C:\Windows\WinStore\WinStore.htm
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (...) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe (.not file.)
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau � distance.) -- C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d��cran.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magn�tophone Windows.) -- C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Enregistreur d�actions.) -- C:\Windows\system32\psr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-b�te.) -- C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caract�res.) -- C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [mohamed]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [mohamed]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [mohamed]: Video Download Capture.lnk . (.Apowersoft - Video Download Capture.) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
O4 - GS\TaskBar [mohamed]: File Explorer.lnk . (...) -- C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Libraries
O4 - GS\TaskBar [mohamed]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [mohamed]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [mohamed]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories [mohamed]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\SendTo [mohamed]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - Pas de description.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\Desktop [mohamed]: DSC01368 - Raccourci.lnk . (...) -- C:\Users\mohamed\Downloads\DSC01368.JPG
O4 - GS\Desktop [mohamed]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [mohamed]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 51 Scanned in 00mn 02s
---\\ Applications lanc�es au d�marrage du syt�me (O4)
O4 - GS\Startup [Public]: AsusVibeLauncher.lnk . (.ASUSTeK Computer Inc. - AsusVibe Application.) -- C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - GS\Startup [Public]: HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [ACMON] . (.ASUS - ACMON.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\mohamed\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\mohamed\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [ASUSWebStorage] . (.ASUS Cloud Corporation - ASUS WebStorage Panel.) -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKUS\S-1-5-21-4087657791-1931191923-1431379775-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-4087657791-1931191923-1431379775-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-4087657791-1931191923-1431379775-1001\..\RunOnce: [Uninstall C:\Users\mohamed\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4087657791-1931191923-1431379775-1001\..\RunOnce: [Uninstall C:\Users\mohamed\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Invisibilit� de l'ic�ne d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Verzenden naar OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: &Gekoppelde notities van OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d�affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
~ Winsock: 7 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6832AF73-AE3E-4282-89DF-27A717A3B265}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E342B068-B778-4CBE-9AFB-D86A6091BA13}: DhcpNameServer = 127.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E342B068-B778-4CBE-9AFB-D86A6091BA13}: DhcpDomain = WDS01.COM
O17 - HKLM\System\CS1\Services\Tcpip\..\{6832AF73-AE3E-4282-89DF-27A717A3B265}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E342B068-B778-4CBE-9AFB-D86A6091BA13}: DhcpNameServer = 127.0.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E342B068-B778-4CBE-9AFB-D86A6091BA13}: DhcpDomain = WDS01.COM
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ASLDR Service (ASLDRService) . (.ASUSTek Computer Inc. - ASLDR Service.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) . (.ASUS - ASUS InstantOn Program.) - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) . (.ASUS - GFNEXSrv.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Intel(R) Capability Licensing Service In (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (.not file.)
~ Services: 10 Scanned in 00mn 02s
---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enum�re les donn�es de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1074]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1078]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job [868]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job [870]
[MD5.3109B16A0939BA11696EEB04F345D099] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257416]
[MD5.79174FD5F4DE078642BE1CACB124BFCA] [APT] [ASUS InstantOn Config] (.ASUS.) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [1126784]
[MD5.25A51D18D48F1E144ABEC667E98C6261] [APT] [ASUS Live Update] (.ASUSTeK Computer Inc..) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1558176]
[MD5.0BC5A4142F38A6BB35DECD01A2BC2ED7] [APT] [ASUS P4G] (.ASUS.) -- C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240]
[MD5.3547F00F9FF626DE831FC1F99BE1E4CE] [APT] [ASUS Touchpad Launcher (x64)] (.AsusTek.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [17792]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176]
[MD5.A9D30971B24700531BEB70C85D1B8328] [APT] [ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d] (.Intel Corporation.) -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233792]
[MD5.A9D30971B24700531BEB70C85D1B8328] [APT] [ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon] (.Intel Corporation.) -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233792]
~ Scheduled Task: 16 Scanned in 00mn 03s
---\\ Composants install�s (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s
---\\ Pilotes lanc�s au d�marrage du syst�me (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (ATKWMIACPIIO) . (.ASUS - ATK WMIACPI Utility.) - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-syst�me de mise en m�moire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Drivers: 36 Scanned in 00mn 00s
---\\ Logiciels install�s (O42)
O42 - Logiciel: 64 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM][64Bits] -- {55D55008-E5F6-47D6-B16F-B2A40D4D145F}
O42 - Logiciel: ASUS Instant Connect - (.ASUS.) [HKLM][64Bits] -- {89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}
O42 - Logiciel: ASUS InstantOn - (.ASUS.) [HKLM][64Bits] -- {749F674B-2674-47E8-879C-5626A06B2A91}
O42 - Logiciel: ASUS LifeFrame3 - (.ASUS.) [HKLM][64Bits] -- {1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
O42 - Logiciel: ASUS Live Update - (.ASUS.) [HKLM][64Bits] -- {FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
O42 - Logiciel: ASUS Power4Gear Hybrid - (.ASUS.) [HKLM][64Bits] -- {9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
O42 - Logiciel: ASUS Smart Gesture - (.ASUS.) [HKLM][64Bits] -- {4D3286A6-F6AB-498A-82A4-E4F040529F3D}
O42 - Logiciel: ASUS Splendid Video Enhancement Technology - (.ASUS.) [HKLM][64Bits] -- {0969AF05-4FF6-4C00-9406-43599238DE0D}
O42 - Logiciel: ASUS Tutor - (.ASUS.) [HKLM][64Bits] -- {58172D66-2F69-4215-9AEC-ED8196023736}
O42 - Logiciel: ASUS WebStorage Sync Agent - (.ASUS Cloud Corporation.) [HKLM][64Bits] -- ASUS WebStorage
O42 - Logiciel: ATK Package - (.ASUS.) [HKLM][64Bits] -- {AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader XI (11.0.04) - Fran�ais - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: AsusVibe2.0 - (.ASUSTEK.) [HKLM][64Bits] -- Asus Vibe2.0
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE}
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {446CC8CE-0E90-44F7-ADD0-774B243EF090}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Earth Plug-in - (.Google.) [HKLM][64Bits] -- {79361740-EAE3-11E2-9911-B8AC6F98CCE3} =>.Google Inc
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>Toolbar.Google
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Customer Participation Program 13.0 - (.HP.) [HKLM][64Bits] -- HPExtendedCapabilities
O42 - Logiciel: HP Deskjet F4500 Printer Driver Software 13.0 Rel .6 - (.HP.) [HKLM][64Bits] -- {7F08A772-2816-4F46-84F1-49578502AD28}
O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM][64Bits] -- HP Imaging Device Functions
O42 - Logiciel: HP Print Projects 1.0 - (.HP.) [HKLM][64Bits] -- HP Print Projects
O42 - Logiciel: HP Smart Web Printing 4.5 - (.HP.) [HKLM][64Bits] -- HP Smart Web Printing
O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM][64Bits] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {7059BDA7-E1DB-442C-B7A1-6144596720A4}
O42 - Logiciel: Intel(R) Manageability Engine Firmware Recovery Agent - (.Intel Corporation.) [HKLM][64Bits] -- {A6C48A9F-694A-4234-B3AA-62590B668927}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel� Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
O42 - Logiciel: Java 7 Update 25 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217025FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {400C31E4-796F-4E86-8FDC-C3C4FACC6847}
O42 - Logiciel: LibreOffice 4.1.1.2 - (.The Document Foundation.) [HKLM][64Bits] -- {F1EE568A-171F-4C06-9BE6-2395BED067A3}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: Mozilla Firefox 23.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 23.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Package de pilotes Windows - ASUS (ATP) Mouse (10/29/2012 1.0.0.148) - (.ASUS.) [HKLM][64Bits] -- C01F56FBD9B141017E63E2A1A141E59934D4DC67
O42 - Logiciel: Python 2.7.3 - (.Python Software Foundation.) [HKLM][64Bits] -- {C0C31BCC-56FB-42a7-8766-D29E1BD74C7C}
O42 - Logiciel: Ralink RT2860 Wireless LAN Card - (.Ralink.) [HKLM][64Bits] -- {8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek PCIE Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {C1594429-8296-4652-BF54-9DBE4932A44C}
O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054}
O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM][64Bits] -- Shop for HP Supplies
O42 - Logiciel: Video Download Capture V4.5.0 - (.Apowersoft.) [HKLM][64Bits] -- {3C9D008D-3716-4C3F-90CD-38ED57568FAB}_is1
O42 - Logiciel: WinFlash - (.ASUS.) [HKLM][64Bits] -- {8F21291E-0444-4B1D-B9F9-4370A73E346D}
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM][64Bits] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} =>.Microsoft Corporation
O42 - Logiciel: Yahoo! Toolbar - (...) [HKLM][64Bits] -- Yahoo! Companion
O42 - Logiciel: bibus 1.4.3.1 - (...) [HKLM][64Bits] -- bibus
O42 - Logiciel: wxPython 2.8.12.1 (unicode) for Python 2.7 - (.Total Control Software.) [HKLM][64Bits] -- wxPython2.8-unicode-py27_is1
~ Logic: 108 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ASUS]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\ECAREME]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\Mine]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Trolltech]
[HKCU\Software\Video Download Capture]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Yahoo]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\bibus.conf]
[HKLM\Software\ASUS]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Agere]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\ECAREME]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\LSI]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SonicFocus]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\ASIO]
[HKLM\Software\Wow6432Node\ASUS]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AsLdr]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\ECAREME]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\LibreOffice]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Python]
[HKLM\Software\Wow6432Node\Ralink]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\The Document Foundation]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\Yahoo]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Key Software: 136 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 11/01/2013 - 18:52:26 - [0,038] ----D C:\Program Files (x86)\AddLyrics =>Adware.AddLyrics
O43 - CFD: 05/12/2012 - 11:17:05 - [120,795] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 15/07/2013 - 08:57:26 - [80,609] ----D C:\Program Files (x86)\Apowersoft
O43 - CFD: 24/01/2013 - 13:29:37 - [244,685] ----D C:\Program Files (x86)\ASUS
O43 - CFD: 11/01/2013 - 18:52:55 - [30,928] ----D C:\Program Files (x86)\bibus
O43 - CFD: 07/01/2013 - 23:02:35 - [0,700] ----D C:\Program Files (x86)\Boxore =>Adware.Boxore
O43 - CFD: 25/09/2012 - 01:21:02 - [3,460] ----D C:\Program Files (x86)\Cisco
O43 - CFD: 15/07/2013 - 08:38:00 - [174,477] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 15/08/2013 - 05:32:18 - [507,893] ----D C:\Program Files (x86)\Google
O43 - CFD: 19/12/2012 - 22:44:01 - [202,665] ----D C:\Program Files (x86)\HP
O43 - CFD: 26/08/2013 - 17:40:06 - [0] ----D C:\Program Files (x86)\HSPA USB Modem
O43 - CFD: 26/08/2013 - 17:34:27 - [20,406] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 25/09/2012 - 01:15:13 - [217,013] ----D C:\Program Files (x86)\Intel
O43 - CFD: 14/09/2013 - 12:53:53 - [4,622] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 15/07/2013 - 08:36:57 - [122,487] ----D C:\Program Files (x86)\Java
O43 - CFD: 11/01/2013 - 18:51:40 - [0,020] ----D C:\Program Files (x86)\jZip
O43 - CFD: 11/09/2013 - 22:48:01 - [333,285] ----D C:\Program Files (x86)\LibreOffice 4
O43 - CFD: 20/05/2013 - 03:54:49 - [0] ----D C:\Program Files (x86)\McAfee
O43 - CFD: 11/01/2013 - 18:11:44 - [37,927] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 27/04/2013 - 10:21:13 - [28,127] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 28/03/2013 - 09:48:41 - [5,397] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 24/01/2013 - 11:16:18 - [0,987] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 11/01/2013 - 18:11:54 - [7,797] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 06/09/2013 - 13:32:21 - [48,427] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 24/09/2013 - 22:57:00 - [0,215] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 11/01/2013 - 18:53:27 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 25/09/2012 - 01:20:56 - [3,537] ----D C:\Program Files (x86)\Ralink
O43 - CFD: 25/09/2012 - 01:18:21 - [20,577] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 02/08/2012 - 15:34:49 - [36,536] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 11/01/2013 - 18:51:36 - [0,229] ----D C:\Program Files (x86)\SweetIM =>PUP.SweetIM
O43 - CFD: 25/09/2012 - 01:18:11 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 04/01/2013 - 23:34:02 - [23,185] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 18/08/2013 - 12:25:53 - [1,038] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 28/03/2013 - 09:51:27 - [144,659] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 11/01/2013 - 19:08:20 - [5,466] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 24/01/2013 - 13:21:03 - [3,494] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 11/01/2013 - 19:08:45 - [0,209] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 26/07/2012 - 10:12:59 - [7,243] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 19/06/2013 - 19:24:17 - [5,226] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 11/01/2013 - 19:08:45 - [0,209] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/07/2012 - 10:12:59 - [0] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 19/12/2012 - 21:12:35 - [3,122] ----D C:\Program Files (x86)\Yahoo!
O43 - CFD: 30/09/2013 - 13:18:17 - [16,942] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 30/09/2013 - 13:14:19 - [6,857] ----D C:\Program Files (x86)\ZHPFix =>.Nicolas Coolman
O43 - CFD: 05/12/2012 - 11:17:08 - [6,289] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 19/12/2012 - 20:45:16 - [0,507] ----D C:\Program Files (x86)\Common Files\Hewlett-Packard
O43 - CFD: 19/12/2012 - 20:45:18 - [1,721] ----D C:\Program Files (x86)\Common Files\HP
O43 - CFD: 25/09/2012 - 01:17:39 - [2,009] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 25/09/2012 - 01:12:11 - [13,438] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 15/07/2013 - 08:38:00 - [1,189] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 08/02/2013 - 03:38:48 - [139,452] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 25/09/2012 - 01:14:43 - [0,185] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 26/07/2012 - 10:13:01 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 11/01/2013 - 19:08:20 - [9,685] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 07/01/2013 - 23:02:07 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 05/12/2012 - 11:20:58 - [129,044] ----D C:\ProgramData\Adobe
O43 - CFD: 15/07/2013 - 08:40:10 - [0] ----D C:\ProgramData\APN
O43 - CFD: 26/07/2012 - 09:22:08 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 15/06/2013 - 16:54:08 - [0,004] ----D C:\ProgramData\ASUS
O43 - CFD: 17/08/2012 - 02:53:09 - [0,002] ----D C:\ProgramData\ASUS WebStorage
O43 - CFD: 17/08/2012 - 02:52:28 - [0,012] ----D C:\ProgramData\ASUSLogos
O43 - CFD: 25/09/2012 - 01:25:35 - [0,767] ----D C:\ProgramData\ASUSVibe
O43 - CFD: 04/12/2012 - 06:35:29 - [4,688] ----D C:\ProgramData\ChangeFolderView
O43 - CFD: 26/07/2012 - 09:22:08 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 26/07/2012 - 09:22:08 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 04/12/2012 - 06:32:28 - [0,585] ----D C:\ProgramData\FolderView
O43 - CFD: 05/12/2012 - 11:18:40 - [0,012] ----D C:\ProgramData\Google
O43 - CFD: 21/03/2013 - 18:25:10 - [25,366] ----D C:\ProgramData\HP
O43 - CFD: 19/12/2012 - 22:43:20 - [0,009] ----D C:\ProgramData\HP Product Assistant
O43 - CFD: 25/09/2012 - 01:15:13 - [0,215] ----D C:\ProgramData\Intel
O43 - CFD: 20/05/2013 - 03:54:49 - [0] ----D C:\ProgramData\McAfee
O43 - CFD: 27/04/2013 - 10:22:15 - [1231,552] -S--D C:\ProgramData\Microsoft
O43 - CFD: 11/09/2013 - 12:38:18 - [0,014] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 28/03/2013 - 09:48:20 - [0] ----D C:\ProgramData\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 03/04/2013 - 22:10:03 - [0,026] ----D C:\ProgramData\Mozilla
O43 - CFD: 11/01/2013 - 18:57:43 - [0,002] ----D C:\ProgramData\P4G
O43 - CFD: 17/12/2012 - 15:49:38 - [0,041] ----D C:\ProgramData\PRICache
O43 - CFD: 25/09/2012 - 01:21:03 - [5,334] ----D C:\ProgramData\Ralink Driver
O43 - CFD: 26/07/2012 - 11:45:49 - [0,001] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 26/07/2012 - 09:22:08 - [0] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 15/07/2013 - 08:38:06 - [0] ----D C:\ProgramData\Sun
O43 - CFD: 04/01/2013 - 23:39:08 - [0,245] ----D C:\ProgramData\SweetIM =>PUP.SweetIM
O43 - CFD: 07/01/2013 - 23:08:58 - [0,180] ----D C:\ProgramData\Tarma Installer =>PUP.Tarma
O43 - CFD: 26/07/2012 - 09:22:08 - [0] -SH-D C:\ProgramData\Templates
O43 - CFD: 07/01/2013 - 23:09:21 - [0,015] ----D C:\ProgramData\Yahoo! Companion
O43 - CFD: 05/12/2012 - 11:17:56 - [6,497] ----D C:\Users\mohamed\AppData\Roaming\Adobe
O43 - CFD: 15/07/2013 - 08:57:26 - [0,534] ----D C:\Users\mohamed\AppData\Roaming\Apowersoft
O43 - CFD: 04/12/2012 - 06:33:35 - [0] ----D C:\Users\mohamed\AppData\Roaming\ASUS WebStorage
O43 - CFD: 07/12/2012 - 13:43:16 - [0,051] ----D C:\Users\mohamed\AppData\Roaming\bibus
O43 - CFD: 06/12/2012 - 17:29:17 - [0,014] ----D C:\Users\mohamed\AppData\Roaming\drpython
O43 - CFD: 05/12/2012 - 11:58:28 - [0,011] ----D C:\Users\mohamed\AppData\Roaming\Google
O43 - CFD: 19/12/2012 - 22:45:24 - [0,012] ----D C:\Users\mohamed\AppData\Roaming\HP
O43 - CFD: 11/09/2013 - 22:48:41 - [2,179] ----D C:\Users\mohamed\AppData\Roaming\LibreOffice
O43 - CFD: 05/12/2012 - 01:00:10 - [0,004] ----D C:\Users\mohamed\AppData\Roaming\Macromedia
O43 - CFD: 03/04/2013 - 22:33:14 - [5,680] -S--D C:\Users\mohamed\AppData\Roaming\Microsoft
O43 - CFD: 03/04/2013 - 22:10:25 - [23,022] ----D C:\Users\mohamed\AppData\Roaming\Mozilla
O43 - CFD: 11/01/2013 - 18:44:04 - [0,074] ----D C:\Users\mohamed\AppData\Roaming\vlc
O43 - CFD: 19/12/2012 - 21:12:31 - [0] ----D C:\Users\mohamed\AppData\Roaming\Yahoo!
O43 - CFD: 30/09/2013 - 13:20:06 - [0,018] ----D C:\Users\mohamed\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 05/12/2012 - 11:17:56 - [18,352] ----D C:\Users\mohamed\AppData\Local\Adobe
O43 - CFD: 04/12/2012 - 06:30:53 - [0] -SH-D C:\Users\mohamed\AppData\Local\Application Data
O43 - CFD: 15/06/2013 - 16:54:06 - [1,311] ----D C:\Users\mohamed\AppData\Local\ASUS
O43 - CFD: 06/09/2013 - 11:54:29 - [0] ----D C:\Users\mohamed\AppData\Local\Diagnostics
O43 - CFD: 20/06/2013 - 14:53:21 - [0] ----D C:\Users\mohamed\AppData\Local\ElevatedDiagnostics
O43 - CFD: 24/01/2013 - 13:27:57 - [205,749] ----D C:\Users\mohamed\AppData\Local\Google
O43 - CFD: 04/12/2012 - 06:30:53 - [0] -SH-D C:\Users\mohamed\AppData\Local\Historique
O43 - CFD: 11/01/2013 - 15:30:12 - [0,013] ----D C:\Users\mohamed\AppData\Local\jZip
O43 - CFD: 03/04/2013 - 22:33:14 - [0] ----D C:\Users\mohamed\AppData\Local\Macromedia
O43 - CFD: 29/08/2013 - 19:17:49 - [830,184] ----D C:\Users\mohamed\AppData\Local\Microsoft
O43 - CFD: 05/12/2012 - 02:30:34 - [0] ----D C:\Users\mohamed\AppData\Local\Microsoft Help
O43 - CFD: 03/04/2013 - 22:10:13 - [41,071] ----D C:\Users\mohamed\AppData\Local\Mozilla
O43 - CFD: 27/02/2013 - 21:21:10 - [259,981] ----D C:\Users\mohamed\AppData\Local\Packages
O43 - CFD: 15/07/2013 - 08:57:02 - [0] ----D C:\Users\mohamed\AppData\Local\Programs
O43 - CFD: 08/01/2013 - 20:08:10 - [2,963] ----D C:\Users\mohamed\AppData\Local\Smartbar =>Hijacker.SmartBar
O43 - CFD: 07/01/2013 - 23:02:16 - [0] ----D C:\Users\mohamed\AppData\Local\Software
O43 - CFD: 11/01/2013 - 18:44:19 - [0,001] ----D C:\Users\mohamed\AppData\Local\SwvUpdater =>PUP.Software.Updater
O43 - CFD: 30/09/2013 - 13:18:19 - [130,428] ----D C:\Users\mohamed\AppData\Local\Temp
O43 - CFD: 04/12/2012 - 06:30:53 - [0] -SH-D C:\Users\mohamed\AppData\Local\Temporary Internet Files
O43 - CFD: 07/12/2012 - 16:10:47 - [0,581] ----D C:\Users\mohamed\AppData\Local\VirtualStore
O43 - CFD: 07/01/2013 - 23:09:02 - [0,054] ----D C:\Users\mohamed\AppData\Local\Wajam =>Toolbar.Wajam
O43 - CFD: 30/09/2013 - 08:07:52 - [0,027] ----D C:\Users\mohamed\AppData\Local\Windows Live
O43 - CFD: 11/01/2013 - 18:58:47 - [0,004] R---D C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 11/01/2013 - 18:58:47 - [0,001] R---D C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 24/05/2013 - 13:50:11 - [0] R---D C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 27/02/2013 - 21:20:43 - [0] ----D C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 26/07/2012 - 10:13:00 - [0] ----D C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 24/05/2013 - 13:50:11 - [0] R---D C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 11/01/2013 - 18:58:48 - [0,005] R---D C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
~ Program Folder: 128 Scanned in 00mn 28s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.2E2CA7C73852F1CE9C6A6F540DD297F9] - 24/09/2013 - 21:57:32 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [479200]
O44 - LFC:[MD5.2E2CA7C73852F1CE9C6A6F540DD297F9] - 24/09/2013 - 21:57:32 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [479200]
O44 - LFC:[MD5.F1C59DAF0B958C6DBED434DEF9374926] - 24/09/2013 - 22:01:59 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1793362]
O44 - LFC:[MD5.B7B9BE0E093DB6212C09FD31B2028E2B] - 24/09/2013 - 22:01:59 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [132614]
O44 - LFC:[MD5.ABC8123FF141AE26EA1B05F145B3C54C] - 24/09/2013 - 22:01:59 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [155650]
O44 - LFC:[MD5.1D178A6EA3291AA0F3121276E4F5F1F6] - 24/09/2013 - 22:01:59 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [710244]
O44 - LFC:[MD5.D9C5431C12142069EB5518E76D056F66] - 24/09/2013 - 22:01:59 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [800978]
O44 - LFC:[MD5.F1C59DAF0B958C6DBED434DEF9374926] - 24/09/2013 - 22:01:59 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1793362]
O44 - LFC:[MD5.B7B9BE0E093DB6212C09FD31B2028E2B] - 24/09/2013 - 22:01:59 ---A- . (...) -- C:\Windows\System32\perfc009.dat [132614]
O44 - LFC:[MD5.ABC8123FF141AE26EA1B05F145B3C54C] - 24/09/2013 - 22:01:59 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [155650]
O44 - LFC:[MD5.1D178A6EA3291AA0F3121276E4F5F1F6] - 24/09/2013 - 22:01:59 ---A- . (...) -- C:\Windows\System32\perfh009.dat [710244]
O44 - LFC:[MD5.D9C5431C12142069EB5518E76D056F66] - 24/09/2013 - 22:01:59 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [800978]
O44 - LFC:[MD5.8DF721DE358AD97EEF285F5EF59BDF8F] - 30/09/2013 - 12:07:29 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.DC666D599FAB11AFF08B79547E0E3ABF] - 30/09/2013 - 12:07:40 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1051303]
~ Files: 14 Scanned in 00mn 09s
---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.5FD48EE672001C83BB2860C48F78658C] - 01/09/2013 - 10:39:08 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-917C29EF.pf
O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/02/2140 - 07:25:37 ----D - C:\Windows\Prefetch\ReadyBoot
O45 - LFCP:[MD5.4D42E04A88BCFC8F05904982216C64EE] - 04/09/2013 - 15:36:17 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-DBE13B61.pf
O45 - LFCP:[MD5.A9569DAEADD735FAD3E876086B143E66] - 06/09/2013 - 11:46:47 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-A613D79B.pf
O45 - LFCP:[MD5.1B8EFD6889224C75C13234A85DCFC85B] - 06/09/2013 - 17:31:30 ---A- - C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_8_800_94-9621A37D.pf
O45 - LFCP:[MD5.DFD406E81A91DE9CB17C3EA13DA1F94E] - 10/09/2013 - 18:10:30 ---A- - C:\Windows\Prefetch\CMD.EXE-CD245F9E.pf
O45 - LFCP:[MD5.8BDD694AE357D0492FA423F04129CE12] - 11/09/2013 - 22:18:27 ---A- - C:\Windows\Prefetch\SPLWOW64.EXE-853292E2.pf
O45 - LFCP:[MD5.585005489BE945E30CD312B59A19E04D] - 11/09/2013 - 22:20:32 ---A- - C:\Windows\Prefetch\DSMUSERTASK.EXE-D4A83970.pf
O45 - LFCP:[MD5.9B272B970A2E5269C6B2A908AB5F1CD7] - 11/09/2013 - 22:26:07 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-A1C51F92.pf
O45 - LFCP:[MD5.010F93EBB89F7DD01E182F6A00498F96] - 11/09/2013 - 22:26:34 ---A- - C:\Windows\Prefetch\WINWORD.EXE-342B9A35.pf
O45 - LFCP:[MD5.DFCACD082CE0BF9CEF84732ACCCF0395] - 11/09/2013 - 22:26:36 ---A- - C:\Windows\Prefetch\SETUP.EXE-6BF56078.pf
O45 - LFCP:[MD5.9C7916C30319E4DB647B88D252D4CA9F] - 14/09/2013 - 11:54:51 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.47FA3866DEAFC3C279A3AA66A82F3B90] - 14/09/2013 - 11:57:19 ---A- - C:\Windows\Prefetch\MSNMSGR.EXE-424B3DE6.pf
O45 - LFCP:[MD5.149B123DEBF1D39D2DD7486185C19EFF] - 14/09/2013 - 11:57:52 ---A- - C:\Windows\Prefetch\MAINTENANCESERVICE_INSTALLER.-A809585F.pf
O45 - LFCP:[MD5.854B91945193E2B7D545BBA2BDECCC5F] - 14/09/2013 - 12:14:36 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-BAE57A74.pf
O45 - LFCP:[MD5.1BD193EFC8133DB2D5190819BDD569D2] - 16/09/2013 - 07:58:30 ---A- - C:\Windows\Prefetch\DELEGATE_EXECUTE.EXE-4AB2438D.pf
O45 - LFCP:[MD5.C66B8EB01B2D88BC4BD385580998C207] - 16/09/2013 - 13:59:55 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.157.1966.0.E-C5C94151.pf
O45 - LFCP:[MD5.FC072ED254FD9E8172ADB00F14FA6DD6] - 16/09/2013 - 14:18:33 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-53449A0E.pf
O45 - LFCP:[MD5.35257CCE2308D0C39D5530A6E25D4890] - 16/09/2013 - 14:27:02 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-F2EC6B1B.pf
O45 - LFCP:[MD5.11F730DE187AEF5F4A94A37BFDB2E44F] - 16/09/2013 - 17:03:19 ---A- - C:\Windows\Prefetch\FLASHUTIL_ACTIVEX.EXE-4E6AE223.pf
O45 - LFCP:[MD5.DEC396E0B17132826381BC7F4DFAB960] - 17/09/2013 - 11:08:40 ---A- - C:\Windows\Prefetch\OPENWITH.EXE-BA0DC300.pf
O45 - LFCP:[MD5.8EA01741BF1D346E40467A754105B727] - 17/09/2013 - 11:19:57 ---A- - C:\Windows\Prefetch\BYTECODEGENERATOR.EXE-353D57C0.pf
O45 - LFCP:[MD5.B524910451D0965CF45340F991D62686] - 17/09/2013 - 11:19:59 ---A- - C:\Windows\Prefetch\BYTECODEGENERATOR.EXE-9C808144.pf
O45 - LFCP:[MD5.B8485492E4C9A77205D7C8A8DDA44C62] - 17/09/2013 - 15:15:30 ---A- - C:\Windows\Prefetch\AM_BASE_PATCH1.EXE-68D49F7A.pf
O45 - LFCP:[MD5.397C48A4DEB1C5EC1F87D1A562EE4004] - 17/09/2013 - 15:15:30 ---A- - C:\Windows\Prefetch\AM_ENGINE_PATCH1.EXE-F21EA2D1.pf
O45 - LFCP:[MD5.B23F54F0B42C40964A09CC3CBBA3C1BB] - 17/09/2013 - 17:26:31 ---A- - C:\Windows\Prefetch\WSHOST.EXE-05F0A3AF.pf
O45 - LFCP:[MD5.3F57AFA63FC1FFAB82EA174746253F51] - 17/09/2013 - 17:26:31 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-9178D9A9.pf
O45 - LFCP:[MD5.D13896803115A40DFC97FF0813ACFF97] - 17/09/2013 - 17:39:03 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-44194444.pf
O45 - LFCP:[MD5.C2AB501067B432EA5A4A8A984EB12DEC] - 17/09/2013 - 17:39:26 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-08E78623.pf
O45 - LFCP:[MD5.0F0996D5E06FE2B37CC18CC914021902] - 17/09/2013 - 17:43:27 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-86081325.pf
O45 - LFCP:[MD5.6544FC5123E73C0C8E9229EB8B4BF174] - 17/09/2013 - 20:19:10 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-B28CC291.pf
O45 - LFCP:[MD5.71D60C734639FE29DD38976C741BB0B3] - 17/09/2013 - 22:40:04 ---A- - C:\Windows\Prefetch\SOFFICE.EXE-E09F2760.pf
O45 - LFCP:[MD5.3D742CEF5021937E2ABA88DA772CE9B2] - 17/09/2013 - 22:40:05 ---A- - C:\Windows\Prefetch\SOFFICE.BIN-D42D403B.pf
O45 - LFCP:[MD5.E11E383F1CB89788F9E8BD6284A5BFD0] - 18/09/2013 - 10:17:57 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-9F989E84.pf
O45 - LFCP:[MD5.B63487CBB170581404BB4384FE7E4FE8] - 18/09/2013 - 11:25:45 ---A- - C:\Windows\Prefetch\GOOGLEUPDATERSERVICE.EXE-5B31194A.pf
O45 - LFCP:[MD5.F3925BF3C984BFDB2AC5128D4C756A2C] - 18/09/2013 - 13:12:58 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.159.66.0.EXE-22BF39D1.pf
O45 - LFCP:[MD5.2A03BC77F02D4E524FA2E5A5C5039095] - 18/09/2013 - 13:25:56 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-0E881CD2.pf
O45 - LFCP:[MD5.72E06183D387F6C84E64C73D807A5B74] - 18/09/2013 - 13:29:33 ---A- - C:\Windows\Prefetch\CREDENTIALUIBROKER.EXE-E9F92FD0.pf
O45 - LFCP:[MD5.9DFFA55CAFA7A56475771CEE8246256C] - 18/09/2013 - 17:11:32 ---A- - C:\Windows\Prefetch\PLUGIN-HANG-UI.EXE-63DEED3B.pf
O45 - LFCP:[MD5.DE08B31199F0C0E2B04A39C26B7A656D] - 19/09/2013 - 12:15:36 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.159.153.0.EX-F871CDC2.pf
O45 - LFCP:[MD5.D166B1FB8662FAF205E83030C1D1ADE4] - 20/09/2013 - 10:14:18 ---A- - C:\Windows\Prefetch\HPWUCLI.EXE-49FE5EE9.pf
O45 - LFCP:[MD5.C189C09862AF2B89369BB045B3805175] - 20/09/2013 - 10:15:23 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.159.237.0.EX-268FAEA1.pf
O45 - LFCP:[MD5.9AEADE3DF24D8A69BF84AFE7DB06EB8B] - 22/09/2013 - 00:03:58 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.159.329.0.EX-29534383.pf
O45 - LFCP:[MD5.9324AE8AA9CC7AACC54FAD2464D0EF7A] - 24/09/2013 - 13:53:36 ---A- - C:\Windows\Prefetch\SETUP.EXE-EB7D7BE3.pf
O45 - LFCP:[MD5.23837BB3760DD2A9A875DCD589036DD4] - 24/09/2013 - 13:53:44 ---A- - C:\Windows\Prefetch\29.0.1547.76_29.0.1547.66_CHR-42308DFD.pf
O45 - LFCP:[MD5.295DE9740B203E70EAF068060B534CB6] - 24/09/2013 - 13:53:46 ---A- - C:\Windows\Prefetch\SETUP.EXE-877BE8C6.pf
O45 - LFCP:[MD5.61DD71C772A51706BD0441449005B2DE] - 24/09/2013 - 14:11:44 ---A- - C:\Windows\Prefetch\SRTASKS.EXE-29C2E869.pf
O45 - LFCP:[MD5.F80F9F5A97E93CDA3619DCDAB5118C7C] - 24/09/2013 - 14:22:24 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C92CB267.pf
O45 - LFCP:[MD5.676EE2E836D77116346780037BC8E3C8] - 24/09/2013 - 21:52:02 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-8329E055.pf
O45 - LFCP:[MD5.D3A324CE2CD16D0463D81A28629F969B] - 24/09/2013 - 21:58:36 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-EF8503D3.pf
O45 - LFCP:[MD5.721927C04A7063DCC76142CEFBA97FE9] - 24/09/2013 - 21:59:59 ---A- - C:\Windows\Prefetch\MSMPENG.EXE-F9080403.pf
O45 - LFCP:[MD5.1C42C813DBE7742F33EAF67A515454AF] - 24/09/2013 - 22:00:00 ---A- - C:\Windows\Prefetch\INTELMEFWSERVICE.EXE-265333D9.pf
O45 - LFCP:[MD5.2116F286A4215DA5FD0C1B3836BB19D9] - 24/09/2013 - 22:00:00 ---A- - C:\Windows\Prefetch\LMS.EXE-409EDB07.pf
O45 - LFCP:[MD5.4A208C5510464631C217A08F2B2CEAB5] - 24/09/2013 - 22:00:07 ---A- - C:\Windows\Prefetch\UNS.EXE-9B1279FB.pf
O45 - LFCP:[MD5.D7027F78852631F3455E4A07DC7CD2A2] - 24/09/2013 - 22:00:33 ---A- - C:\Windows\Prefetch\GOOGLEUPDATEONDEMAND.EXE-062A670B.pf
O45 - LFCP:[MD5.3CBFEF099FFA6A3A2AC8B39F21B653DB] - 24/09/2013 - 22:00:34 ---A- - C:\Windows\Prefetch\SETUP.EXE-1958A2A0.pf
O45 - LFCP:[MD5.0BBAD2C0ECD152623503B9959C2AF572] - 24/09/2013 - 22:02:00 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-7D63BB4C.pf
O45 - LFCP:[MD5.CC0F60899776ECC1F2981F5D4097C1FA] - 24/09/2013 - 22:03:40 ---A- - C:\Windows\Prefetch\JAVAW.EXE-9BCFFCC7.pf
O45 - LFCP:[MD5.2FD9ADB088E15F2E127D9272A5FCEF1B] - 24/09/2013 - 22:03:40 ---A- - C:\Windows\Prefetch\JAVAWS.EXE-596738CE.pf
O45 - LFCP:[MD5.854ED6E881C0F8A7083749A2BA3E72A1] - 25/09/2013 - 09:45:47 ---A- - C:\Windows\Prefetch\PICKERHOST.EXE-03F09186.pf
O45 - LFCP:[MD5.E519298F7CC24F3E78F687F3B38919D8] - 25/09/2013 - 10:34:37 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-4F60B70E.pf
O45 - LFCP:[MD5.1A95FDB4341410599B2614DEE53F17D1] - 25/09/2013 - 10:34:37 ---A- - C:\Windows\Prefetch\WINSAT.EXE-A854C4D0.pf
O45 - LFCP:[MD5.C6066B3C67B00F3925AB84F9EBE3A52C] - 25/09/2013 - 13:59:26 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-5F7F692E.pf
O45 - LFCP:[MD5.C3B31B2762A78119079312B3271AD6D6] - 25/09/2013 - 13:59:28 ---A- - C:\Windows\Prefetch\LIVECOMM.EXE-F1928578.pf
O45 - LFCP:[MD5.160E407F15E7868D94F18723356832EC] - 25/09/2013 - 14:37:30 ---A- - C:\Windows\Prefetch\ACRORD32.EXE-4E288B88.pf
O45 - LFCP:[MD5.6133833377FD34885441F8961431F159] - 25/09/2013 - 14:37:34 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50DEE1CF.pf
O45 - LFCP:[MD5.9FC3781BCD0547E1E0C7DE2DE5F90279] - 25/09/2013 - 20:50:21 ---A- - C:\Windows\Prefetch\AM_DELTA.EXE-3A6EE7FD.pf
O45 - LFCP:[MD5.3CCC7F66D6685726D4A332CA2FCE51AC] - 25/09/2013 - 21:24:43 ---A- - C:\Windows\Prefetch\IEFLASHUPDATEPREP.EXE-B16186A0.pf
O45 - LFCP:[MD5.861C788371942C66D1D5118440E856C1] - 27/09/2013 - 19:31:55 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.159.688.0.EX-366C7D8B.pf
O45 - LFCP:[MD5.779572B66440DBF988E1C5725FA627EB] - 27/09/2013 - 19:45:21 ---A- - C:\Windows\Prefetch\W32TM.EXE-78C041DB.pf
O45 - LFCP:[MD5.B508167FF48546E44A5940C712182F83] - 27/09/2013 - 19:45:30 ---A- - C:\Windows\Prefetch\PING.EXE-167FE968.pf
O45 - LFCP:[MD5.C39DE534F7ED75F567371AEB8CB99B8C] - 27/09/2013 - 19:46:50 ---A- - C:\Windows\Prefetch\MAKECAB.EXE-E962779E.pf
O45 - LFCP:[MD5.2268DC7769C6BCAFA60A399371760085] - 28/09/2013 - 08:31:55 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-276AC160.pf
O45 - LFCP:[MD5.46A9B4C9FF98CEA5281BB87575DCF583] - 28/09/2013 - 16:37:12 ---A- - C:\Windows\Prefetch\BOOTSTRAP.EXE-CFA21EE6.pf
O45 - LFCP:[MD5.B17BFA42219DF4F46E52EBE54AAA6D3C] - 29/09/2013 - 15:16:53 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-05B3EDF6.pf
O45 - LFCP:[MD5.E0041CEC5FBFFF5C4FC818AD0349C587] - 29/09/2013 - 15:16:53 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-F2C7AEBC.pf
O45 - LFCP:[MD5.C4C8E2CD7ED8B98CFF43296C3CDDF36C] - 29/09/2013 - 15:18:48 ---A- - C:\Windows\Prefetch\AgCx_SC2.db
O45 - LFCP:[MD5.7620EE337396306AFC77F899EDF2173C] - 29/09/2013 - 15:29:53 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.159.887.0.EX-643F8020.pf
O45 - LFCP:[MD5.845F88BCAF227BC4D6BE51D21C73A016] - 29/09/2013 - 15:29:53 ---A- - C:\Windows\Prefetch\MPSIGSTUB.EXE-4D562760.pf
O45 - LFCP:[MD5.82588FB29CF3E6E94B6D9587A5F06A27] - 29/09/2013 - 15:29:53 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-4A7CF88B.pf
O45 - LFCP:[MD5.D0A13CB2173956C65D3A42AE6F9D054B] - 30/09/2013 - 07:07:33 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EA0A52C8.pf
O45 - LFCP:[MD5.9C24036B7E6747D3D9C7442E0E01C217] - 30/09/2013 - 07:10:39 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-985C34E6.pf
O45 - LFCP:[MD5.858D334BEF72F92BB3AB2015E526BD1F] - 30/09/2013 - 07:40:42 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-9E940D77.pf
O45 - LFCP:[MD5.58AFC3B681C3FF5568FFB5ECFD1DE03A] - 30/09/2013 - 07:40:52 ---A- - C:\Windows\Prefetch\NGEN.EXE-383F81D5.pf
O45 - LFCP:[MD5.2685A36E74E280FDFEAC0B5EB8C70024] - 30/09/2013 - 07:41:48 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.B0EAC7F6A5C87269DECBE911EDF013E6] - 30/09/2013 - 07:41:50 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-22AD8A37.pf
O45 - LFCP:[MD5.03C309C6747F8F30106C3C0530BA434D] - 30/09/2013 - 07:42:00 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-55FE3087.pf
O45 - LFCP:[MD5.431DA0A6FDC72FA78A1526A3B8255704] - 30/09/2013 - 07:42:00 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-D593A5D9.pf
O45 - LFCP:[MD5.0A9F3FAD31E729617D64B3BD240EB4ED] - 30/09/2013 - 07:42:01 ---A- - C:\Windows\Prefetch\NGEN.EXE-A8DBB043.pf
O45 - LFCP:[MD5.ED327D855ADB55D59DEB24DC1FB49CD2] - 30/09/2013 - 07:50:28 ---A- - C:\Windows\Prefetch\dynreservedpri.db
O45 - LFCP:[MD5.9CE89B63B29857D11BDDED53FE1F425B] - 30/09/2013 - 07:50:38 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-574A519D.pf
O45 - LFCP:[MD5.C56593E6A03BA78641C68BFBE7D2B14D] - 30/09/2013 - 07:50:38 ---A- - C:\Windows\Prefetch\VSSVC.EXE-206E55B3.pf
O45 - LFCP:[MD5.71D6FE17A3F4B2317939C6E4E518635B] - 30/09/2013 - 07:50:39 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5511E724.pf
O45 - LFCP:[MD5.6A825527FF0F99BA9D4FBA1AABEF488D] - 30/09/2013 - 08:09:33 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-B98D9700.pf
O45 - LFCP:[MD5.5A9DBE500455AB7F10C02AE7F28CEF2F] - 30/09/2013 - 08:28:48 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-4DB88ADA.pf
O45 - LFCP:[MD5.A4D9E1E75B3580EFCD05C76B73B658A1] - 30/09/2013 - 08:28:48 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-CD4E002C.pf
O45 - LFCP:[MD5.9BDEC71CDE422CB0DEB0CE4D747D9503] - 30/09/2013 - 08:28:48 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-3C5D03F7.pf
O45 - LFCP:[MD5.53EDBA6849ACD2F9C58942C0FFFA95DD] - 30/09/2013 - 08:28:49 ---A- - C:\Windows\Prefetch\SETTINGSYNCHOST.EXE-DD400067.pf
O45 - LFCP:[MD5.7AB5A95C87D1383866EA4F7415BF1232] - 30/09/2013 - 08:57:58 ---A- - C:\Windows\Prefetch\SETHC.EXE-D1EC56ED.pf
O45 - LFCP:[MD5.D2B4F6B81E69FA02AF35701CB9C645F7] - 30/09/2013 - 08:58:04 ---A- - C:\Windows\Prefetch\EASEOFACCESSDIALOG.EXE-E54B6BCB.pf
O45 - LFCP:[MD5.5EFA900F94A608E85DCCF5021D3B453C] - 30/09/2013 - 09:53:20 ---A- - C:\Windows\Prefetch\WERMGR.EXE-D948C216.pf
O45 - LFCP:[MD5.B4807B62CA9322181BEC9E095963F006] - 30/09/2013 - 09:53:27 ---A- - C:\Windows\Prefetch\TIWORKER.EXE-3391C7C7.pf
O45 - LFCP:[MD5.7456C32B78CA8DA34C13DE377A5139A2] - 30/09/2013 - 09:57:39 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-9848A323.pf
O45 - LFCP:[MD5.7F070F008BA523A23A8D3829978FC5C4] - 30/09/2013 - 10:03:55 ---A- - C:\Windows\Prefetch\DELEGATE_EXECUTE.EXE-83A46C42.pf
O45 - LFCP:[MD5.F65C770416E5353BBE15FC1614698185] - 30/09/2013 - 10:17:49 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3F4.pf
O45 - LFCP:[MD5.519257846F02BE2795F649A6D33AF083] - 30/09/2013 - 10:24:36 ---A- - C:\Windows\Prefetch\BACKGROUNDTRANSFERHOST.EXE-9145C254.pf
O45 - LFCP:[MD5.A214111EEB083FE9A3DB39D8EF66D17E] - 30/09/2013 - 10:25:17 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-39AABA37.pf
O45 - LFCP:[MD5.04D3C7FFA6AA0B992A95C43739E719E4] - 30/09/2013 - 10:26:13 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-C7B9D18C.pf
O45 - LFCP:[MD5.E29C06776676C12737FD73A93946D84D] - 30/09/2013 - 10:30:27 ---A- - C:\Windows\Prefetch\SMSS.EXE-81AD91F0.pf
O45 - LFCP:[MD5.D046453579B2A625CFBEB8DED9C9A825] - 30/09/2013 - 10:30:37 ---A- - C:\Windows\Prefetch\CSRSS.EXE-A7A2B218.pf
O45 - LFCP:[MD5.338C0CD54D21743864F06B0B3F7CD57B] - 30/09/2013 - 10:30:37 ---A- - C:\Windows\Prefetch\WINLOGON.EXE-0D9AB72B.pf
O45 - LFCP:[MD5.D9CB5C6F7ACE11546C5BFC9A27CC7479] - 30/09/2013 - 10:30:39 ---A- - C:\Windows\Prefetch\DWM.EXE-F29FE9E2.pf
O45 - LFCP:[MD5.C7B4F32C153E84F03F9B56240F9F565B] - 30/09/2013 - 10:50:40 ---A- - C:\Windows\Prefetch\ATBROKER.EXE-8B8F7F7C.pf
O45 - LFCP:[MD5.4A1F212D82DC4426B558C1F084D06C17] - 30/09/2013 - 10:50:49 ---A- - C:\Windows\Prefetch\HCONTROL.EXE-752ABE5C.pf
O45 - LFCP:[MD5.91456FD4E8E6C0EA3C1B880261A5FA39] - 30/09/2013 - 10:50:49 ---A- - C:\Windows\Prefetch\INSONWMI.EXE-D024CEF9.pf
O45 - LFCP:[MD5.C3D178E478605EFF68B01A99EAC60A9D] - 30/09/2013 - 10:50:49 ---A- - C:\Windows\Prefetch\TASKHOSTEX.EXE-7356AAC0.pf
O45 - LFCP:[MD5.CEA0A86BDDCBEA3EDD4153C02F22E9AD] - 30/09/2013 - 10:50:50 ---A- - C:\Windows\Prefetch\USERINIT.EXE-7FD17ED1.pf
O45 - LFCP:[MD5.DB036BF20AB2342ED56B5EE31CD17C94] - 30/09/2013 - 10:50:55 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B865F023.pf
O45 - LFCP:[MD5.A604A182FB5FCCAA8ACC8FF95D65AE4D] - 30/09/2013 - 10:51:04 ---A- - C:\Windows\Prefetch\UPDATEUI.EXE-58A5EE05.pf
O45 - LFCP:[MD5.2F97AFC799CF19B3F4BA578450DC438A] - 30/09/2013 - 10:51:06 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-6C28DB75.pf
O45 - LFCP:[MD5.3201CFC7BB51ED928220D634491AFFE7] - 30/09/2013 - 10:51:08 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-6C28DB76.pf
O45 - LFCP:[MD5.EB779C62173E1C27A7459F6B5694CB72] - 30/09/2013 - 10:51:08 ---A- - C:\Windows\Prefetch\IGFXTRAY.EXE-21BDFE68.pf
O45 - LFCP:[MD5.0B842AF8B4BC3C2E3164CC1C8222432F] - 30/09/2013 - 10:51:09 ---A- - C:\Windows\Prefetch\HKCMD.EXE-15DC91D5.pf
O45 - LFCP:[MD5.DBA10EDFA774FF1CF41E133FA5660681] - 30/09/2013 - 10:51:09 ---A- - C:\Windows\Prefetch\RAVCPL64.EXE-C0BB540D.pf
O45 - LFCP:[MD5.35DE0802887744888A5E498A450DACF5] - 30/09/2013 - 10:51:10 ---A- - C:\Windows\Prefetch\ACMON.EXE-039F45B0.pf
O45 - LFCP:[MD5.5D338ACFF82A7786C947CB2DC4788E7B] - 30/09/2013 - 10:51:14 ---A- - C:\Windows\Prefetch\ASUSWSPANEL.EXE-379DF0C0.pf
O45 - LFCP:[MD5.CC02F7CCDF8ED97715BD7EB73963C591] - 30/09/2013 - 10:51:15 ---A- - C:\Windows\Prefetch\ADOBEARM.EXE-813E932C.pf
O45 - LFCP:[MD5.457F26B2E269BAEBBB6FFE9ECDFA2F49] - 30/09/2013 - 10:51:16 ---A- - C:\Windows\Prefetch\JUSCHED.EXE-4B303C70.pf
O45 - LFCP:[MD5.6184033DD477250C9A7CE007965A28C2] - 30/09/2013 - 10:51:22 ---A- - C:\Windows\Prefetch\CSC.EXE-4D47A477.pf
O45 - LFCP:[MD5.8B42C8914D2196ED86B365CA9B76B18A] - 30/09/2013 - 10:51:22 ---A- - C:\Windows\Prefetch\CVTRES.EXE-9077A165.pf
O45 - LFCP:[MD5.13F5481467686444FAE85A2141423A84] - 30/09/2013 - 10:51:35 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-7D20CFB0.pf
O45 - LFCP:[MD5.3FED96283662B1DCA4518FA6EF2640CC] - 30/09/2013 - 10:51:36 ---A- - C:\Windows\Prefetch\IGFXEXT.EXE-B04096D5.pf
O45 - LFCP:[MD5.92308C59DD47866D21AF8CE85CF18223] - 30/09/2013 - 10:51:50 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-528BC649.pf
O45 - LFCP:[MD5.AD80421C11FAFC084212ECB80F48823B] - 30/09/2013 - 10:51:56 ---A- - C:\Windows\Prefetch\AgCx_SC5.db
O45 - LFCP:[MD5.52FEEB78D20DA11CCCBE6C45DB30A0F7] - 30/09/2013 - 10:53:00 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-62E5E10F.pf
O45 - LFCP:[MD5.CCC838DDB8E654C74AD4946312A3DA44] - 30/09/2013 - 10:53:07 ---A- - C:\Windows\Prefetch\TIWORKER.EXE-375F3D59.pf
O45 - LFCP:[MD5.09817E0005015C9AC7022B8FDA887B43] - 30/09/2013 - 10:53:07 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-B018CCBF.pf
O45 - LFCP:[MD5.BFD0CB70AEC0933E28AB46500A53F7E0] - 30/09/2013 - 10:54:33 ---A- - C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_8_800_16-B0E978DF.pf
O45 - LFCP:[MD5.BD221CAC0D9C1EB0FC642014F6A34FF7] - 30/09/2013 - 10:54:33 ---A- - C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-E510713D.pf
O45 - LFCP:[MD5.C2BB4FCE74FE47105A4AF6AF1E812268] - 30/09/2013 - 10:56:07 ---A- - C:\Windows\Prefetch\JAVA.EXE-4EF2C834.pf
O45 - LFCP:[MD5.D9001D506ADE4C199AFA3716B10A7AC8] - 30/09/2013 - 11:05:45 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C1C2EFBE.pf
O45 - LFCP:[MD5.8C5850418D6CBFDFA14AE66AE9A6527C] - 30/09/2013 - 11:07:21 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf
O45 - LFCP:[MD5.5B2A7A45C5D82E2BBE69D4F3E9151A00] - 30/09/2013 - 11:07:21 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf
O45 - LFCP:[MD5.54110C58AAD6337BAC6BF4C8CEE927D0] - 30/09/2013 - 11:07:30 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-37BED555.pf
O45 - LFCP:[MD5.F4CE80D494E03FA0E950CC5E5BC33C08] - 30/09/2013 - 11:07:31 ---A- - C:\Windows\Prefetch\RUNTIMEBROKER.EXE-17E2786F.pf
O45 - LFCP:[MD5.37B3C9C4B4EB9BAA1757C3D0CAF4A725] - 30/09/2013 - 11:10:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-23205583.pf
O45 - LFCP:[MD5.CB37747D8B8968858D93BEEF7860657A] - 30/09/2013 - 11:11:55 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-29D61DAB.pf
O45 - LFCP:[MD5.4652BD776DB5BF3CEA616124CA537E67] - 30/09/2013 - 12:07:30 ---A- - C:\Windows\Prefetch\ASUSTPCFG64.EXE-7A0C8A89.pf
O45 - LFCP:[MD5.950BB69A5FD556EE27B1EC15E226ADEB] - 30/09/2013 - 12:07:30 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-D687BE54.pf
O45 - LFCP:[MD5.4AB6715025B39A10089A4515F29E35FB] - 30/09/2013 - 12:07:32 ---A- - C:\Windows\Prefetch\ACOVS.EXE-2C6C215E.pf
O45 - LFCP:[MD5.3A6BCF9D01F9C2BA56A9F436F47A9A38] - 30/09/2013 - 12:07:32 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-E35F76FB.pf
O45 - LFCP:[MD5.1A52BAFF614F14D9E71B95283AFD5766] - 30/09/2013 - 12:07:35 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.CB8A54F52AFF1A93F75F0D15C2004D3C] - 30/09/2013 - 12:07:43 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-BB49B536.pf
O45 - LFCP:[MD5.8DAAC3C9A6A2B95FA43038CE6C48C70A] - 30/09/2013 - 12:08:00 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6AA5D6C5.pf
O45 - LFCP:[MD5.1559A7B0750C6217018A7BDCABA63084] - 30/09/2013 - 12:08:35 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.A51C2C3ABD273A6E615F4313BEE8B732] - 30/09/2013 - 12:10:00 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-E0E5E52F.pf
O45 - LFCP:[MD5.92D782D8423193A532D050967C719C8F] - 30/09/2013 - 12:10:25 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-6520183E.pf
O45 - LFCP:[MD5.44F58FF9FAA08764AA1ABEC222ED5A28] - 30/09/2013 - 12:11:39 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4087657791-1931191923-1431379775-1001.db
O45 - LFCP:[MD5.BFA5F9575B2E3D8605E81B87A22614CB] - 30/09/2013 - 12:11:39 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-4087657791-1931191923-1431379775-1001.db
O45 - LFCP:[MD5.3E0589E64BE2533848A6B90164872910] - 30/09/2013 - 12:12:29 ---A- - C:\Windows\Prefetch\ZHPFIX.TMP-6F608608.pf
O45 - LFCP:[MD5.977E30BD2929A9078984F9517EAB0B0A] - 30/09/2013 - 12:12:38 ---A- - C:\Windows\Prefetch\ZHPFIX.EXE-3BDD7855.pf
O45 - LFCP:[MD5.3CCBD0509BA44A7F45CAA8539B2C7DF5] - 30/09/2013 - 12:12:38 ---A- - C:\Windows\Prefetch\ZHPFIX.TMP-520243FB.pf
O45 - LFCP:[MD5.92152D8567D819A67E02F929F9E3F703] - 30/09/2013 - 12:14:19 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-01FEC193.pf
O45 - LFCP:[MD5.99167E5DC1E7382BFE7A75BCA2ECB8E0] - 30/09/2013 - 12:14:29 ---A- - C:\Windows\Prefetch\ZHPFIX.EXE-30773C45.pf
O45 - LFCP:[MD5.7468EDE898B0587AD675B1B98B929B60] - 30/09/2013 - 12:15:34 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C7028A70.pf
O45 - LFCP:[MD5.6431D0FA5EE65F2B1A1A24CD418417C3] - 30/09/2013 - 12:15:35 ---A- - C:\Windows\Prefetch\IGFXSRVC.EXE-F41E6E8E.pf
O45 - LFCP:[MD5.8B62AC0B7AB11DB748401DB8FAE99230] - 30/09/2013 - 12:15:49 ---A- - C:\Windows\Prefetch\THUMBNAILEXTRACTIONHOST.EXE-C3FB8861.pf
O45 - LFCP:[MD5.71B5BF26B5507C9AE86AB2483DDF6C2D] - 30/09/2013 - 12:17:17 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-10E4267C.pf
O45 - LFCP:[MD5.C0C7830DFDB6ECC9150BF0AF97DA0454] - 30/09/2013 - 12:17:17 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-C6CFE2A8.pf
O45 - LFCP:[MD5.F9AA5710CF970EB91B549F8573C410A1] - 30/09/2013 - 12:17:54 ---A- - C:\Windows\Prefetch\CONSENT.EXE-2D674CE4.pf
O45 - LFCP:[MD5.E7D2C07A95588B4241F63F809A76F7A9] - 30/09/2013 - 12:17:59 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50AF0BCC.pf
O45 - LFCP:[MD5.85D9D55124683FDCEED8D16073D9922B] - 30/09/2013 - 12:18:02 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-F62B0048.pf
O45 - LFCP:[MD5.F68890869B80CF9F17DE9ACA43887634] - 30/09/2013 - 12:18:05 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-CF2D1F12.pf
O45 - LFCP:[MD5.BB340CDAA36DC9D9353A8C2E88E37277] - 30/09/2013 - 12:18:05 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-71CB18FC.pf
O45 - LFCP:[MD5.1B733464B586D88F103057D1791C6F8B] - 30/09/2013 - 12:18:22 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-210D3DBE.pf
O45 - LFCP:[MD5.A876342ECF32D6632439937AC29D9DC2] - 30/09/2013 - 12:18:25 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-38926D07.pf
O45 - LFCP:[MD5.D1D68CC8D4A231C7D1EDE9B0FE196EA9] - 30/09/2013 - 12:18:54 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-5F2753B1.pf
O45 - LFCP:[MD5.78E9F5C02F7524FC9AC3692568932332] - 30/09/2013 - 12:19:04 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-C7289479.pf
O45 - LFCP:[MD5.7E0A1DE31D98889DB3E3B5F80C3A271F] - 30/09/2013 - 12:19:46 ---A- - C:\Windows\Prefetch\CMD.EXE-2EB3E6E2.pf
O45 - LFCP:[MD5.85B4F29ADF762A021A2E3719F1BC33DF] - 30/09/2013 - 12:19:46 ---A- - C:\Windows\Prefetch\CONHOST.EXE-F98A1078.pf
O45 - LFCP:[MD5.6CD138285A213D9BA3D6811AD02DDC21] - 30/09/2013 - 12:19:46 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-E9FF6526.pf
O45 - LFCP:[MD5.64B2EE19437F0DC50F2A3C6E3F8CD1A8] - 30/09/2013 - 12:19:53 ---A- - C:\Windows\Prefetch\PV.EXE-D9D90B9C.pf
O45 - LFCP:[MD5.32CA7653A71C3F32939B5140861E8CE0] - 30/09/2013 - 12:19:53 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-0C8A533A.pf
O45 - LFCP:[MD5.670C733597FF9F8F5EC4C877CC76A37B] - 30/09/2013 - 12:19:54 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-7B160CA5.pf
O45 - LFCP:[MD5.D423A7E253C85A69EB10943453D291EF] - 30/09/2013 - 12:20:02 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5B401A7E.pf
O45 - LFCP:[MD5.D1315F313CFECBD35AE0B1DF8E472C55] - 30/09/2013 - 12:20:03 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.D4D335A6F6A39842F96C6170EF7CE210] - 30/09/2013 - 12:20:03 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.02F59489B379DAE917CDA6EE0626775B] - 30/09/2013 - 12:20:04 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.DCA326923977AEA984677790F467CC51] - 30/09/2013 - 12:20:04 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.471671CA09EFAFC0B628759A9F0818AC] - 30/09/2013 - 12:20:04 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-D08B2113.pf
O45 - LFCP:[MD5.65B09F39F01AF9A9BF867EAB2686F89A] - 30/09/2013 - 12:20:10 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-0AD36442.pf
~ Prefetcher: 191 Scanned in 00mn 02s
---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ D�ni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l��diteur de configuration de s�curit� Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de s�curit� Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de s�curit� TLS/SSL.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s
---\\ Contr�le du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d�extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d�extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in 00mn 00s
---\\ Cl� de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{66e05a61-09d6-11e3-be9d-50465d305441}\AutoRun\command. (...) -- E:\autorun.exe (.not file.)
O51 - MPSK:{66e05ae2-09d6-11e3-be9d-50465d305441}\AutoRun\command. (...) -- E:\autorun.exe (.not file.)
O51 - MPSK:{66e05b4c-09d6-11e3-be9d-50465d305441}\AutoRun\command. (...) -- E:\autorun.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s
---\\ Enum�ration des cl�s de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s
---\\ Enum�ration des cl�s de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Scanned in 00mn 00s
---\\ Enum�ration des cl�s de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ MWPE Keys: 3 Scanned in 00mn 00s
---\\ Liste des pilotes du syst�me (SDL) (O58)
O58 - SDL:[MD5.4F18D4C7EA14F11A7211F60D553C03DB] - 26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [106736]
~ Drivers: 17 Scanned in 00mn 00s
---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 27/09/2013 - 19:32:40 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\countrycodeCAEJ5VCV.htm [25]
O61 - LFC: 27/09/2013 - 19:32:46 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAOV018M.htm [0]
O61 - LFC: 27/09/2013 - 19:33:07 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\INetCache\9BH7RFXP\FBActive2[2].png [777]
O61 - LFC: 27/09/2013 - 19:33:07 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\INetCache\9BH7RFXP\FLKRActive[1].png [1257]
O61 - LFC: 27/09/2013 - 19:33:38 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\4309200C3DBAD0F6F0DFACE9165FD092 [727]
O61 - LFC: 27/09/2013 - 19:43:44 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\Settings\settings.dat [262144]
O61 - LFC: 27/09/2013 - 19:43:45 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\WinStore_cw5n1h2txyewy\Settings\settings.dat [8192]
O61 - LFC: 28/09/2013 - 08:37:14 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\countrycodeCAFWBBX1.htm [25]
O61 - LFC: 28/09/2013 - 08:37:15 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CALZG798.htm [0]
O61 - LFC: 28/09/2013 - 08:37:24 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAX3VV8O.htm [0]
O61 - LFC: 28/09/2013 - 08:37:40 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAHXJ96W.htm [0]
O61 - LFC: 28/09/2013 - 08:37:53 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CAU46HVZ.htm [0]
O61 - LFC: 28/09/2013 - 08:38:44 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAGZR81Q.htm [0]
O61 - LFC: 28/09/2013 - 16:34:47 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youporn.com_0.localstorage [3072]
O61 - LFC: 28/09/2013 - 16:34:47 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youporn.com_0.localstorage-journal [3608]
O61 - LFC: 28/09/2013 - 16:52:27 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\countrycodeCAWI5B1B.htm [25]
O61 - LFC: 28/09/2013 - 16:52:33 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAYNJIU2.htm [0]
O61 - LFC: 28/09/2013 - 16:53:01 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dub107.mail.live.com_0.localstorage [3072]
O61 - LFC: 28/09/2013 - 16:53:02 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dub107.mail.live.com_0.localstorage-journal [3608]
O61 - LFC: 28/09/2013 - 16:53:24 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-08 [4427776]
O61 - LFC: 28/09/2013 - 17:17:26 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage [4096]
O61 - LFC: 28/09/2013 - 17:17:26 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage-journal [4640]
O61 - LFC: 28/09/2013 - 17:31:10 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YS5KJFBT\effectivemeasure.net\EM_APP.sol [100]
O61 - LFC: 28/09/2013 - 17:31:38 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dub124.mail.live.com_0.localstorage [3072]
O61 - LFC: 28/09/2013 - 17:31:38 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dub124.mail.live.com_0.localstorage-journal [3608]
O61 - LFC: 28/09/2013 - 17:34:59 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\countrycodeCA1RFKXO.htm [25]
O61 - LFC: 28/09/2013 - 17:34:59 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAOOQXY2.htm [0]
O61 - LFC: 28/09/2013 - 17:35:03 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CA32ECVI.htm [0]
O61 - LFC: 28/09/2013 - 17:35:12 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAAAW9H3.htm [0]
O61 - LFC: 28/09/2013 - 17:35:44 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA89NV5I.htm [0]
O61 - LFC: 28/09/2013 - 17:38:39 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage [32768]
O61 - LFC: 28/09/2013 - 17:38:39 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal [16384]
O61 - LFC: 28/09/2013 - 17:39:47 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\countrycodeCAA5FEE1.htm [25]
O61 - LFC: 28/09/2013 - 17:41:00 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_player.vimeo.com_0.localstorage [3072]
O61 - LFC: 28/09/2013 - 17:41:00 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_player.vimeo.com_0.localstorage-journal [3608]
O61 - LFC: 28/09/2013 - 17:41:01 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_player.vimeo.com_0.localstorage [3072]
O61 - LFC: 28/09/2013 - 17:41:01 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_player.vimeo.com_0.localstorage-journal [3608]
O61 - LFC: 28/09/2013 - 17:41:02 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YS5KJFBT\broadcast.piximedia.fr\footerJS\v3\lib\so.swf\PmUI.sol [33]
O61 - LFC: 28/09/2013 - 17:41:02 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YS5KJFBT\macromedia.com\support\flashplayer\sys\#broadcast.piximedia.fr\settings.sol [92]
O61 - LFC: 28/09/2013 - 17:41:02 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YS5KJFBT\macromedia.com\support\flashplayer\sys\settings.sol [856]
O61 - LFC: 29/09/2013 - 15:21:17 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_chat.tchatche.com_0.localstorage [5120]
O61 - LFC: 29/09/2013 - 15:21:18 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_chat.tchatche.com_0.localstorage-journal [5672]
O61 - LFC: 29/09/2013 - 16:23:42 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\countrycodeCABKR0PU.htm [25]
O61 - LFC: 29/09/2013 - 16:24:13 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\Microsoft\CryptnetUrlCache\Content\AC9005F5466BD463DF06D711B370595F [26790]
O61 - LFC: 29/09/2013 - 16:24:15 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\AC9005F5466BD463DF06D711B370595F [26790]
O61 - LFC: 29/09/2013 - 16:24:16 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\7D1F03728133589A90656A87E482B21F [43143]
O61 - LFC: 29/09/2013 - 16:24:16 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\803D392C3051B3E3A74EB48BC5861291 [26790]
O61 - LFC: 29/09/2013 - 16:24:16 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\803D392C3051B3E3A74EB48BC5861291 [310]
O61 - LFC: 30/09/2013 - 07:07:44 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\countrycodeCAJ1ZVU9.htm [25]
O61 - LFC: 30/09/2013 - 07:08:14 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\Microsoft\CryptnetUrlCache\Content\7D1F03728133589A90656A87E482B21F [43143]
O61 - LFC: 30/09/2013 - 07:16:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db [7168]
O61 - LFC: 30/09/2013 - 07:16:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db-journal [5672]
O61 - LFC: 30/09/2013 - 07:16:58 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\databases\http_www.entre-infideles.com_0\1 [4096]
O61 - LFC: 30/09/2013 - 07:17:25 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Web Data [112640]
O61 - LFC: 30/09/2013 - 07:17:25 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal [16384]
O61 - LFC: 30/09/2013 - 07:17:27 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\QuotaManager [13312]
O61 - LFC: 30/09/2013 - 07:17:27 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal [8768]
O61 - LFC: 30/09/2013 - 07:19:08 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\countrycodeCA4B8R5Z.htm [25]
O61 - LFC: 30/09/2013 - 07:19:08 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CA0MXVI0.htm [0]
O61 - LFC: 30/09/2013 - 07:19:08 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 [340]
O61 - LFC: 30/09/2013 - 07:19:12 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 [338]
O61 - LFC: 30/09/2013 - 07:19:12 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\7D1F03728133589A90656A87E482B21F [256]
O61 - LFC: 30/09/2013 - 07:34:49 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.dailymotion.com_0.localstorage [3072]
O61 - LFC: 30/09/2013 - 07:34:49 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.dailymotion.com_0.localstorage-journal [3608]
O61 - LFC: 30/09/2013 - 07:36:31 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\countrycodeCATX49C5.htm [25]
O61 - LFC: 30/09/2013 - 07:36:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAVNRFLB.htm [0]
O61 - LFC: 30/09/2013 - 07:37:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CA33BRG8.htm [0]
O61 - LFC: 30/09/2013 - 07:38:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CAG15OK4.htm [0]
O61 - LFC: 30/09/2013 - 07:39:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAZ5AXT4.htm [0]
O61 - LFC: 30/09/2013 - 07:40:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAWG1ZY5.htm [0]
O61 - LFC: 30/09/2013 - 07:41:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA6U9B0T.htm [0]
O61 - LFC: 30/09/2013 - 07:42:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAPVAB46.htm [0]
O61 - LFC: 30/09/2013 - 07:43:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAC9SK4O.htm [0]
O61 - LFC: 30/09/2013 - 07:44:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAMAZ03X.htm [0]
O61 - LFC: 30/09/2013 - 07:45:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CAVB4CPK.htm [0]
O61 - LFC: 30/09/2013 - 08:16:53 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\avatars\7a616d6f757232303132 [3962]
O61 - LFC: 30/09/2013 - 08:16:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\chatsync\82\82b1f95bc85f3892.dat [3615]
O61 - LFC: 30/09/2013 - 08:23:53 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAIQ3O5X.htm [0]
O61 - LFC: 30/09/2013 - 08:23:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CACEWOLX.htm [0]
O61 - LFC: 30/09/2013 - 08:24:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAJWSTNS.htm [0]
O61 - LFC: 30/09/2013 - 08:25:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CAHHV3CP.htm [0]
O61 - LFC: 30/09/2013 - 08:26:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CA3RDK40.htm [0]
O61 - LFC: 30/09/2013 - 08:27:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAODL5FT.htm [0]
O61 - LFC: 30/09/2013 - 08:28:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CADN8742.htm [0]
O61 - LFC: 30/09/2013 - 08:29:58 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA379XUP.htm [0]
O61 - LFC: 30/09/2013 - 08:30:58 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAJE3CA0.htm [0]
O61 - LFC: 30/09/2013 - 08:31:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAWK00R1.htm [0]
O61 - LFC: 30/09/2013 - 08:32:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAA9DKLK.htm [0]
O61 - LFC: 30/09/2013 - 08:33:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA98A38F.htm [0]
O61 - LFC: 30/09/2013 - 08:34:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAJN00Y3.htm [0]
O61 - LFC: 30/09/2013 - 08:35:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CA75W5NT.htm [0]
O61 - LFC: 30/09/2013 - 08:36:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAGHY4WS.htm [0]
O61 - LFC: 30/09/2013 - 08:36:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\chatsync\28\287ffa7814b92923.dat [2327]
O61 - LFC: 30/09/2013 - 08:37:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA5GOOME.htm [0]
O61 - LFC: 30/09/2013 - 08:38:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAZE6ZTJ.htm [0]
O61 - LFC: 30/09/2013 - 08:39:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAFPWC9T.htm [0]
O61 - LFC: 30/09/2013 - 08:40:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAU0URC0.htm [0]
O61 - LFC: 30/09/2013 - 08:41:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CAXDM8C1.htm [0]
O61 - LFC: 30/09/2013 - 08:42:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CARAJCUB.htm [0]
O61 - LFC: 30/09/2013 - 08:43:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAH3Q9TL.htm [0]
O61 - LFC: 30/09/2013 - 08:44:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CA443BRH.htm [0]
O61 - LFC: 30/09/2013 - 08:45:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA0CU0S0.htm [0]
O61 - LFC: 30/09/2013 - 08:46:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAMEGLCC.htm [0]
O61 - LFC: 30/09/2013 - 08:47:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAW6XY11.htm [0]
O61 - LFC: 30/09/2013 - 08:48:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAC2XC7G.htm [0]
O61 - LFC: 30/09/2013 - 08:49:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA4Z5Q7N.htm [0]
O61 - LFC: 30/09/2013 - 08:50:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CATW9R5Y.htm [0]
O61 - LFC: 30/09/2013 - 08:51:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAJVAIU6.htm [0]
O61 - LFC: 30/09/2013 - 08:52:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CADQXU49.htm [0]
O61 - LFC: 30/09/2013 - 08:53:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CAZ6TSTB.htm [0]
O61 - LFC: 30/09/2013 - 08:57:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\countrycodeCAMMAJQW.htm [25]
O61 - LFC: 30/09/2013 - 08:57:51 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CADPGIR9.htm [0]
O61 - LFC: 30/09/2013 - 08:58:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAR0MINQ.htm [0]
O61 - LFC: 30/09/2013 - 08:59:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA5U35OQ.htm [0]
O61 - LFC: 30/09/2013 - 09:00:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CA31TDHR.htm [0]
O61 - LFC: 30/09/2013 - 09:01:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CA4W4S7J.htm [0]
O61 - LFC: 30/09/2013 - 09:02:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAXLQ4RF.htm [0]
O61 - LFC: 30/09/2013 - 09:03:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CAZ0E9V0.htm [0]
O61 - LFC: 30/09/2013 - 09:03:56 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\avatars\656d696c696531353630 [12578]
O61 - LFC: 30/09/2013 - 09:03:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\chatsync\0c\0c1433f87b20c8a3.dat [4081]
O61 - LFC: 30/09/2013 - 09:04:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAX2CM8G.htm [0]
O61 - LFC: 30/09/2013 - 09:05:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CACP3IXD.htm [0]
O61 - LFC: 30/09/2013 - 09:06:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAQKBGLM.htm [0]
O61 - LFC: 30/09/2013 - 09:07:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA1U1C0C.htm [0]
O61 - LFC: 30/09/2013 - 09:08:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAZ1RTZW.htm [0]
O61 - LFC: 30/09/2013 - 09:09:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAVKZRU7.htm [0]
O61 - LFC: 30/09/2013 - 09:10:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAGC36OI.htm [0]
O61 - LFC: 30/09/2013 - 09:11:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA2MGGXE.htm [0]
O61 - LFC: 30/09/2013 - 09:12:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CA4LIVLJ.htm [0]
O61 - LFC: 30/09/2013 - 09:13:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CALPQ07O.htm [0]
O61 - LFC: 30/09/2013 - 09:13:52 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\chatsync\67\671ecb8d05c1f18c.dat [3124]
O61 - LFC: 30/09/2013 - 09:13:55 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\avatars\76616c657269652e64756c69657532 [4247]
O61 - LFC: 30/09/2013 - 09:14:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CASWKV4W.htm [0]
O61 - LFC: 30/09/2013 - 09:15:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CANOVB1Q.htm [0]
O61 - LFC: 30/09/2013 - 09:16:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAIKW2LL.htm [0]
O61 - LFC: 30/09/2013 - 09:17:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CA1E7S14.htm [0]
O61 - LFC: 30/09/2013 - 09:18:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CA652W3K.htm [0]
O61 - LFC: 30/09/2013 - 09:19:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CAH1DWXJ.htm [0]
O61 - LFC: 30/09/2013 - 09:20:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CA31208B.htm [0]
O61 - LFC: 30/09/2013 - 09:21:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CACBIV7U.htm [0]
O61 - LFC: 30/09/2013 - 09:22:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAXOSQLU.htm [0]
O61 - LFC: 30/09/2013 - 09:23:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CAJQZ2A4.htm [0]
O61 - LFC: 30/09/2013 - 09:24:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAHXCLMB.htm [0]
O61 - LFC: 30/09/2013 - 09:25:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAE2VQOE.htm [0]
O61 - LFC: 30/09/2013 - 09:26:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CATSK02W.htm [0]
O61 - LFC: 30/09/2013 - 09:27:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CACXH6XP.htm [0]
O61 - LFC: 30/09/2013 - 09:57:29 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\countrycodeCAL501VM.htm [25]
O61 - LFC: 30/09/2013 - 09:57:30 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAXYJSID.htm [0]
O61 - LFC: 30/09/2013 - 09:57:59 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\Microsoft\CryptnetUrlCache\MetaData\4309200C3DBAD0F6F0DFACE9165FD092 [262]
O61 - LFC: 30/09/2013 - 10:01:18 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Top Sites [315392]
O61 - LFC: 30/09/2013 - 10:01:18 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal [16384]
O61 - LFC: 30/09/2013 - 10:01:33 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dub111.mail.live.com_0.localstorage [3072]
O61 - LFC: 30/09/2013 - 10:01:33 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dub111.mail.live.com_0.localstorage-journal [3608]
O61 - LFC: 30/09/2013 - 10:01:51 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_secure.shared.live.com_0.localstorage [32768]
O61 - LFC: 30/09/2013 - 10:01:51 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_secure.shared.live.com_0.localstorage-journal [16384]
O61 - LFC: 30/09/2013 - 10:01:56 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2 [1056768]
O61 - LFC: 30/09/2013 - 10:01:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_0 [45056]
O61 - LFC: 30/09/2013 - 10:01:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_1 [270336]
O61 - LFC: 30/09/2013 - 10:01:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_2 [1056768]
O61 - LFC: 30/09/2013 - 10:01:59 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old [145]
O61 - LFC: 30/09/2013 - 10:02:05 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage [3072]
O61 - LFC: 30/09/2013 - 10:02:05 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage-journal [3608]
O61 - LFC: 30/09/2013 - 10:02:16 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Shortcuts [24576]
O61 - LFC: 30/09/2013 - 10:02:17 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal [16384]
O61 - LFC: 30/09/2013 - 10:02:38 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Favicons [768000]
O61 - LFC: 30/09/2013 - 10:02:38 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal [16384]
O61 - LFC: 30/09/2013 - 10:02:38 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Last Session [15082]
O61 - LFC: 30/09/2013 - 10:02:38 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Last Tabs [10944]
O61 - LFC: 30/09/2013 - 10:02:38 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old [267]
O61 - LFC: 30/09/2013 - 10:02:38 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Visited Links [131072]
O61 - LFC: 30/09/2013 - 10:03:54 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT [16]
O61 - LFC: 30/09/2013 - 10:03:54 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000035 [426]
O61 - LFC: 30/09/2013 - 10:03:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor [157696]
O61 - LFC: 30/09/2013 - 10:03:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal [16384]
O61 - LFC: 30/09/2013 - 10:03:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT [16]
O61 - LFC: 30/09/2013 - 10:03:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000061 [202]
O61 - LFC: 30/09/2013 - 10:03:58 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG [0]
O61 - LFC: 30/09/2013 - 10:03:58 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old [0]
O61 - LFC: 30/09/2013 - 10:04:04 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Managed Mode Settings [8]
O61 - LFC: 30/09/2013 - 10:04:04 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity [1278]
O61 - LFC: 30/09/2013 - 10:04:07 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-09 [2486272]
O61 - LFC: 30/09/2013 - 10:08:24 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Safe Browsing Download [685212]
O61 - LFC: 30/09/2013 - 10:08:25 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom [11565556]
O61 - LFC: 30/09/2013 - 10:08:25 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [1737730]
O61 - LFC: 30/09/2013 - 10:08:25 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist [135236]
O61 - LFC: 30/09/2013 - 10:08:25 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist [19680]
O61 - LFC: 30/09/2013 - 10:08:25 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist [6520]
O61 - LFC: 30/09/2013 - 10:08:54 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies [6144]
O61 - LFC: 30/09/2013 - 10:08:54 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal [4640]
O61 - LFC: 30/09/2013 - 10:09:58 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [262726]
O61 - LFC: 30/09/2013 - 10:09:58 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Temp\CRX_75DAF8CB7768\crl-set [262726]
O61 - LFC: 30/09/2013 - 10:09:58 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.fingerprint [12]
O61 - LFC: 30/09/2013 - 10:09:58 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.json [34]
O61 - LFC: 30/09/2013 - 10:17:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\History [1261568]
O61 - LFC: 30/09/2013 - 10:17:53 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Current Session [16974]
O61 - LFC: 30/09/2013 - 10:18:10 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Cookies [450560]
O61 - LFC: 30/09/2013 - 10:18:10 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal [16384]
O61 - LFC: 30/09/2013 - 10:21:25 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\History-journal [25136]
O61 - LFC: 30/09/2013 - 10:24:31 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\countrycodeCA7AKJAU.htm [25]
O61 - LFC: 30/09/2013 - 10:24:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CAUAS34R.htm [0]
O61 - LFC: 30/09/2013 - 10:24:45 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\BackgroundTransferApi\a187606e-136e-4158-8c9f-84e01841df4c.up_meta [89]
O61 - LFC: 30/09/2013 - 10:24:45 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\bici\bi001000.sqm [894]
O61 - LFC: 30/09/2013 - 10:24:46 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\BackgroundTransferApi\a187606e-136e-4158-8c9f-84e01841df4c.7577bcbd-dab9-4adf-8462-01b4eca85c61.down_meta [380]
O61 - LFC: 30/09/2013 - 10:24:46 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\BackgroundTransferApi\a187606e-136e-4158-8c9f-84e01841df4c.down_data [0]
O61 - LFC: 30/09/2013 - 10:25:06 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\4309200C3DBAD0F6F0DFACE9165FD092 [262]
O61 - LFC: 30/09/2013 - 10:25:06 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\AC9005F5466BD463DF06D711B370595F [314]
O61 - LFC: 30/09/2013 - 10:30:27 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0 [45056]
O61 - LFC: 30/09/2013 - 10:30:27 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1 [270336]
O61 - LFC: 30/09/2013 - 10:30:28 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Current Tabs [12089]
O61 - LFC: 30/09/2013 - 10:30:28 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG [145]
O61 - LFC: 30/09/2013 - 10:30:28 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache [237858]
O61 - LFC: 30/09/2013 - 10:30:28 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Preferences [144755]
O61 - LFC: 30/09/2013 - 10:30:28 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Local State [42520]
O61 - LFC: 30/09/2013 - 10:30:28 ---A- . (...) -- C:\Users\mohamed\AppData\Roaming\Microsoft\MSN Messenger\sqmnoopt00.sqm [518]
O61 - LFC: 30/09/2013 - 10:30:29 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-09-journal [16928]
O61 - LFC: 30/09/2013 - 10:30:29 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG [267]
O61 - LFC: 30/09/2013 - 10:30:29 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [5]
O61 - LFC: 30/09/2013 - 10:30:29 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Windows Live\uxcore_msnmsgr_00.etl [4096]
O61 - LFC: 30/09/2013 - 10:30:32 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\LiveComm.etl [2228224]
O61 - LFC: 30/09/2013 - 10:30:32 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\LiveComm\nouser\120712-0049\DBStore\livecomm.edb [6307840]
O61 - LFC: 30/09/2013 - 10:30:32 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\Microsoft.WindowsLive.ModernPhotos.etl [4718592]
O61 - LFC: 30/09/2013 - 10:30:32 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\ModernPhoto.edb [109084672]
O61 - LFC: 30/09/2013 - 10:30:32 --HA- . (...) -- C:\Users\mohamed\AppData\Local\IconCache.db [166554]
O61 - LFC: 30/09/2013 - 10:30:33 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\Settings\settings.dat [262144]
O61 - LFC: 30/09/2013 - 10:50:45 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Temp\qtsingleapp-EAABFC-151a-2-lockfile [0]
O61 - LFC: 30/09/2013 - 10:50:51 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Temp\.challenge_plain [344]
O61 - LFC: 30/09/2013 - 10:51:00 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\Content\23B523C9E7746F715D33C6527C18EB9D [1802]
O61 - LFC: 30/09/2013 - 10:51:00 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\Content\49514950C94E8026A2B06312597DFF49_569BD946168DB279A65378F7D088CFD0 [1455]
O61 - LFC: 30/09/2013 - 10:51:01 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\Content\8059E9A0D314877E40FE93D8CCFB3C69_CBE43AE7F5F64D8D961C9C8AA1224695 [463]
O61 - LFC: 30/09/2013 - 10:51:01 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 [338]
O61 - LFC: 30/09/2013 - 10:51:01 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 [290]
O61 - LFC: 30/09/2013 - 10:51:02 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\DJQZECBC\google_fr[1].htm [112640]
O61 - LFC: 30/09/2013 - 10:51:03 ---A- . (...) -- C:\Users\mohamed\AppData\Roaming\sp_data.sys [408]
O61 - LFC: 30/09/2013 - 10:51:06 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\KF87MEGA\nav_logo161[1].png [27450]
O61 - LFC: 30/09/2013 - 10:51:07 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\JJDDPB2G\rs=AItRSTPPT8mCQxU70amvztNA-oTr8_VcHw[1].js [368070]
O61 - LFC: 30/09/2013 - 10:51:07 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\JJDDPB2G\sem_c1787bbb690d1eddadda88b00d88ed15[1].js [50863]
O61 - LFC: 30/09/2013 - 10:51:08 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\DJQZECBC\76b3b3b380e8c8ad[1].js [86767]
O61 - LFC: 30/09/2013 - 10:51:08 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\KF87MEGA\rs=AItRSTPPT8mCQxU70amvztNA-oTr8_VcHw[1].js [287350]
O61 - LFC: 30/09/2013 - 10:51:11 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\DJQZECBC\s[2].json [801]
O61 - LFC: 30/09/2013 - 10:51:11 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\DJQZECBC\s[3].json [786]
O61 - LFC: 30/09/2013 - 10:51:12 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\8X9I07P7\s[1].json [94418]
O61 - LFC: 30/09/2013 - 10:51:12 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\JJDDPB2G\rs=AItRSTPPT8mCQxU70amvztNA-oTr8_VcHw[2].js [74922]
O61 - LFC: 30/09/2013 - 10:51:12 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\Content\8059E9A0D314877E40FE93D8CCFB3C69_B8167929DF5FBDEF84BAE741CCB8D129 [463]
O61 - LFC: 30/09/2013 - 10:51:13 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\8X9I07P7\photo[1].png [4727]
O61 - LFC: 30/09/2013 - 10:51:21 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\Internet Explorer\DOMStore\TY471OB8\www.google[1].xml [171]
O61 - LFC: 30/09/2013 - 10:51:31 ---A- . (...) -- C:\Users\mohamed\AppData\Local\ASUS\P4G\P4GUI.INI [501]
O61 - LFC: 30/09/2013 - 10:51:32 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\Content\4309200C3DBAD0F6F0DFACE9165FD092 [727]
O61 - LFC: 30/09/2013 - 10:51:32 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\MetaData\23B523C9E7746F715D33C6527C18EB9D [292]
O61 - LFC: 30/09/2013 - 10:51:32 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\MetaData\4309200C3DBAD0F6F0DFACE9165FD092 [262]
O61 - LFC: 30/09/2013 - 10:51:32 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\MetaData\49514950C94E8026A2B06312597DFF49_569BD946168DB279A65378F7D088CFD0 [386]
O61 - LFC: 30/09/2013 - 10:51:32 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\MetaData\7D1F03728133589A90656A87E482B21F [256]
O61 - LFC: 30/09/2013 - 10:51:32 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\MetaData\8059E9A0D314877E40FE93D8CCFB3C69_B8167929DF5FBDEF84BAE741CCB8D129 [390]
O61 - LFC: 30/09/2013 - 10:51:32 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\MetaData\8059E9A0D314877E40FE93D8CCFB3C69_CBE43AE7F5F64D8D961C9C8AA1224695 [386]
O61 - LFC: 30/09/2013 - 11:07:21 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\Microsoft\CryptnetUrlCache\MetaData\7D1F03728133589A90656A87E482B21F [256]
O61 - LFC: 30/09/2013 - 11:07:22 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\countrycodeCAU8J31F.htm [25]
O61 - LFC: 30/09/2013 - 11:07:22 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\mmanager\mediacache.ldb [40]
O61 - LFC: 30/09/2013 - 11:07:22 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\thmanager\thcache.ldb [40]
O61 - LFC: 30/09/2013 - 11:07:22 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\TempState\DbTemp\temp-87m0k5lY1pigtOIZaQq6htA7 [20480]
O61 - LFC: 30/09/2013 - 11:07:22 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\TempState\DbTemp\temp-DG16XkEG6dIhM7Vm4sE5zu1D [512]
O61 - LFC: 30/09/2013 - 11:07:23 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\imcache [58]
O61 - LFC: 30/09/2013 - 11:07:26 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAZXTHOH.htm [0]
O61 - LFC: 30/09/2013 - 11:07:27 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\eas.db [49152]
O61 - LFC: 30/09/2013 - 11:07:27 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\eas.db-journal [33344]
O61 - LFC: 30/09/2013 - 11:07:28 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\chatsync\79\7972eed5d1fa99f4.dat [1962]
O61 - LFC: 30/09/2013 - 11:07:28 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\chatsync\9c\9cbe722e16b539b1.dat [1926]
O61 - LFC: 30/09/2013 - 11:07:28 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\chatsync\a9\a94b9643cb8aa11a.dat [2074]
O61 - LFC: 30/09/2013 - 11:07:33 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CA5TH5YN.htm [0]
O61 - LFC: 30/09/2013 - 11:07:43 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\msn.db [86016]
O61 - LFC: 30/09/2013 - 11:07:43 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\msn.db-journal [57968]
O61 - LFC: 30/09/2013 - 11:07:43 ---A- . (...) -- C:\Users\mohamed\AppData\Roaming\Microsoft\Spelling\fr-FR\default.acl [2]
O61 - LFC: 30/09/2013 - 11:07:43 ---A- . (...) -- C:\Users\mohamed\AppData\Roaming\Microsoft\Spelling\fr-FR\default.dic [2]
O61 - LFC: 30/09/2013 - 11:07:43 ---A- . (...) -- C:\Users\mohamed\AppData\Roaming\Microsoft\Spelling\fr-FR\default.exc [2]
O61 - LFC: 30/09/2013 - 11:07:44 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\chatsync\1f\1f36e4af70a39d36.dat [2258]
O61 - LFC: 30/09/2013 - 11:07:52 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\Microsoft\CryptnetUrlCache\MetaData\AC9005F5466BD463DF06D711B370595F [314]
O61 - LFC: 30/09/2013 - 11:08:24 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA321TEE.htm [0]
O61 - LFC: 30/09/2013 - 11:08:49 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\shared.xml [83735]
O61 - LFC: 30/09/2013 - 11:09:13 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\config.xml [8271]
O61 - LFC: 30/09/2013 - 11:09:32 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\main.db [1970176]
O61 - LFC: 30/09/2013 - 11:09:32 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\main.db-journal [222128]
O61 - LFC: 30/09/2013 - 11:09:44 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\_sessionState.json [578]
O61 - LFC: 30/09/2013 - 11:09:44 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\bistats.db [311296]
O61 - LFC: 30/09/2013 - 11:09:44 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\bistats.db-journal [131840]
O61 - LFC: 30/09/2013 - 11:09:44 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\stats.json [2]
O61 - LFC: 30/09/2013 - 12:10:16 ---A- . (.Nicolas Coolman.) -- C:\Users\mohamed\Downloads\ZHPFix.exe [3515295] =>.Nicolas Coolman
O61 - LFC: 30/09/2013 - 12:17:26 ---A- . (.Nicolas Coolman.) -- C:\Users\mohamed\Downloads\ZHPDiag2.exe [6830715] =>.Nicolas Coolman
O61 - LFC: 30/09/2013 - 12:18:58 ---A- . (...) -- C:\Users\mohamed\AppData\Roaming\ZHP\TestsZHPDiag.txt [2895] =>.Nicolas Coolman
O61 - LFC: 30/09/2013 - 12:20:56 ---A- . (...) -- C:\Users\mohamed\AppData\Roaming\ZHP\Log.txt [19139] =>.Nicolas Coolman
~ 5 Fichiers temporaires (Temporary files)
~ Files: 287 Scanned in 01mn 01s
---\\ Liste des outils de d�sinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
O63 - Logiciel: ZHPFix 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d��v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft � Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d��v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft � Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg>[HKCR\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
~ FASS Keys: 19 Scanned in 00mn 00s
---\\ Menu de d�marrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {D8E7A64E-EA3D-497C-A1A6-B988B48E1325} - (Ask Search) - http://www.search.ask.com
~ Keys: Scanned in 00mn 00s
---\\ Enum�re les service demarr�s par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Exp�rience d�application.) -- C:\Windows\System32\aelupsvc.dll [190976]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [309248]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de strat�gie de groupe.) -- C:\Windows\System32\gpsvc.dll [1366016]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1156096]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de num�rotation automatique d�acc�s distant.) -- C:\Windows\System32\rasauto.dll [99840]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d�acc�s � distance.) -- C:\Windows\System32\rasmans.dll [358400]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d�interface dynamique.) -- C:\Windows\System32\mprdim.dll [107520]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d��v�nements syst�me (SENS).) -- C:\Windows\System32\sens.dll [62976]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l�application d�assistance � Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [438784]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de t�l�phonie Microsoft� Windows(TM).) -- C:\Windows\System32\tapisrv.dll [305664]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise � jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [3275776]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arri�re-plan.) -- C:\Windows\System32\qmgr.dll [826368]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [565760]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivit� IPv6 sur un r�seau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [894464]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d�ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d�application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de d�couverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [151552]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [105472]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de t�ches.) -- C:\Windows\System32\schedsvc.dll [1285632]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [219648]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multim�dias.) -- C:\Windows\System32\mmcss.dll [80896]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d�ordinateurs.) -- C:\Windows\System32\browser.dll [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau � distance.) -- C:\Windows\System32\sessenv.dll [291328]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux probl�mes.) -- C:\Windows\System32\wercplsupport.dll [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des cl�s.) -- C:\Windows\System32\kmsvc.dll [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [190976]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft�.) -- C:\Windows\System32\wlidsvc.dll [1964544]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des th�mes Windows Shell.) -- C:\Windows\System32\themeservice.dll [47104]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d�installation de p�riph�rique.) -- C:\Windows\System32\DeviceSetupManager.dll [207872]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivit� r�seau Microsoft.) -- C:\Windows\System32\ncasvc.dll [161792]
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les �v�nements syst�me.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [180224]
~ Services: 34 Scanned in 00mn 00s
---\\ Recherche particuli�re � la racine du syst�me (SPRF) (O84)
[MD5.4A93070098539B54FDA391D4D551C880] [SPRF][22/07/2009] (...) -- C:\ProgramData\SetStretch.exe [24576]
[MD5.3BC853FCC8DABE43A64823C4D2968EDF] [SPRF][15/07/2013] (.Ask Partner Network - Stub Installer.) -- C:\Users\mohamed\AppData\Local\Temp\APNSetup.exe [489936]
[MD5.7DD4DC5C7A9E9096733F36B205AEA636] [SPRF][03/09/2009] (.Windows (R) Codename Longhorn DDK provider - Windows Setup API.) -- C:\Users\mohamed\AppData\Local\Temp\DeviceSetup64.exe [10752]
[MD5.8B1D49ECFE1D4C980DC7942EA0CD605B] [SPRF][03/04/2013] (.Adobe Systems Incorporated - Adobe� Flash� Player Installer/Uninstaller 11.6 r602.) -- C:\Users\mohamed\AppData\Local\Temp\fp_pl_pfs_installer.exe [16486616]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][19/12/2012] (...) -- C:\Users\mohamed\AppData\Local\Temp\hpxpsinfo.dat [0]
[MD5.3CF2C2F7FC07728536B532322AF61FF3] [SPRF][30/09/2013] (...) -- C:\Users\mohamed\AppData\Roaming\sp_data.sys [408]
[MD5.30C4ED6B07688BFBC9479E83B7D23137] [SPRF][05/11/2012] (...) -- C:\Users\mohamed\Desktop\bibus-1.4.3.1-Win32-wx2.8.7.1-Full-Setup.exe [12210253]
[MD5.601A4103C0A21219969B43A1DA956097] [SPRF][30/09/2013] (.Nicolas Coolman - ZHPFix.) -- C:\Users\mohamed\Desktop\ZHPFix.exe [3515295]
~ Files: 8 Scanned in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "vm-monitoring-rpc" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "vm-monitoring-dcom" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMP-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de d�marrage de Windows.) -- C:\Windows\system32\wininit.exe
O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de d�marrage de Windows.) -- C:\Windows\system32\wininit.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Netlogon-TCP-RPC-In" | In - None - P6 - FALSE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "ProximityUxHost-Sharing-In-TCP-NoScope" | In - None - P6 - TRUE | .(.Microsoft Corporation - H�te UX de proximit�.) -- C:\Windows\system32\proximityuxhost.exe
O87 - FAEL: "ProximityUxHost-Sharing-Out-TCP-NoScope" | Out - None - P6 - TRUE | .(.Microsoft Corporation - H�te UX de proximit�.) -- C:\Windows\system32\proximityuxhost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-syst�me spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-syst�me spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-DAS-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-DAS-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d�assistance � distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d�assistance � distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-In-UDP-NoScope" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-UDP-LocalSubnetScope" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-NoScope" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-LocalSubnetScope" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-NoScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-LocalSubnetScope" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-SSDP-Discovery-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-In-TCP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-Out-TCP-PlayToScope" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TPMVSCMGR-Server-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-Server-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TPMVSCMGR-Server-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-Server-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" |In - None - P6 - TRUE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contr�leur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contr�leur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus h�te de l�infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus h�te de l�infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-TCP" |In - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-TERMSRV-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-Prov-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcx2prov.exe (.not file.)
O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-McrMgr-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcrmgr.exe (.not file.)
O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{9E087DF3-D8D8-4E70-9A4C-A96BFFC0F31B}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Microsoft SharePoint Workspace.) -- C:\Program Files\Microsoft Office\Office14\GROOVE.exe
O87 - FAEL: "{37038080-B2B7-4E74-8270-E4C11B35E724}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Microsoft SharePoint Workspace.) -- C:\Program Files\Microsoft Office\Office14\GROOVE.exe
O87 - FAEL: "{BBB50CB8-EC5A-45DD-A104-A578D5187BD1}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files\Microsoft Office\Office14\ONENOTE.exe =>.Microsoft Corporation
O87 - FAEL: "{CE2C6726-1F28-4C07-B27C-2DDF5072D2FF}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files\Microsoft Office\Office14\ONENOTE.exe =>.Microsoft Corporation
O87 - FAEL: "{141FF2F0-AFFA-4FBF-80E1-040C339E03B5}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files\Microsoft Office\Office14\outlook.exe
O87 - FAEL: "{906BD463-8CB6-4E9A-B707-B427D1EB135C}" |In - None - P17 - TRUE | .(...) -- F:\DJ_AIO_06_F4500_\setup\hpznui40.exe (.not file.)
O87 - FAEL: "{EB68D7F3-BAF1-4095-AFE5-D685839256BE}" | In - None - P17 - TRUE | .(.Hewlett-Packard - HP Software Update Client.) -- C:\Program Files (x86)\HP\hp software update\hpwucli.exe =>.Hewlett-Packard Co
O87 - FAEL: "{06FAE245-2332-4B4F-B459-87F6ABDC9C96}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
O87 - FAEL: "{C5D23185-5115-4FFC-BE12-E24EFA42E937}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O87 - FAEL: "{D3E62FDD-5839-4048-9DDC-37369D565322}" | In - None - P17 - TRUE | .(.Apowersoft - Video Download Capture.) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
O87 - FAEL: "{38EE2C79-BB0C-4A03-A628-80B8444B0AAA}" | Out - None - P17 - TRUE | .(.Apowersoft - Video Download Capture.) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
O87 - FAEL: "{FE86B190-21B0-4B3D-A90A-335E460569C0}" | In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
O87 - FAEL: "{C6D52BB4-6C53-413D-91F2-5DBD4E35922D}" | Out - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
O87 - FAEL: "{EC07F1F3-A815-4D6A-9D98-80600A91782A}" | In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
O87 - FAEL: "{4B373D41-419E-4DE9-97D4-51B414A4B1B5}" | Out - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
O87 - FAEL: "{5FAE210F-FA2A-47BA-BB12-8936AB0AABAB}" | In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
O87 - FAEL: "{4053CD36-AB26-41E0-8E3A-7D2BD54AD814}" | Out - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
O87 - FAEL: "{3F54B112-5891-42B7-9B7F-9473BA36C001}" | In - None - P17 - TRUE | .(.Pas de propri�taire - MPlayer - The Movie Player.) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
O87 - FAEL: "{BA6C2E20-F4C2-4F06-8AEC-6B5A4CF91F23}" | Out - None - P17 - TRUE | .(.Pas de propri�taire - MPlayer - The Movie Player.) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
O87 - FAEL: "{5380D6AD-75FB-4E8C-B721-321D0528F369}" | In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
O87 - FAEL: "{04B4FF0E-3292-4112-8A59-9318FD8D7808}" | Out - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
~ Firewall: 225 Scanned in 00mn 04s
---\\ Enum�re les codes produits des logiciels (PUC) (O90)
O90 - PUC: "047163973EAE2E1199118BCAF689CC3E" . (.Google Earth Plug-in.) -- C:\Windows\Installer\{79361740-EAE3-11E2-9911-B8AC6F98CCE3}\ARPPRODUCTICON.exe =>.Google Inc
O90 - PUC: "1B641C2DD849FE743878D5C1B689F0C7" . (.Windows Live Writer.) -- C:\Windows\Installer\{D2C146B1-948D-47EF-8387-5D1C6B980F7C}\ApplicationIcon.ico
O90 - PUC: "21F1DBD139DE0C947ACC65BCED841885" . (.ASUS LifeFrame3.) -- C:\Windows\Installer\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}\_853F67D554F05449430E7E.exe
O90 - PUC: "50FA96906FF400C4496034952983EDD0" . (.ASUS Splendid Video Enhancement Technology.) -- C:\Windows\Installer\{0969AF05-4FF6-4C00-9406-43599238DE0D}\_853F67D554F05449430E7E.exe
O90 - PUC: "66D2718596F25124A9CEDE1869207363" . (.ASUS Tutor.) -- C:\windows\Installer\{58172D66-2F69-4215-9AEC-ED8196023736}\_853F67D554F05449430E7E.exe
O90 - PUC: "68AB67CA7DA76301B744BA0000000010" . (.Adobe Reader XI (11.0.04) - Fran�ais.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O90 - PUC: "6A6823D4BA6FA894284A4E0F0425F9D3" . (.ASUS Smart Gesture.) -- C:\Windows\Installer\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}\_853F67D554F05449430E7E.exe
O90 - PUC: "76E045AFC590B1A479ABD445D7CEA94F" . (.ASUS Live Update.) -- C:\Windows\Installer\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}\MyIcon
O90 - PUC: "A58BCE98339DAEC41961C5CBC9E29DB5" . (.ASUS Instant Connect.) -- C:\Windows\Installer\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}\_853F67D554F05449430E7E.exe
O90 - PUC: "A865EE1FF17160C4B96E3259EB0D763A" . (.LibreOffice 4.1.1.2.) -- C:\Windows\Installer\{F1EE568A-171F-4C06-9BE6-2395BED067A3}\soffice.ico
O90 - PUC: "B476F94747628E7478C965620AB6A219" . (.ASUS InstantOn.) -- C:\Windows\Installer\{749F674B-2674-47E8-879C-5626A06B2A91}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "E19212F84440D1B49B9F34077AE343D6" . (.WinFlash.) -- C:\Windows\Installer\{8F21291E-0444-4B1D-B9F9-4370A73E346D}\MyIcon
O90 - PUC: "E339C5BAD7C503D43B41C9384AB949EB" . (.ATK Package.) -- C:\Windows\Installer\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}\_4ae13d6c.exe
O90 - PUC: "E5E5322F18873924B9F6402B06F9FB0F" . (.Windows Live Messenger.) -- C:\Windows\Installer\{F2235E5E-7881-4293-9B6F-04B2609FBFF0}\MsblIco.Exe
O90 - PUC: "F9A84C6AA49643243BAA2695B0669872" . (.Intel(R) Manageability Engine Firmware Recovery Agent.) -- C:\Windows\Installer\{A6C48A9F-694A-4234-B3AA-62590B668927}\AppIcon
O90 - PUC: "FB9326B958E40954D827153ED01B9AAA" . (.ASUS Power4Gear Hybrid.) -- C:\Windows\Installer\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}\_853F67D554F05449430E7E.exe
~ Update Products: 97 Scanned in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.0235566E5134C79D5D40C1397220AC4E] [WIS][05/12/2012] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\38e5fa3.msi [28160] =>Toolbar.Google
[MD5.7AE5FF598B22E4F65558BAF73107FA7E] [WIS][14/05/2009] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\acba640.msi [459264]
~ WIS: 98 Scanned in 00mn 11s
---\\ Etat g�n�ral des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 10/09/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 23/07/2012 105120 | (ASLDRService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 13/04/2012 277120 | (ASUS InstantOn) . (.ASUS.) - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
SR - | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SS - | Demand 16/08/2012 276288 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 05/12/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 05/12/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 05/12/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Demand 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 27/06/2012 129856 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 25/06/2012 166720 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 17/07/2012 277824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Demand 06/09/2013 117656 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 20/09/2012 29696 | C:\Windows\System32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 20/09/2012 29696 | C:\Windows\System32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 17/07/2012 365376 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 13s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by mohamed at 30/09/2013 13:22:55
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by mohamed at 30/09/2013 13:22:57
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 12932 - (29/09/2013)
Cl�s trouv�es (Keys found) : 12
Valeurs trouv�es (Values found) : 4
Dossiers trouv�s (Folders found) : 12
Fichiers trouv�s (Files found) : 6
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4D91-8333-CF10577473F7}] =>Toolbar.Google^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}] =>Toolbar.Google^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] =>Toolbar.Google^
[HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion] =>Toolbar.Yahoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{EF99BD32-C1FB-11D2-892F-0090271D4F88} =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{EF99BD32-C1FB-11D2-892F-0090271D4F88} =>Toolbar.Yahoo
C:\Program Files (x86)\AddLyrics =>Adware.AddLyrics^
C:\Program Files (x86)\Boxore =>Adware.Boxore^
C:\Program Files (x86)\SweetIM =>PUP.SweetIM^
C:\ProgramData\SweetIM =>PUP.SweetIM^
C:\ProgramData\Tarma Installer =>PUP.Tarma^
C:\Users\mohamed\AppData\Local\Smartbar =>Hijacker.SmartBar^
C:\Users\mohamed\AppData\Local\SwvUpdater =>PUP.Software.Updater^
C:\Users\mohamed\AppData\Local\Wajam =>Toolbar.Wajam^
C:\Users\mohamed\AppData\Local\Software =>Adware.Boxore
C:\Users\mohamed\AppData\LocalLow\Smartbar =>Hijacker.SmartBar
C:\Users\mohamed\AppData\LocalLow\SweetIM =>PUP.SweetIM
C:\Users\mohamed\AppData\Local\Temp\Smartbar =>Hijacker.SmartBar
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google^
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google^
C:\Windows\Installer\38e5fa3.msi =>Toolbar.Google^
C:\Windows\KMSEmulator.exe =>Hijacker.Windows
C:\Users\mohamed\AppData\Local\Temp\GoogleToolbarInstaller1.log =>Toolbar.Babylon
C:\Users\mohamed\AppData\Local\Temp\GoogleToolbarInstaller2.log =>Toolbar.Babylon
~ Additionnel Scan: 269849 Items scanned in 00mn 21s
---\\ R�capitulatif des d�tections trouv�es sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/32384220-toolbar-google =>Toolbar.Google
~ http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar =>Hijacker.SmartBar
~ http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy =>Hijacker.Proxy
~ http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics =>Adware.AddLyrics
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/32713686-pup-software-updater =>PUP.Software.Updater
~ http://nicolascoolman.webs.com/apps/blog/show/27379491-toolbar-wajam =>Toolbar.Wajam
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo =>Toolbar.Yahoo
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon
~ MSI: 11 link(s) detected in 00mn 21s
End of the scan (1815 lines in 03mn 38s)(0)
~ Lanc� par mohamed (30/09/2013 13:19:43)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : D�sactiv�e par l'utilisateur
~ El�vation des Privil�ges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16688
MFIE: Mozilla Firefox 23.0.1
GCIE: Google Chrome v29.0.1547.76 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Fran�ais
Windows 8 Home Premium Edition, 64-bit (Build 9200)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : DPBQ6
Windows License : OK
~ Windows Remaining Initializations Number : 998
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du syst�me
Windows Defender W8
---\\ Logiciels d'optimisation du syst�me
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 25
---\\ Informations sur le syst�me
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3979 MB (57% free)
System Restore: Activ� (Enable)
System drive C: has 214 GB (76%) free of 279 GB
---\\ Mode de connexion au syst�me
~ Computer Name: MSB
~ User Name: mohamed
~ All Users Names: mohamed, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\mohamed\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\mohamed\AppData\Roaming\
~ %Desktop% : C:\Users\mohamed\Desktop\
~ %Favorites% : C:\Users\mohamed\Favorites\
~ %LocalAppData% : C:\Users\mohamed\AppData\Local\
~ %StartMenu% : C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enum�ration des unit�s disques
C: Hard drive, Flash drive, Thumb drive (Free 214 Go of 279 Go)
D: Hard drive, Flash drive, Thumb drive (Free 398 Go of 398 Go)
---\\ Etat du Centre de S�curit� Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 29 Scanned in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.6DBE239FF1C9650A794C974B8C7913D7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/08/2013 - 05:12:06.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioth�que de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.36D6A3201721558A8AFBCC09C2DA4C2C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.06/11/2012 - 04:53:44.) -- C:\Windows\system32\Drivers\AFD.sys [560640]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parall�le.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de p�riph�rique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/2102
~ Mes musiques (My Musics) : 1/46
~ Mes Favoris (My Favorites) : 1/2
~ Mes Documents (My Documents) : 1/45
~ Mon Bureau (My Desktop) : 4/7187
~ Menu demarrer (Programs) : 1/20
~ Hidden Files: Scanned in 00mn 06s
---\\ Processus lanc�s
[MD5.79174FD5F4DE078642BE1CACB124BFCA] - (.ASUS - ASUS InstantOn.) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [1126784] [PID.5840]
[MD5.A2791CF11D1ED52DBCD75D2FFD4D50E7] - (.ASUSTek Computer Inc. - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [178848] [PID.4444]
[MD5.2C35624F79B9ADBFE47090879F0D8673] - (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208] [PID.2344]
[MD5.DC4044C6102DE12837143B257C25EDDC] - (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe [648512] [PID.5704]
[MD5.DA544EE19F1ABC4A2B6D998D998E1E4A] - (...) -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe [119808] [PID.4988]
[MD5.B7BCA8A30CE13A283CDBDECEF5616C39] - (.ASUS - ACMON.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192] [PID.6852]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.3520] =>Toolbar.Google
[MD5.ECF45E3FC8C63E44ED45D38A8672E7F1] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [275768] [PID.3716]
[MD5.97202E9C0D86387888435470CCAF45BE] - (.ASUSTeK - ACEngSvr Module.) -- C:\Windows\SysWOW64\ACEngSvr.exe [192000] [PID.5140]
[MD5.21293443961A4E2597453EE7A9347F22] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe [54840] [PID.5872]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.3764]
[MD5.29769215DEB6E8418EF3656B0423776E] - (.ASUSTeK Computer Inc. - ASUS Quick Gesture Exe.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20352] [PID.684]
[MD5.25A51D18D48F1E144ABEC667E98C6261] - (.ASUSTeK Computer Inc. - ASUS Live Update.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1558176] [PID.5760]
[MD5.B4CF3FB7E9B8EA69757541DCE6CA20ED] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [276376] [PID.2816]
[MD5.72EF708552059546B1AAA82E7AA59439] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [17304] [PID.2784]
[MD5.18F20138A715E0677A24A0986BC9AEA2] - (.Adobe Systems, Inc. - Adobe Flash Player 11.8 r800.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe [1862024] [PID.3272]
[MD5.60A3399135BEFC6F4BADBD6C13A4AC24] - (.Microsoft Corporation - H�te Microsoft WWA.) -- C:\Windows\syswow64\wwahost.exe [333824] [PID.7068]
[MD5.1B54057F38EF2CCEC85EC2BD14678A04] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8030720] [PID.4544]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://feed.snap.do =>Hijacker.SmartBar
G0 - GCSP: Preference [User Data\Default] http://feed.snap.do =>Hijacker.SmartBar
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activ�)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activ�)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activ�)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activ�)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activ�)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Chrome In-App Payments service v.0.0.4.11 (Activ�)
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activ�)
~ Google Browser: 13 Scanned in 00mn 04s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.04.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
~ Firefox Browser: 6 Scanned in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) [64Bits] - {D8278076-BC68-4484-9233-6E7F1628B56C} . (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) (No version) -- (.not file.)
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: Yahoo! Toolbar [64Bits] - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. - Yahoo! Toolbar.) (2008, 7, 28, 01) -- C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
~ IE Browser: 13 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8888;https=127.0.0.1:8888 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: &Yahoo! Toolbar Helper [64Bits] - {02478D38-C3F9-4efb-9B51-7695ECA05670} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer [64Bits] - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class [64Bits] - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} . (.Yahoo! Inc - Yahoo! Single Instance for Mail.) -- C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class [64Bits] - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ BHO: 12 Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{4F524A2D-5637-006A-76A7-7A786E7484D7} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Adobe Reader XI.lnk . (.Adobe Systems Incorporated - Adobe Reader.) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
O4 - GS\Desktop [Public]: ASUS Vibe Fun Center.lnk . (.ASUSTeK Computer Inc. - AsusVibe Application.) -- C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - GS\Desktop [Public]: ASUS Install.lnk . (.ASUSTek Computer INC. - AsInsWiz.) -- C:\eSupport\eDriver\AsInsWiz.exe
O4 - GS\Desktop [Public]: ASUS Instant Connect Installer.lnk . (...) -- C:\Windows\Installer\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}\_77CD0D17CE4BC69D3FCD39.exe
O4 - GS\Desktop [Public]: ASUS InstantOn.lnk . (...) -- C:\Windows\Installer\{749F674B-2674-47E8-879C-5626A06B2A91}\_5071C9DBC1BB2B48AAB6B3.exe
O4 - GS\Desktop [Public]: ASUS Product Demo Movie.Lnk . (.ASUS - ASUS Product Demo Movie.) -- C:\Windows\ASUSProductDemoMovie\ASUS Product Demo Movie.exe
O4 - GS\Desktop [Public]: ASUS Tutor.lnk . (...) -- C:\windows\Installer\{58172D66-2F69-4215-9AEC-ED8196023736}\_ECAE39551DF09CB0079E46.exe
O4 - GS\Desktop [Public]: eManual.Lnk . (.ASUSTek Computer Inc. - EManual Application.) -- C:\eSupport\Manual\eManual.exe
O4 - GS\Desktop [Public]: Galerie de photos Windows Live.lnk . (.Hewlett-Packard Co. - WLPG launcher.) -- C:\Program Files (x86)\HP\Print Projects\Common01\Bin\HpqWLPG03.exe =>.Microsoft Corporation
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: LibreOffice 4.1.lnk . (.The Document Foundation - LibreOffice.) -- C:\Program Files (x86)\LibreOffice 4\program\soffice.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Video Download Capture.lnk . (.Apowersoft - Video Download Capture.) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
O4 - GS\Desktop [Public]: WebStorage Sync Agent.lnk . (.ASUS Cloud Corporation - ASUS WebStorage Panel.) -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe
O4 - GS\Desktop [Public]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Program [Public]: Adobe Reader XI.lnk . (...) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O4 - GS\Program [Public]: Browser Choice.lnk . (...) -- C:\Windows\BrowserChoice\html\default.html
O4 - GS\Program [Public]: Desktop.lnk - Cl� orpheline
O4 - GS\Program [Public]: Movie Maker.lnk . (.Microsoft Corporation - Movie Maker.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Photo Gallery.lnk . (.Microsoft Corporation - Photo Gallery.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\wlmail.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Messenger.lnk . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - GS\Program [Public]: Windows Store.lnk . (...) -- C:\Windows\WinStore\WinStore.htm
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (...) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe (.not file.)
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau � distance.) -- C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d��cran.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magn�tophone Windows.) -- C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Enregistreur d�actions.) -- C:\Windows\system32\psr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-b�te.) -- C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caract�res.) -- C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [mohamed]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [mohamed]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [mohamed]: Video Download Capture.lnk . (.Apowersoft - Video Download Capture.) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
O4 - GS\TaskBar [mohamed]: File Explorer.lnk . (...) -- C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Libraries
O4 - GS\TaskBar [mohamed]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [mohamed]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [mohamed]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories [mohamed]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\SendTo [mohamed]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - Pas de description.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\Desktop [mohamed]: DSC01368 - Raccourci.lnk . (...) -- C:\Users\mohamed\Downloads\DSC01368.JPG
O4 - GS\Desktop [mohamed]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [mohamed]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 51 Scanned in 00mn 02s
---\\ Applications lanc�es au d�marrage du syt�me (O4)
O4 - GS\Startup [Public]: AsusVibeLauncher.lnk . (.ASUSTeK Computer Inc. - AsusVibe Application.) -- C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - GS\Startup [Public]: HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [ACMON] . (.ASUS - ACMON.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\mohamed\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\mohamed\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [ASUSWebStorage] . (.ASUS Cloud Corporation - ASUS WebStorage Panel.) -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKUS\S-1-5-21-4087657791-1931191923-1431379775-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-4087657791-1931191923-1431379775-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-4087657791-1931191923-1431379775-1001\..\RunOnce: [Uninstall C:\Users\mohamed\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4087657791-1931191923-1431379775-1001\..\RunOnce: [Uninstall C:\Users\mohamed\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Invisibilit� de l'ic�ne d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Verzenden naar OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: &Gekoppelde notities van OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d�affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
~ Winsock: 7 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6832AF73-AE3E-4282-89DF-27A717A3B265}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E342B068-B778-4CBE-9AFB-D86A6091BA13}: DhcpNameServer = 127.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E342B068-B778-4CBE-9AFB-D86A6091BA13}: DhcpDomain = WDS01.COM
O17 - HKLM\System\CS1\Services\Tcpip\..\{6832AF73-AE3E-4282-89DF-27A717A3B265}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E342B068-B778-4CBE-9AFB-D86A6091BA13}: DhcpNameServer = 127.0.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E342B068-B778-4CBE-9AFB-D86A6091BA13}: DhcpDomain = WDS01.COM
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ASLDR Service (ASLDRService) . (.ASUSTek Computer Inc. - ASLDR Service.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) . (.ASUS - ASUS InstantOn Program.) - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) . (.ASUS - GFNEXSrv.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Intel(R) Capability Licensing Service In (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (.not file.)
~ Services: 10 Scanned in 00mn 02s
---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enum�re les donn�es de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1074]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1078]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job [868]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job [870]
[MD5.3109B16A0939BA11696EEB04F345D099] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257416]
[MD5.79174FD5F4DE078642BE1CACB124BFCA] [APT] [ASUS InstantOn Config] (.ASUS.) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [1126784]
[MD5.25A51D18D48F1E144ABEC667E98C6261] [APT] [ASUS Live Update] (.ASUSTeK Computer Inc..) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1558176]
[MD5.0BC5A4142F38A6BB35DECD01A2BC2ED7] [APT] [ASUS P4G] (.ASUS.) -- C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240]
[MD5.3547F00F9FF626DE831FC1F99BE1E4CE] [APT] [ASUS Touchpad Launcher (x64)] (.AsusTek.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [17792]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176]
[MD5.A9D30971B24700531BEB70C85D1B8328] [APT] [ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d] (.Intel Corporation.) -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233792]
[MD5.A9D30971B24700531BEB70C85D1B8328] [APT] [ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon] (.Intel Corporation.) -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233792]
~ Scheduled Task: 16 Scanned in 00mn 03s
---\\ Composants install�s (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s
---\\ Pilotes lanc�s au d�marrage du syst�me (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (ATKWMIACPIIO) . (.ASUS - ATK WMIACPI Utility.) - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-syst�me de mise en m�moire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Drivers: 36 Scanned in 00mn 00s
---\\ Logiciels install�s (O42)
O42 - Logiciel: 64 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM][64Bits] -- {55D55008-E5F6-47D6-B16F-B2A40D4D145F}
O42 - Logiciel: ASUS Instant Connect - (.ASUS.) [HKLM][64Bits] -- {89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}
O42 - Logiciel: ASUS InstantOn - (.ASUS.) [HKLM][64Bits] -- {749F674B-2674-47E8-879C-5626A06B2A91}
O42 - Logiciel: ASUS LifeFrame3 - (.ASUS.) [HKLM][64Bits] -- {1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
O42 - Logiciel: ASUS Live Update - (.ASUS.) [HKLM][64Bits] -- {FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
O42 - Logiciel: ASUS Power4Gear Hybrid - (.ASUS.) [HKLM][64Bits] -- {9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
O42 - Logiciel: ASUS Smart Gesture - (.ASUS.) [HKLM][64Bits] -- {4D3286A6-F6AB-498A-82A4-E4F040529F3D}
O42 - Logiciel: ASUS Splendid Video Enhancement Technology - (.ASUS.) [HKLM][64Bits] -- {0969AF05-4FF6-4C00-9406-43599238DE0D}
O42 - Logiciel: ASUS Tutor - (.ASUS.) [HKLM][64Bits] -- {58172D66-2F69-4215-9AEC-ED8196023736}
O42 - Logiciel: ASUS WebStorage Sync Agent - (.ASUS Cloud Corporation.) [HKLM][64Bits] -- ASUS WebStorage
O42 - Logiciel: ATK Package - (.ASUS.) [HKLM][64Bits] -- {AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader XI (11.0.04) - Fran�ais - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: AsusVibe2.0 - (.ASUSTEK.) [HKLM][64Bits] -- Asus Vibe2.0
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE}
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {446CC8CE-0E90-44F7-ADD0-774B243EF090}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Earth Plug-in - (.Google.) [HKLM][64Bits] -- {79361740-EAE3-11E2-9911-B8AC6F98CCE3} =>.Google Inc
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>Toolbar.Google
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Customer Participation Program 13.0 - (.HP.) [HKLM][64Bits] -- HPExtendedCapabilities
O42 - Logiciel: HP Deskjet F4500 Printer Driver Software 13.0 Rel .6 - (.HP.) [HKLM][64Bits] -- {7F08A772-2816-4F46-84F1-49578502AD28}
O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM][64Bits] -- HP Imaging Device Functions
O42 - Logiciel: HP Print Projects 1.0 - (.HP.) [HKLM][64Bits] -- HP Print Projects
O42 - Logiciel: HP Smart Web Printing 4.5 - (.HP.) [HKLM][64Bits] -- HP Smart Web Printing
O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM][64Bits] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {7059BDA7-E1DB-442C-B7A1-6144596720A4}
O42 - Logiciel: Intel(R) Manageability Engine Firmware Recovery Agent - (.Intel Corporation.) [HKLM][64Bits] -- {A6C48A9F-694A-4234-B3AA-62590B668927}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel� Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
O42 - Logiciel: Java 7 Update 25 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217025FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {400C31E4-796F-4E86-8FDC-C3C4FACC6847}
O42 - Logiciel: LibreOffice 4.1.1.2 - (.The Document Foundation.) [HKLM][64Bits] -- {F1EE568A-171F-4C06-9BE6-2395BED067A3}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: Mozilla Firefox 23.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 23.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Package de pilotes Windows - ASUS (ATP) Mouse (10/29/2012 1.0.0.148) - (.ASUS.) [HKLM][64Bits] -- C01F56FBD9B141017E63E2A1A141E59934D4DC67
O42 - Logiciel: Python 2.7.3 - (.Python Software Foundation.) [HKLM][64Bits] -- {C0C31BCC-56FB-42a7-8766-D29E1BD74C7C}
O42 - Logiciel: Ralink RT2860 Wireless LAN Card - (.Ralink.) [HKLM][64Bits] -- {8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek PCIE Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {C1594429-8296-4652-BF54-9DBE4932A44C}
O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054}
O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM][64Bits] -- Shop for HP Supplies
O42 - Logiciel: Video Download Capture V4.5.0 - (.Apowersoft.) [HKLM][64Bits] -- {3C9D008D-3716-4C3F-90CD-38ED57568FAB}_is1
O42 - Logiciel: WinFlash - (.ASUS.) [HKLM][64Bits] -- {8F21291E-0444-4B1D-B9F9-4370A73E346D}
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM][64Bits] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} =>.Microsoft Corporation
O42 - Logiciel: Yahoo! Toolbar - (...) [HKLM][64Bits] -- Yahoo! Companion
O42 - Logiciel: bibus 1.4.3.1 - (...) [HKLM][64Bits] -- bibus
O42 - Logiciel: wxPython 2.8.12.1 (unicode) for Python 2.7 - (.Total Control Software.) [HKLM][64Bits] -- wxPython2.8-unicode-py27_is1
~ Logic: 108 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ASUS]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\ECAREME]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\Mine]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Trolltech]
[HKCU\Software\Video Download Capture]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Yahoo]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\bibus.conf]
[HKLM\Software\ASUS]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Agere]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\ECAREME]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\LSI]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SonicFocus]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\ASIO]
[HKLM\Software\Wow6432Node\ASUS]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AsLdr]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\ECAREME]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\LibreOffice]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Python]
[HKLM\Software\Wow6432Node\Ralink]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\The Document Foundation]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\Yahoo]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Key Software: 136 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 11/01/2013 - 18:52:26 - [0,038] ----D C:\Program Files (x86)\AddLyrics =>Adware.AddLyrics
O43 - CFD: 05/12/2012 - 11:17:05 - [120,795] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 15/07/2013 - 08:57:26 - [80,609] ----D C:\Program Files (x86)\Apowersoft
O43 - CFD: 24/01/2013 - 13:29:37 - [244,685] ----D C:\Program Files (x86)\ASUS
O43 - CFD: 11/01/2013 - 18:52:55 - [30,928] ----D C:\Program Files (x86)\bibus
O43 - CFD: 07/01/2013 - 23:02:35 - [0,700] ----D C:\Program Files (x86)\Boxore =>Adware.Boxore
O43 - CFD: 25/09/2012 - 01:21:02 - [3,460] ----D C:\Program Files (x86)\Cisco
O43 - CFD: 15/07/2013 - 08:38:00 - [174,477] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 15/08/2013 - 05:32:18 - [507,893] ----D C:\Program Files (x86)\Google
O43 - CFD: 19/12/2012 - 22:44:01 - [202,665] ----D C:\Program Files (x86)\HP
O43 - CFD: 26/08/2013 - 17:40:06 - [0] ----D C:\Program Files (x86)\HSPA USB Modem
O43 - CFD: 26/08/2013 - 17:34:27 - [20,406] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 25/09/2012 - 01:15:13 - [217,013] ----D C:\Program Files (x86)\Intel
O43 - CFD: 14/09/2013 - 12:53:53 - [4,622] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 15/07/2013 - 08:36:57 - [122,487] ----D C:\Program Files (x86)\Java
O43 - CFD: 11/01/2013 - 18:51:40 - [0,020] ----D C:\Program Files (x86)\jZip
O43 - CFD: 11/09/2013 - 22:48:01 - [333,285] ----D C:\Program Files (x86)\LibreOffice 4
O43 - CFD: 20/05/2013 - 03:54:49 - [0] ----D C:\Program Files (x86)\McAfee
O43 - CFD: 11/01/2013 - 18:11:44 - [37,927] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 27/04/2013 - 10:21:13 - [28,127] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 28/03/2013 - 09:48:41 - [5,397] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 24/01/2013 - 11:16:18 - [0,987] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 11/01/2013 - 18:11:54 - [7,797] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 06/09/2013 - 13:32:21 - [48,427] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 24/09/2013 - 22:57:00 - [0,215] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 11/01/2013 - 18:53:27 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 25/09/2012 - 01:20:56 - [3,537] ----D C:\Program Files (x86)\Ralink
O43 - CFD: 25/09/2012 - 01:18:21 - [20,577] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 02/08/2012 - 15:34:49 - [36,536] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 11/01/2013 - 18:51:36 - [0,229] ----D C:\Program Files (x86)\SweetIM =>PUP.SweetIM
O43 - CFD: 25/09/2012 - 01:18:11 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 04/01/2013 - 23:34:02 - [23,185] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 18/08/2013 - 12:25:53 - [1,038] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 28/03/2013 - 09:51:27 - [144,659] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 11/01/2013 - 19:08:20 - [5,466] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 24/01/2013 - 13:21:03 - [3,494] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 11/01/2013 - 19:08:45 - [0,209] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 26/07/2012 - 10:12:59 - [7,243] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 19/06/2013 - 19:24:17 - [5,226] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 11/01/2013 - 19:08:45 - [0,209] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/07/2012 - 10:12:59 - [0] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 19/12/2012 - 21:12:35 - [3,122] ----D C:\Program Files (x86)\Yahoo!
O43 - CFD: 30/09/2013 - 13:18:17 - [16,942] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 30/09/2013 - 13:14:19 - [6,857] ----D C:\Program Files (x86)\ZHPFix =>.Nicolas Coolman
O43 - CFD: 05/12/2012 - 11:17:08 - [6,289] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 19/12/2012 - 20:45:16 - [0,507] ----D C:\Program Files (x86)\Common Files\Hewlett-Packard
O43 - CFD: 19/12/2012 - 20:45:18 - [1,721] ----D C:\Program Files (x86)\Common Files\HP
O43 - CFD: 25/09/2012 - 01:17:39 - [2,009] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 25/09/2012 - 01:12:11 - [13,438] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 15/07/2013 - 08:38:00 - [1,189] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 08/02/2013 - 03:38:48 - [139,452] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 25/09/2012 - 01:14:43 - [0,185] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 26/07/2012 - 10:13:01 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 11/01/2013 - 19:08:20 - [9,685] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 07/01/2013 - 23:02:07 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 05/12/2012 - 11:20:58 - [129,044] ----D C:\ProgramData\Adobe
O43 - CFD: 15/07/2013 - 08:40:10 - [0] ----D C:\ProgramData\APN
O43 - CFD: 26/07/2012 - 09:22:08 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 15/06/2013 - 16:54:08 - [0,004] ----D C:\ProgramData\ASUS
O43 - CFD: 17/08/2012 - 02:53:09 - [0,002] ----D C:\ProgramData\ASUS WebStorage
O43 - CFD: 17/08/2012 - 02:52:28 - [0,012] ----D C:\ProgramData\ASUSLogos
O43 - CFD: 25/09/2012 - 01:25:35 - [0,767] ----D C:\ProgramData\ASUSVibe
O43 - CFD: 04/12/2012 - 06:35:29 - [4,688] ----D C:\ProgramData\ChangeFolderView
O43 - CFD: 26/07/2012 - 09:22:08 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 26/07/2012 - 09:22:08 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 04/12/2012 - 06:32:28 - [0,585] ----D C:\ProgramData\FolderView
O43 - CFD: 05/12/2012 - 11:18:40 - [0,012] ----D C:\ProgramData\Google
O43 - CFD: 21/03/2013 - 18:25:10 - [25,366] ----D C:\ProgramData\HP
O43 - CFD: 19/12/2012 - 22:43:20 - [0,009] ----D C:\ProgramData\HP Product Assistant
O43 - CFD: 25/09/2012 - 01:15:13 - [0,215] ----D C:\ProgramData\Intel
O43 - CFD: 20/05/2013 - 03:54:49 - [0] ----D C:\ProgramData\McAfee
O43 - CFD: 27/04/2013 - 10:22:15 - [1231,552] -S--D C:\ProgramData\Microsoft
O43 - CFD: 11/09/2013 - 12:38:18 - [0,014] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 28/03/2013 - 09:48:20 - [0] ----D C:\ProgramData\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 03/04/2013 - 22:10:03 - [0,026] ----D C:\ProgramData\Mozilla
O43 - CFD: 11/01/2013 - 18:57:43 - [0,002] ----D C:\ProgramData\P4G
O43 - CFD: 17/12/2012 - 15:49:38 - [0,041] ----D C:\ProgramData\PRICache
O43 - CFD: 25/09/2012 - 01:21:03 - [5,334] ----D C:\ProgramData\Ralink Driver
O43 - CFD: 26/07/2012 - 11:45:49 - [0,001] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 26/07/2012 - 09:22:08 - [0] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 15/07/2013 - 08:38:06 - [0] ----D C:\ProgramData\Sun
O43 - CFD: 04/01/2013 - 23:39:08 - [0,245] ----D C:\ProgramData\SweetIM =>PUP.SweetIM
O43 - CFD: 07/01/2013 - 23:08:58 - [0,180] ----D C:\ProgramData\Tarma Installer =>PUP.Tarma
O43 - CFD: 26/07/2012 - 09:22:08 - [0] -SH-D C:\ProgramData\Templates
O43 - CFD: 07/01/2013 - 23:09:21 - [0,015] ----D C:\ProgramData\Yahoo! Companion
O43 - CFD: 05/12/2012 - 11:17:56 - [6,497] ----D C:\Users\mohamed\AppData\Roaming\Adobe
O43 - CFD: 15/07/2013 - 08:57:26 - [0,534] ----D C:\Users\mohamed\AppData\Roaming\Apowersoft
O43 - CFD: 04/12/2012 - 06:33:35 - [0] ----D C:\Users\mohamed\AppData\Roaming\ASUS WebStorage
O43 - CFD: 07/12/2012 - 13:43:16 - [0,051] ----D C:\Users\mohamed\AppData\Roaming\bibus
O43 - CFD: 06/12/2012 - 17:29:17 - [0,014] ----D C:\Users\mohamed\AppData\Roaming\drpython
O43 - CFD: 05/12/2012 - 11:58:28 - [0,011] ----D C:\Users\mohamed\AppData\Roaming\Google
O43 - CFD: 19/12/2012 - 22:45:24 - [0,012] ----D C:\Users\mohamed\AppData\Roaming\HP
O43 - CFD: 11/09/2013 - 22:48:41 - [2,179] ----D C:\Users\mohamed\AppData\Roaming\LibreOffice
O43 - CFD: 05/12/2012 - 01:00:10 - [0,004] ----D C:\Users\mohamed\AppData\Roaming\Macromedia
O43 - CFD: 03/04/2013 - 22:33:14 - [5,680] -S--D C:\Users\mohamed\AppData\Roaming\Microsoft
O43 - CFD: 03/04/2013 - 22:10:25 - [23,022] ----D C:\Users\mohamed\AppData\Roaming\Mozilla
O43 - CFD: 11/01/2013 - 18:44:04 - [0,074] ----D C:\Users\mohamed\AppData\Roaming\vlc
O43 - CFD: 19/12/2012 - 21:12:31 - [0] ----D C:\Users\mohamed\AppData\Roaming\Yahoo!
O43 - CFD: 30/09/2013 - 13:20:06 - [0,018] ----D C:\Users\mohamed\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 05/12/2012 - 11:17:56 - [18,352] ----D C:\Users\mohamed\AppData\Local\Adobe
O43 - CFD: 04/12/2012 - 06:30:53 - [0] -SH-D C:\Users\mohamed\AppData\Local\Application Data
O43 - CFD: 15/06/2013 - 16:54:06 - [1,311] ----D C:\Users\mohamed\AppData\Local\ASUS
O43 - CFD: 06/09/2013 - 11:54:29 - [0] ----D C:\Users\mohamed\AppData\Local\Diagnostics
O43 - CFD: 20/06/2013 - 14:53:21 - [0] ----D C:\Users\mohamed\AppData\Local\ElevatedDiagnostics
O43 - CFD: 24/01/2013 - 13:27:57 - [205,749] ----D C:\Users\mohamed\AppData\Local\Google
O43 - CFD: 04/12/2012 - 06:30:53 - [0] -SH-D C:\Users\mohamed\AppData\Local\Historique
O43 - CFD: 11/01/2013 - 15:30:12 - [0,013] ----D C:\Users\mohamed\AppData\Local\jZip
O43 - CFD: 03/04/2013 - 22:33:14 - [0] ----D C:\Users\mohamed\AppData\Local\Macromedia
O43 - CFD: 29/08/2013 - 19:17:49 - [830,184] ----D C:\Users\mohamed\AppData\Local\Microsoft
O43 - CFD: 05/12/2012 - 02:30:34 - [0] ----D C:\Users\mohamed\AppData\Local\Microsoft Help
O43 - CFD: 03/04/2013 - 22:10:13 - [41,071] ----D C:\Users\mohamed\AppData\Local\Mozilla
O43 - CFD: 27/02/2013 - 21:21:10 - [259,981] ----D C:\Users\mohamed\AppData\Local\Packages
O43 - CFD: 15/07/2013 - 08:57:02 - [0] ----D C:\Users\mohamed\AppData\Local\Programs
O43 - CFD: 08/01/2013 - 20:08:10 - [2,963] ----D C:\Users\mohamed\AppData\Local\Smartbar =>Hijacker.SmartBar
O43 - CFD: 07/01/2013 - 23:02:16 - [0] ----D C:\Users\mohamed\AppData\Local\Software
O43 - CFD: 11/01/2013 - 18:44:19 - [0,001] ----D C:\Users\mohamed\AppData\Local\SwvUpdater =>PUP.Software.Updater
O43 - CFD: 30/09/2013 - 13:18:19 - [130,428] ----D C:\Users\mohamed\AppData\Local\Temp
O43 - CFD: 04/12/2012 - 06:30:53 - [0] -SH-D C:\Users\mohamed\AppData\Local\Temporary Internet Files
O43 - CFD: 07/12/2012 - 16:10:47 - [0,581] ----D C:\Users\mohamed\AppData\Local\VirtualStore
O43 - CFD: 07/01/2013 - 23:09:02 - [0,054] ----D C:\Users\mohamed\AppData\Local\Wajam =>Toolbar.Wajam
O43 - CFD: 30/09/2013 - 08:07:52 - [0,027] ----D C:\Users\mohamed\AppData\Local\Windows Live
O43 - CFD: 11/01/2013 - 18:58:47 - [0,004] R---D C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 11/01/2013 - 18:58:47 - [0,001] R---D C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 24/05/2013 - 13:50:11 - [0] R---D C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 27/02/2013 - 21:20:43 - [0] ----D C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 26/07/2012 - 10:13:00 - [0] ----D C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 24/05/2013 - 13:50:11 - [0] R---D C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 11/01/2013 - 18:58:48 - [0,005] R---D C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
~ Program Folder: 128 Scanned in 00mn 28s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.2E2CA7C73852F1CE9C6A6F540DD297F9] - 24/09/2013 - 21:57:32 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [479200]
O44 - LFC:[MD5.2E2CA7C73852F1CE9C6A6F540DD297F9] - 24/09/2013 - 21:57:32 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [479200]
O44 - LFC:[MD5.F1C59DAF0B958C6DBED434DEF9374926] - 24/09/2013 - 22:01:59 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1793362]
O44 - LFC:[MD5.B7B9BE0E093DB6212C09FD31B2028E2B] - 24/09/2013 - 22:01:59 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [132614]
O44 - LFC:[MD5.ABC8123FF141AE26EA1B05F145B3C54C] - 24/09/2013 - 22:01:59 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [155650]
O44 - LFC:[MD5.1D178A6EA3291AA0F3121276E4F5F1F6] - 24/09/2013 - 22:01:59 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [710244]
O44 - LFC:[MD5.D9C5431C12142069EB5518E76D056F66] - 24/09/2013 - 22:01:59 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [800978]
O44 - LFC:[MD5.F1C59DAF0B958C6DBED434DEF9374926] - 24/09/2013 - 22:01:59 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1793362]
O44 - LFC:[MD5.B7B9BE0E093DB6212C09FD31B2028E2B] - 24/09/2013 - 22:01:59 ---A- . (...) -- C:\Windows\System32\perfc009.dat [132614]
O44 - LFC:[MD5.ABC8123FF141AE26EA1B05F145B3C54C] - 24/09/2013 - 22:01:59 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [155650]
O44 - LFC:[MD5.1D178A6EA3291AA0F3121276E4F5F1F6] - 24/09/2013 - 22:01:59 ---A- . (...) -- C:\Windows\System32\perfh009.dat [710244]
O44 - LFC:[MD5.D9C5431C12142069EB5518E76D056F66] - 24/09/2013 - 22:01:59 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [800978]
O44 - LFC:[MD5.8DF721DE358AD97EEF285F5EF59BDF8F] - 30/09/2013 - 12:07:29 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.DC666D599FAB11AFF08B79547E0E3ABF] - 30/09/2013 - 12:07:40 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1051303]
~ Files: 14 Scanned in 00mn 09s
---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.5FD48EE672001C83BB2860C48F78658C] - 01/09/2013 - 10:39:08 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-917C29EF.pf
O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/02/2140 - 07:25:37 ----D - C:\Windows\Prefetch\ReadyBoot
O45 - LFCP:[MD5.4D42E04A88BCFC8F05904982216C64EE] - 04/09/2013 - 15:36:17 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-DBE13B61.pf
O45 - LFCP:[MD5.A9569DAEADD735FAD3E876086B143E66] - 06/09/2013 - 11:46:47 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-A613D79B.pf
O45 - LFCP:[MD5.1B8EFD6889224C75C13234A85DCFC85B] - 06/09/2013 - 17:31:30 ---A- - C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_8_800_94-9621A37D.pf
O45 - LFCP:[MD5.DFD406E81A91DE9CB17C3EA13DA1F94E] - 10/09/2013 - 18:10:30 ---A- - C:\Windows\Prefetch\CMD.EXE-CD245F9E.pf
O45 - LFCP:[MD5.8BDD694AE357D0492FA423F04129CE12] - 11/09/2013 - 22:18:27 ---A- - C:\Windows\Prefetch\SPLWOW64.EXE-853292E2.pf
O45 - LFCP:[MD5.585005489BE945E30CD312B59A19E04D] - 11/09/2013 - 22:20:32 ---A- - C:\Windows\Prefetch\DSMUSERTASK.EXE-D4A83970.pf
O45 - LFCP:[MD5.9B272B970A2E5269C6B2A908AB5F1CD7] - 11/09/2013 - 22:26:07 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-A1C51F92.pf
O45 - LFCP:[MD5.010F93EBB89F7DD01E182F6A00498F96] - 11/09/2013 - 22:26:34 ---A- - C:\Windows\Prefetch\WINWORD.EXE-342B9A35.pf
O45 - LFCP:[MD5.DFCACD082CE0BF9CEF84732ACCCF0395] - 11/09/2013 - 22:26:36 ---A- - C:\Windows\Prefetch\SETUP.EXE-6BF56078.pf
O45 - LFCP:[MD5.9C7916C30319E4DB647B88D252D4CA9F] - 14/09/2013 - 11:54:51 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.47FA3866DEAFC3C279A3AA66A82F3B90] - 14/09/2013 - 11:57:19 ---A- - C:\Windows\Prefetch\MSNMSGR.EXE-424B3DE6.pf
O45 - LFCP:[MD5.149B123DEBF1D39D2DD7486185C19EFF] - 14/09/2013 - 11:57:52 ---A- - C:\Windows\Prefetch\MAINTENANCESERVICE_INSTALLER.-A809585F.pf
O45 - LFCP:[MD5.854B91945193E2B7D545BBA2BDECCC5F] - 14/09/2013 - 12:14:36 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-BAE57A74.pf
O45 - LFCP:[MD5.1BD193EFC8133DB2D5190819BDD569D2] - 16/09/2013 - 07:58:30 ---A- - C:\Windows\Prefetch\DELEGATE_EXECUTE.EXE-4AB2438D.pf
O45 - LFCP:[MD5.C66B8EB01B2D88BC4BD385580998C207] - 16/09/2013 - 13:59:55 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.157.1966.0.E-C5C94151.pf
O45 - LFCP:[MD5.FC072ED254FD9E8172ADB00F14FA6DD6] - 16/09/2013 - 14:18:33 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-53449A0E.pf
O45 - LFCP:[MD5.35257CCE2308D0C39D5530A6E25D4890] - 16/09/2013 - 14:27:02 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-F2EC6B1B.pf
O45 - LFCP:[MD5.11F730DE187AEF5F4A94A37BFDB2E44F] - 16/09/2013 - 17:03:19 ---A- - C:\Windows\Prefetch\FLASHUTIL_ACTIVEX.EXE-4E6AE223.pf
O45 - LFCP:[MD5.DEC396E0B17132826381BC7F4DFAB960] - 17/09/2013 - 11:08:40 ---A- - C:\Windows\Prefetch\OPENWITH.EXE-BA0DC300.pf
O45 - LFCP:[MD5.8EA01741BF1D346E40467A754105B727] - 17/09/2013 - 11:19:57 ---A- - C:\Windows\Prefetch\BYTECODEGENERATOR.EXE-353D57C0.pf
O45 - LFCP:[MD5.B524910451D0965CF45340F991D62686] - 17/09/2013 - 11:19:59 ---A- - C:\Windows\Prefetch\BYTECODEGENERATOR.EXE-9C808144.pf
O45 - LFCP:[MD5.B8485492E4C9A77205D7C8A8DDA44C62] - 17/09/2013 - 15:15:30 ---A- - C:\Windows\Prefetch\AM_BASE_PATCH1.EXE-68D49F7A.pf
O45 - LFCP:[MD5.397C48A4DEB1C5EC1F87D1A562EE4004] - 17/09/2013 - 15:15:30 ---A- - C:\Windows\Prefetch\AM_ENGINE_PATCH1.EXE-F21EA2D1.pf
O45 - LFCP:[MD5.B23F54F0B42C40964A09CC3CBBA3C1BB] - 17/09/2013 - 17:26:31 ---A- - C:\Windows\Prefetch\WSHOST.EXE-05F0A3AF.pf
O45 - LFCP:[MD5.3F57AFA63FC1FFAB82EA174746253F51] - 17/09/2013 - 17:26:31 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-9178D9A9.pf
O45 - LFCP:[MD5.D13896803115A40DFC97FF0813ACFF97] - 17/09/2013 - 17:39:03 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-44194444.pf
O45 - LFCP:[MD5.C2AB501067B432EA5A4A8A984EB12DEC] - 17/09/2013 - 17:39:26 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-08E78623.pf
O45 - LFCP:[MD5.0F0996D5E06FE2B37CC18CC914021902] - 17/09/2013 - 17:43:27 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-86081325.pf
O45 - LFCP:[MD5.6544FC5123E73C0C8E9229EB8B4BF174] - 17/09/2013 - 20:19:10 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-B28CC291.pf
O45 - LFCP:[MD5.71D60C734639FE29DD38976C741BB0B3] - 17/09/2013 - 22:40:04 ---A- - C:\Windows\Prefetch\SOFFICE.EXE-E09F2760.pf
O45 - LFCP:[MD5.3D742CEF5021937E2ABA88DA772CE9B2] - 17/09/2013 - 22:40:05 ---A- - C:\Windows\Prefetch\SOFFICE.BIN-D42D403B.pf
O45 - LFCP:[MD5.E11E383F1CB89788F9E8BD6284A5BFD0] - 18/09/2013 - 10:17:57 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-9F989E84.pf
O45 - LFCP:[MD5.B63487CBB170581404BB4384FE7E4FE8] - 18/09/2013 - 11:25:45 ---A- - C:\Windows\Prefetch\GOOGLEUPDATERSERVICE.EXE-5B31194A.pf
O45 - LFCP:[MD5.F3925BF3C984BFDB2AC5128D4C756A2C] - 18/09/2013 - 13:12:58 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.159.66.0.EXE-22BF39D1.pf
O45 - LFCP:[MD5.2A03BC77F02D4E524FA2E5A5C5039095] - 18/09/2013 - 13:25:56 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-0E881CD2.pf
O45 - LFCP:[MD5.72E06183D387F6C84E64C73D807A5B74] - 18/09/2013 - 13:29:33 ---A- - C:\Windows\Prefetch\CREDENTIALUIBROKER.EXE-E9F92FD0.pf
O45 - LFCP:[MD5.9DFFA55CAFA7A56475771CEE8246256C] - 18/09/2013 - 17:11:32 ---A- - C:\Windows\Prefetch\PLUGIN-HANG-UI.EXE-63DEED3B.pf
O45 - LFCP:[MD5.DE08B31199F0C0E2B04A39C26B7A656D] - 19/09/2013 - 12:15:36 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.159.153.0.EX-F871CDC2.pf
O45 - LFCP:[MD5.D166B1FB8662FAF205E83030C1D1ADE4] - 20/09/2013 - 10:14:18 ---A- - C:\Windows\Prefetch\HPWUCLI.EXE-49FE5EE9.pf
O45 - LFCP:[MD5.C189C09862AF2B89369BB045B3805175] - 20/09/2013 - 10:15:23 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.159.237.0.EX-268FAEA1.pf
O45 - LFCP:[MD5.9AEADE3DF24D8A69BF84AFE7DB06EB8B] - 22/09/2013 - 00:03:58 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.159.329.0.EX-29534383.pf
O45 - LFCP:[MD5.9324AE8AA9CC7AACC54FAD2464D0EF7A] - 24/09/2013 - 13:53:36 ---A- - C:\Windows\Prefetch\SETUP.EXE-EB7D7BE3.pf
O45 - LFCP:[MD5.23837BB3760DD2A9A875DCD589036DD4] - 24/09/2013 - 13:53:44 ---A- - C:\Windows\Prefetch\29.0.1547.76_29.0.1547.66_CHR-42308DFD.pf
O45 - LFCP:[MD5.295DE9740B203E70EAF068060B534CB6] - 24/09/2013 - 13:53:46 ---A- - C:\Windows\Prefetch\SETUP.EXE-877BE8C6.pf
O45 - LFCP:[MD5.61DD71C772A51706BD0441449005B2DE] - 24/09/2013 - 14:11:44 ---A- - C:\Windows\Prefetch\SRTASKS.EXE-29C2E869.pf
O45 - LFCP:[MD5.F80F9F5A97E93CDA3619DCDAB5118C7C] - 24/09/2013 - 14:22:24 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C92CB267.pf
O45 - LFCP:[MD5.676EE2E836D77116346780037BC8E3C8] - 24/09/2013 - 21:52:02 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-8329E055.pf
O45 - LFCP:[MD5.D3A324CE2CD16D0463D81A28629F969B] - 24/09/2013 - 21:58:36 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-EF8503D3.pf
O45 - LFCP:[MD5.721927C04A7063DCC76142CEFBA97FE9] - 24/09/2013 - 21:59:59 ---A- - C:\Windows\Prefetch\MSMPENG.EXE-F9080403.pf
O45 - LFCP:[MD5.1C42C813DBE7742F33EAF67A515454AF] - 24/09/2013 - 22:00:00 ---A- - C:\Windows\Prefetch\INTELMEFWSERVICE.EXE-265333D9.pf
O45 - LFCP:[MD5.2116F286A4215DA5FD0C1B3836BB19D9] - 24/09/2013 - 22:00:00 ---A- - C:\Windows\Prefetch\LMS.EXE-409EDB07.pf
O45 - LFCP:[MD5.4A208C5510464631C217A08F2B2CEAB5] - 24/09/2013 - 22:00:07 ---A- - C:\Windows\Prefetch\UNS.EXE-9B1279FB.pf
O45 - LFCP:[MD5.D7027F78852631F3455E4A07DC7CD2A2] - 24/09/2013 - 22:00:33 ---A- - C:\Windows\Prefetch\GOOGLEUPDATEONDEMAND.EXE-062A670B.pf
O45 - LFCP:[MD5.3CBFEF099FFA6A3A2AC8B39F21B653DB] - 24/09/2013 - 22:00:34 ---A- - C:\Windows\Prefetch\SETUP.EXE-1958A2A0.pf
O45 - LFCP:[MD5.0BBAD2C0ECD152623503B9959C2AF572] - 24/09/2013 - 22:02:00 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-7D63BB4C.pf
O45 - LFCP:[MD5.CC0F60899776ECC1F2981F5D4097C1FA] - 24/09/2013 - 22:03:40 ---A- - C:\Windows\Prefetch\JAVAW.EXE-9BCFFCC7.pf
O45 - LFCP:[MD5.2FD9ADB088E15F2E127D9272A5FCEF1B] - 24/09/2013 - 22:03:40 ---A- - C:\Windows\Prefetch\JAVAWS.EXE-596738CE.pf
O45 - LFCP:[MD5.854ED6E881C0F8A7083749A2BA3E72A1] - 25/09/2013 - 09:45:47 ---A- - C:\Windows\Prefetch\PICKERHOST.EXE-03F09186.pf
O45 - LFCP:[MD5.E519298F7CC24F3E78F687F3B38919D8] - 25/09/2013 - 10:34:37 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-4F60B70E.pf
O45 - LFCP:[MD5.1A95FDB4341410599B2614DEE53F17D1] - 25/09/2013 - 10:34:37 ---A- - C:\Windows\Prefetch\WINSAT.EXE-A854C4D0.pf
O45 - LFCP:[MD5.C6066B3C67B00F3925AB84F9EBE3A52C] - 25/09/2013 - 13:59:26 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-5F7F692E.pf
O45 - LFCP:[MD5.C3B31B2762A78119079312B3271AD6D6] - 25/09/2013 - 13:59:28 ---A- - C:\Windows\Prefetch\LIVECOMM.EXE-F1928578.pf
O45 - LFCP:[MD5.160E407F15E7868D94F18723356832EC] - 25/09/2013 - 14:37:30 ---A- - C:\Windows\Prefetch\ACRORD32.EXE-4E288B88.pf
O45 - LFCP:[MD5.6133833377FD34885441F8961431F159] - 25/09/2013 - 14:37:34 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50DEE1CF.pf
O45 - LFCP:[MD5.9FC3781BCD0547E1E0C7DE2DE5F90279] - 25/09/2013 - 20:50:21 ---A- - C:\Windows\Prefetch\AM_DELTA.EXE-3A6EE7FD.pf
O45 - LFCP:[MD5.3CCC7F66D6685726D4A332CA2FCE51AC] - 25/09/2013 - 21:24:43 ---A- - C:\Windows\Prefetch\IEFLASHUPDATEPREP.EXE-B16186A0.pf
O45 - LFCP:[MD5.861C788371942C66D1D5118440E856C1] - 27/09/2013 - 19:31:55 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.159.688.0.EX-366C7D8B.pf
O45 - LFCP:[MD5.779572B66440DBF988E1C5725FA627EB] - 27/09/2013 - 19:45:21 ---A- - C:\Windows\Prefetch\W32TM.EXE-78C041DB.pf
O45 - LFCP:[MD5.B508167FF48546E44A5940C712182F83] - 27/09/2013 - 19:45:30 ---A- - C:\Windows\Prefetch\PING.EXE-167FE968.pf
O45 - LFCP:[MD5.C39DE534F7ED75F567371AEB8CB99B8C] - 27/09/2013 - 19:46:50 ---A- - C:\Windows\Prefetch\MAKECAB.EXE-E962779E.pf
O45 - LFCP:[MD5.2268DC7769C6BCAFA60A399371760085] - 28/09/2013 - 08:31:55 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-276AC160.pf
O45 - LFCP:[MD5.46A9B4C9FF98CEA5281BB87575DCF583] - 28/09/2013 - 16:37:12 ---A- - C:\Windows\Prefetch\BOOTSTRAP.EXE-CFA21EE6.pf
O45 - LFCP:[MD5.B17BFA42219DF4F46E52EBE54AAA6D3C] - 29/09/2013 - 15:16:53 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-05B3EDF6.pf
O45 - LFCP:[MD5.E0041CEC5FBFFF5C4FC818AD0349C587] - 29/09/2013 - 15:16:53 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-F2C7AEBC.pf
O45 - LFCP:[MD5.C4C8E2CD7ED8B98CFF43296C3CDDF36C] - 29/09/2013 - 15:18:48 ---A- - C:\Windows\Prefetch\AgCx_SC2.db
O45 - LFCP:[MD5.7620EE337396306AFC77F899EDF2173C] - 29/09/2013 - 15:29:53 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.159.887.0.EX-643F8020.pf
O45 - LFCP:[MD5.845F88BCAF227BC4D6BE51D21C73A016] - 29/09/2013 - 15:29:53 ---A- - C:\Windows\Prefetch\MPSIGSTUB.EXE-4D562760.pf
O45 - LFCP:[MD5.82588FB29CF3E6E94B6D9587A5F06A27] - 29/09/2013 - 15:29:53 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-4A7CF88B.pf
O45 - LFCP:[MD5.D0A13CB2173956C65D3A42AE6F9D054B] - 30/09/2013 - 07:07:33 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EA0A52C8.pf
O45 - LFCP:[MD5.9C24036B7E6747D3D9C7442E0E01C217] - 30/09/2013 - 07:10:39 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-985C34E6.pf
O45 - LFCP:[MD5.858D334BEF72F92BB3AB2015E526BD1F] - 30/09/2013 - 07:40:42 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-9E940D77.pf
O45 - LFCP:[MD5.58AFC3B681C3FF5568FFB5ECFD1DE03A] - 30/09/2013 - 07:40:52 ---A- - C:\Windows\Prefetch\NGEN.EXE-383F81D5.pf
O45 - LFCP:[MD5.2685A36E74E280FDFEAC0B5EB8C70024] - 30/09/2013 - 07:41:48 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.B0EAC7F6A5C87269DECBE911EDF013E6] - 30/09/2013 - 07:41:50 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-22AD8A37.pf
O45 - LFCP:[MD5.03C309C6747F8F30106C3C0530BA434D] - 30/09/2013 - 07:42:00 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-55FE3087.pf
O45 - LFCP:[MD5.431DA0A6FDC72FA78A1526A3B8255704] - 30/09/2013 - 07:42:00 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-D593A5D9.pf
O45 - LFCP:[MD5.0A9F3FAD31E729617D64B3BD240EB4ED] - 30/09/2013 - 07:42:01 ---A- - C:\Windows\Prefetch\NGEN.EXE-A8DBB043.pf
O45 - LFCP:[MD5.ED327D855ADB55D59DEB24DC1FB49CD2] - 30/09/2013 - 07:50:28 ---A- - C:\Windows\Prefetch\dynreservedpri.db
O45 - LFCP:[MD5.9CE89B63B29857D11BDDED53FE1F425B] - 30/09/2013 - 07:50:38 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-574A519D.pf
O45 - LFCP:[MD5.C56593E6A03BA78641C68BFBE7D2B14D] - 30/09/2013 - 07:50:38 ---A- - C:\Windows\Prefetch\VSSVC.EXE-206E55B3.pf
O45 - LFCP:[MD5.71D6FE17A3F4B2317939C6E4E518635B] - 30/09/2013 - 07:50:39 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5511E724.pf
O45 - LFCP:[MD5.6A825527FF0F99BA9D4FBA1AABEF488D] - 30/09/2013 - 08:09:33 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-B98D9700.pf
O45 - LFCP:[MD5.5A9DBE500455AB7F10C02AE7F28CEF2F] - 30/09/2013 - 08:28:48 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-4DB88ADA.pf
O45 - LFCP:[MD5.A4D9E1E75B3580EFCD05C76B73B658A1] - 30/09/2013 - 08:28:48 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-CD4E002C.pf
O45 - LFCP:[MD5.9BDEC71CDE422CB0DEB0CE4D747D9503] - 30/09/2013 - 08:28:48 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-3C5D03F7.pf
O45 - LFCP:[MD5.53EDBA6849ACD2F9C58942C0FFFA95DD] - 30/09/2013 - 08:28:49 ---A- - C:\Windows\Prefetch\SETTINGSYNCHOST.EXE-DD400067.pf
O45 - LFCP:[MD5.7AB5A95C87D1383866EA4F7415BF1232] - 30/09/2013 - 08:57:58 ---A- - C:\Windows\Prefetch\SETHC.EXE-D1EC56ED.pf
O45 - LFCP:[MD5.D2B4F6B81E69FA02AF35701CB9C645F7] - 30/09/2013 - 08:58:04 ---A- - C:\Windows\Prefetch\EASEOFACCESSDIALOG.EXE-E54B6BCB.pf
O45 - LFCP:[MD5.5EFA900F94A608E85DCCF5021D3B453C] - 30/09/2013 - 09:53:20 ---A- - C:\Windows\Prefetch\WERMGR.EXE-D948C216.pf
O45 - LFCP:[MD5.B4807B62CA9322181BEC9E095963F006] - 30/09/2013 - 09:53:27 ---A- - C:\Windows\Prefetch\TIWORKER.EXE-3391C7C7.pf
O45 - LFCP:[MD5.7456C32B78CA8DA34C13DE377A5139A2] - 30/09/2013 - 09:57:39 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-9848A323.pf
O45 - LFCP:[MD5.7F070F008BA523A23A8D3829978FC5C4] - 30/09/2013 - 10:03:55 ---A- - C:\Windows\Prefetch\DELEGATE_EXECUTE.EXE-83A46C42.pf
O45 - LFCP:[MD5.F65C770416E5353BBE15FC1614698185] - 30/09/2013 - 10:17:49 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3F4.pf
O45 - LFCP:[MD5.519257846F02BE2795F649A6D33AF083] - 30/09/2013 - 10:24:36 ---A- - C:\Windows\Prefetch\BACKGROUNDTRANSFERHOST.EXE-9145C254.pf
O45 - LFCP:[MD5.A214111EEB083FE9A3DB39D8EF66D17E] - 30/09/2013 - 10:25:17 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-39AABA37.pf
O45 - LFCP:[MD5.04D3C7FFA6AA0B992A95C43739E719E4] - 30/09/2013 - 10:26:13 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-C7B9D18C.pf
O45 - LFCP:[MD5.E29C06776676C12737FD73A93946D84D] - 30/09/2013 - 10:30:27 ---A- - C:\Windows\Prefetch\SMSS.EXE-81AD91F0.pf
O45 - LFCP:[MD5.D046453579B2A625CFBEB8DED9C9A825] - 30/09/2013 - 10:30:37 ---A- - C:\Windows\Prefetch\CSRSS.EXE-A7A2B218.pf
O45 - LFCP:[MD5.338C0CD54D21743864F06B0B3F7CD57B] - 30/09/2013 - 10:30:37 ---A- - C:\Windows\Prefetch\WINLOGON.EXE-0D9AB72B.pf
O45 - LFCP:[MD5.D9CB5C6F7ACE11546C5BFC9A27CC7479] - 30/09/2013 - 10:30:39 ---A- - C:\Windows\Prefetch\DWM.EXE-F29FE9E2.pf
O45 - LFCP:[MD5.C7B4F32C153E84F03F9B56240F9F565B] - 30/09/2013 - 10:50:40 ---A- - C:\Windows\Prefetch\ATBROKER.EXE-8B8F7F7C.pf
O45 - LFCP:[MD5.4A1F212D82DC4426B558C1F084D06C17] - 30/09/2013 - 10:50:49 ---A- - C:\Windows\Prefetch\HCONTROL.EXE-752ABE5C.pf
O45 - LFCP:[MD5.91456FD4E8E6C0EA3C1B880261A5FA39] - 30/09/2013 - 10:50:49 ---A- - C:\Windows\Prefetch\INSONWMI.EXE-D024CEF9.pf
O45 - LFCP:[MD5.C3D178E478605EFF68B01A99EAC60A9D] - 30/09/2013 - 10:50:49 ---A- - C:\Windows\Prefetch\TASKHOSTEX.EXE-7356AAC0.pf
O45 - LFCP:[MD5.CEA0A86BDDCBEA3EDD4153C02F22E9AD] - 30/09/2013 - 10:50:50 ---A- - C:\Windows\Prefetch\USERINIT.EXE-7FD17ED1.pf
O45 - LFCP:[MD5.DB036BF20AB2342ED56B5EE31CD17C94] - 30/09/2013 - 10:50:55 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B865F023.pf
O45 - LFCP:[MD5.A604A182FB5FCCAA8ACC8FF95D65AE4D] - 30/09/2013 - 10:51:04 ---A- - C:\Windows\Prefetch\UPDATEUI.EXE-58A5EE05.pf
O45 - LFCP:[MD5.2F97AFC799CF19B3F4BA578450DC438A] - 30/09/2013 - 10:51:06 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-6C28DB75.pf
O45 - LFCP:[MD5.3201CFC7BB51ED928220D634491AFFE7] - 30/09/2013 - 10:51:08 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-6C28DB76.pf
O45 - LFCP:[MD5.EB779C62173E1C27A7459F6B5694CB72] - 30/09/2013 - 10:51:08 ---A- - C:\Windows\Prefetch\IGFXTRAY.EXE-21BDFE68.pf
O45 - LFCP:[MD5.0B842AF8B4BC3C2E3164CC1C8222432F] - 30/09/2013 - 10:51:09 ---A- - C:\Windows\Prefetch\HKCMD.EXE-15DC91D5.pf
O45 - LFCP:[MD5.DBA10EDFA774FF1CF41E133FA5660681] - 30/09/2013 - 10:51:09 ---A- - C:\Windows\Prefetch\RAVCPL64.EXE-C0BB540D.pf
O45 - LFCP:[MD5.35DE0802887744888A5E498A450DACF5] - 30/09/2013 - 10:51:10 ---A- - C:\Windows\Prefetch\ACMON.EXE-039F45B0.pf
O45 - LFCP:[MD5.5D338ACFF82A7786C947CB2DC4788E7B] - 30/09/2013 - 10:51:14 ---A- - C:\Windows\Prefetch\ASUSWSPANEL.EXE-379DF0C0.pf
O45 - LFCP:[MD5.CC02F7CCDF8ED97715BD7EB73963C591] - 30/09/2013 - 10:51:15 ---A- - C:\Windows\Prefetch\ADOBEARM.EXE-813E932C.pf
O45 - LFCP:[MD5.457F26B2E269BAEBBB6FFE9ECDFA2F49] - 30/09/2013 - 10:51:16 ---A- - C:\Windows\Prefetch\JUSCHED.EXE-4B303C70.pf
O45 - LFCP:[MD5.6184033DD477250C9A7CE007965A28C2] - 30/09/2013 - 10:51:22 ---A- - C:\Windows\Prefetch\CSC.EXE-4D47A477.pf
O45 - LFCP:[MD5.8B42C8914D2196ED86B365CA9B76B18A] - 30/09/2013 - 10:51:22 ---A- - C:\Windows\Prefetch\CVTRES.EXE-9077A165.pf
O45 - LFCP:[MD5.13F5481467686444FAE85A2141423A84] - 30/09/2013 - 10:51:35 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-7D20CFB0.pf
O45 - LFCP:[MD5.3FED96283662B1DCA4518FA6EF2640CC] - 30/09/2013 - 10:51:36 ---A- - C:\Windows\Prefetch\IGFXEXT.EXE-B04096D5.pf
O45 - LFCP:[MD5.92308C59DD47866D21AF8CE85CF18223] - 30/09/2013 - 10:51:50 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-528BC649.pf
O45 - LFCP:[MD5.AD80421C11FAFC084212ECB80F48823B] - 30/09/2013 - 10:51:56 ---A- - C:\Windows\Prefetch\AgCx_SC5.db
O45 - LFCP:[MD5.52FEEB78D20DA11CCCBE6C45DB30A0F7] - 30/09/2013 - 10:53:00 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-62E5E10F.pf
O45 - LFCP:[MD5.CCC838DDB8E654C74AD4946312A3DA44] - 30/09/2013 - 10:53:07 ---A- - C:\Windows\Prefetch\TIWORKER.EXE-375F3D59.pf
O45 - LFCP:[MD5.09817E0005015C9AC7022B8FDA887B43] - 30/09/2013 - 10:53:07 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-B018CCBF.pf
O45 - LFCP:[MD5.BFD0CB70AEC0933E28AB46500A53F7E0] - 30/09/2013 - 10:54:33 ---A- - C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_8_800_16-B0E978DF.pf
O45 - LFCP:[MD5.BD221CAC0D9C1EB0FC642014F6A34FF7] - 30/09/2013 - 10:54:33 ---A- - C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-E510713D.pf
O45 - LFCP:[MD5.C2BB4FCE74FE47105A4AF6AF1E812268] - 30/09/2013 - 10:56:07 ---A- - C:\Windows\Prefetch\JAVA.EXE-4EF2C834.pf
O45 - LFCP:[MD5.D9001D506ADE4C199AFA3716B10A7AC8] - 30/09/2013 - 11:05:45 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C1C2EFBE.pf
O45 - LFCP:[MD5.8C5850418D6CBFDFA14AE66AE9A6527C] - 30/09/2013 - 11:07:21 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf
O45 - LFCP:[MD5.5B2A7A45C5D82E2BBE69D4F3E9151A00] - 30/09/2013 - 11:07:21 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf
O45 - LFCP:[MD5.54110C58AAD6337BAC6BF4C8CEE927D0] - 30/09/2013 - 11:07:30 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-37BED555.pf
O45 - LFCP:[MD5.F4CE80D494E03FA0E950CC5E5BC33C08] - 30/09/2013 - 11:07:31 ---A- - C:\Windows\Prefetch\RUNTIMEBROKER.EXE-17E2786F.pf
O45 - LFCP:[MD5.37B3C9C4B4EB9BAA1757C3D0CAF4A725] - 30/09/2013 - 11:10:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-23205583.pf
O45 - LFCP:[MD5.CB37747D8B8968858D93BEEF7860657A] - 30/09/2013 - 11:11:55 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-29D61DAB.pf
O45 - LFCP:[MD5.4652BD776DB5BF3CEA616124CA537E67] - 30/09/2013 - 12:07:30 ---A- - C:\Windows\Prefetch\ASUSTPCFG64.EXE-7A0C8A89.pf
O45 - LFCP:[MD5.950BB69A5FD556EE27B1EC15E226ADEB] - 30/09/2013 - 12:07:30 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-D687BE54.pf
O45 - LFCP:[MD5.4AB6715025B39A10089A4515F29E35FB] - 30/09/2013 - 12:07:32 ---A- - C:\Windows\Prefetch\ACOVS.EXE-2C6C215E.pf
O45 - LFCP:[MD5.3A6BCF9D01F9C2BA56A9F436F47A9A38] - 30/09/2013 - 12:07:32 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-E35F76FB.pf
O45 - LFCP:[MD5.1A52BAFF614F14D9E71B95283AFD5766] - 30/09/2013 - 12:07:35 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.CB8A54F52AFF1A93F75F0D15C2004D3C] - 30/09/2013 - 12:07:43 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-BB49B536.pf
O45 - LFCP:[MD5.8DAAC3C9A6A2B95FA43038CE6C48C70A] - 30/09/2013 - 12:08:00 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6AA5D6C5.pf
O45 - LFCP:[MD5.1559A7B0750C6217018A7BDCABA63084] - 30/09/2013 - 12:08:35 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.A51C2C3ABD273A6E615F4313BEE8B732] - 30/09/2013 - 12:10:00 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-E0E5E52F.pf
O45 - LFCP:[MD5.92D782D8423193A532D050967C719C8F] - 30/09/2013 - 12:10:25 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-6520183E.pf
O45 - LFCP:[MD5.44F58FF9FAA08764AA1ABEC222ED5A28] - 30/09/2013 - 12:11:39 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4087657791-1931191923-1431379775-1001.db
O45 - LFCP:[MD5.BFA5F9575B2E3D8605E81B87A22614CB] - 30/09/2013 - 12:11:39 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-4087657791-1931191923-1431379775-1001.db
O45 - LFCP:[MD5.3E0589E64BE2533848A6B90164872910] - 30/09/2013 - 12:12:29 ---A- - C:\Windows\Prefetch\ZHPFIX.TMP-6F608608.pf
O45 - LFCP:[MD5.977E30BD2929A9078984F9517EAB0B0A] - 30/09/2013 - 12:12:38 ---A- - C:\Windows\Prefetch\ZHPFIX.EXE-3BDD7855.pf
O45 - LFCP:[MD5.3CCBD0509BA44A7F45CAA8539B2C7DF5] - 30/09/2013 - 12:12:38 ---A- - C:\Windows\Prefetch\ZHPFIX.TMP-520243FB.pf
O45 - LFCP:[MD5.92152D8567D819A67E02F929F9E3F703] - 30/09/2013 - 12:14:19 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-01FEC193.pf
O45 - LFCP:[MD5.99167E5DC1E7382BFE7A75BCA2ECB8E0] - 30/09/2013 - 12:14:29 ---A- - C:\Windows\Prefetch\ZHPFIX.EXE-30773C45.pf
O45 - LFCP:[MD5.7468EDE898B0587AD675B1B98B929B60] - 30/09/2013 - 12:15:34 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C7028A70.pf
O45 - LFCP:[MD5.6431D0FA5EE65F2B1A1A24CD418417C3] - 30/09/2013 - 12:15:35 ---A- - C:\Windows\Prefetch\IGFXSRVC.EXE-F41E6E8E.pf
O45 - LFCP:[MD5.8B62AC0B7AB11DB748401DB8FAE99230] - 30/09/2013 - 12:15:49 ---A- - C:\Windows\Prefetch\THUMBNAILEXTRACTIONHOST.EXE-C3FB8861.pf
O45 - LFCP:[MD5.71B5BF26B5507C9AE86AB2483DDF6C2D] - 30/09/2013 - 12:17:17 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-10E4267C.pf
O45 - LFCP:[MD5.C0C7830DFDB6ECC9150BF0AF97DA0454] - 30/09/2013 - 12:17:17 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-C6CFE2A8.pf
O45 - LFCP:[MD5.F9AA5710CF970EB91B549F8573C410A1] - 30/09/2013 - 12:17:54 ---A- - C:\Windows\Prefetch\CONSENT.EXE-2D674CE4.pf
O45 - LFCP:[MD5.E7D2C07A95588B4241F63F809A76F7A9] - 30/09/2013 - 12:17:59 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50AF0BCC.pf
O45 - LFCP:[MD5.85D9D55124683FDCEED8D16073D9922B] - 30/09/2013 - 12:18:02 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-F62B0048.pf
O45 - LFCP:[MD5.F68890869B80CF9F17DE9ACA43887634] - 30/09/2013 - 12:18:05 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-CF2D1F12.pf
O45 - LFCP:[MD5.BB340CDAA36DC9D9353A8C2E88E37277] - 30/09/2013 - 12:18:05 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-71CB18FC.pf
O45 - LFCP:[MD5.1B733464B586D88F103057D1791C6F8B] - 30/09/2013 - 12:18:22 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-210D3DBE.pf
O45 - LFCP:[MD5.A876342ECF32D6632439937AC29D9DC2] - 30/09/2013 - 12:18:25 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-38926D07.pf
O45 - LFCP:[MD5.D1D68CC8D4A231C7D1EDE9B0FE196EA9] - 30/09/2013 - 12:18:54 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-5F2753B1.pf
O45 - LFCP:[MD5.78E9F5C02F7524FC9AC3692568932332] - 30/09/2013 - 12:19:04 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-C7289479.pf
O45 - LFCP:[MD5.7E0A1DE31D98889DB3E3B5F80C3A271F] - 30/09/2013 - 12:19:46 ---A- - C:\Windows\Prefetch\CMD.EXE-2EB3E6E2.pf
O45 - LFCP:[MD5.85B4F29ADF762A021A2E3719F1BC33DF] - 30/09/2013 - 12:19:46 ---A- - C:\Windows\Prefetch\CONHOST.EXE-F98A1078.pf
O45 - LFCP:[MD5.6CD138285A213D9BA3D6811AD02DDC21] - 30/09/2013 - 12:19:46 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-E9FF6526.pf
O45 - LFCP:[MD5.64B2EE19437F0DC50F2A3C6E3F8CD1A8] - 30/09/2013 - 12:19:53 ---A- - C:\Windows\Prefetch\PV.EXE-D9D90B9C.pf
O45 - LFCP:[MD5.32CA7653A71C3F32939B5140861E8CE0] - 30/09/2013 - 12:19:53 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-0C8A533A.pf
O45 - LFCP:[MD5.670C733597FF9F8F5EC4C877CC76A37B] - 30/09/2013 - 12:19:54 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-7B160CA5.pf
O45 - LFCP:[MD5.D423A7E253C85A69EB10943453D291EF] - 30/09/2013 - 12:20:02 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5B401A7E.pf
O45 - LFCP:[MD5.D1315F313CFECBD35AE0B1DF8E472C55] - 30/09/2013 - 12:20:03 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.D4D335A6F6A39842F96C6170EF7CE210] - 30/09/2013 - 12:20:03 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.02F59489B379DAE917CDA6EE0626775B] - 30/09/2013 - 12:20:04 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.DCA326923977AEA984677790F467CC51] - 30/09/2013 - 12:20:04 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.471671CA09EFAFC0B628759A9F0818AC] - 30/09/2013 - 12:20:04 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-D08B2113.pf
O45 - LFCP:[MD5.65B09F39F01AF9A9BF867EAB2686F89A] - 30/09/2013 - 12:20:10 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-0AD36442.pf
~ Prefetcher: 191 Scanned in 00mn 02s
---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ D�ni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l��diteur de configuration de s�curit� Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de s�curit� Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de s�curit� TLS/SSL.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s
---\\ Contr�le du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d�extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d�extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in 00mn 00s
---\\ Cl� de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{66e05a61-09d6-11e3-be9d-50465d305441}\AutoRun\command. (...) -- E:\autorun.exe (.not file.)
O51 - MPSK:{66e05ae2-09d6-11e3-be9d-50465d305441}\AutoRun\command. (...) -- E:\autorun.exe (.not file.)
O51 - MPSK:{66e05b4c-09d6-11e3-be9d-50465d305441}\AutoRun\command. (...) -- E:\autorun.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s
---\\ Enum�ration des cl�s de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s
---\\ Enum�ration des cl�s de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Scanned in 00mn 00s
---\\ Enum�ration des cl�s de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ MWPE Keys: 3 Scanned in 00mn 00s
---\\ Liste des pilotes du syst�me (SDL) (O58)
O58 - SDL:[MD5.4F18D4C7EA14F11A7211F60D553C03DB] - 26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [106736]
~ Drivers: 17 Scanned in 00mn 00s
---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 27/09/2013 - 19:32:40 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\countrycodeCAEJ5VCV.htm [25]
O61 - LFC: 27/09/2013 - 19:32:46 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAOV018M.htm [0]
O61 - LFC: 27/09/2013 - 19:33:07 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\INetCache\9BH7RFXP\FBActive2[2].png [777]
O61 - LFC: 27/09/2013 - 19:33:07 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\INetCache\9BH7RFXP\FLKRActive[1].png [1257]
O61 - LFC: 27/09/2013 - 19:33:38 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\4309200C3DBAD0F6F0DFACE9165FD092 [727]
O61 - LFC: 27/09/2013 - 19:43:44 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\Settings\settings.dat [262144]
O61 - LFC: 27/09/2013 - 19:43:45 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\WinStore_cw5n1h2txyewy\Settings\settings.dat [8192]
O61 - LFC: 28/09/2013 - 08:37:14 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\countrycodeCAFWBBX1.htm [25]
O61 - LFC: 28/09/2013 - 08:37:15 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CALZG798.htm [0]
O61 - LFC: 28/09/2013 - 08:37:24 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAX3VV8O.htm [0]
O61 - LFC: 28/09/2013 - 08:37:40 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAHXJ96W.htm [0]
O61 - LFC: 28/09/2013 - 08:37:53 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CAU46HVZ.htm [0]
O61 - LFC: 28/09/2013 - 08:38:44 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAGZR81Q.htm [0]
O61 - LFC: 28/09/2013 - 16:34:47 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youporn.com_0.localstorage [3072]
O61 - LFC: 28/09/2013 - 16:34:47 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youporn.com_0.localstorage-journal [3608]
O61 - LFC: 28/09/2013 - 16:52:27 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\countrycodeCAWI5B1B.htm [25]
O61 - LFC: 28/09/2013 - 16:52:33 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAYNJIU2.htm [0]
O61 - LFC: 28/09/2013 - 16:53:01 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dub107.mail.live.com_0.localstorage [3072]
O61 - LFC: 28/09/2013 - 16:53:02 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dub107.mail.live.com_0.localstorage-journal [3608]
O61 - LFC: 28/09/2013 - 16:53:24 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-08 [4427776]
O61 - LFC: 28/09/2013 - 17:17:26 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage [4096]
O61 - LFC: 28/09/2013 - 17:17:26 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage-journal [4640]
O61 - LFC: 28/09/2013 - 17:31:10 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YS5KJFBT\effectivemeasure.net\EM_APP.sol [100]
O61 - LFC: 28/09/2013 - 17:31:38 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dub124.mail.live.com_0.localstorage [3072]
O61 - LFC: 28/09/2013 - 17:31:38 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dub124.mail.live.com_0.localstorage-journal [3608]
O61 - LFC: 28/09/2013 - 17:34:59 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\countrycodeCA1RFKXO.htm [25]
O61 - LFC: 28/09/2013 - 17:34:59 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAOOQXY2.htm [0]
O61 - LFC: 28/09/2013 - 17:35:03 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CA32ECVI.htm [0]
O61 - LFC: 28/09/2013 - 17:35:12 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAAAW9H3.htm [0]
O61 - LFC: 28/09/2013 - 17:35:44 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA89NV5I.htm [0]
O61 - LFC: 28/09/2013 - 17:38:39 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage [32768]
O61 - LFC: 28/09/2013 - 17:38:39 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal [16384]
O61 - LFC: 28/09/2013 - 17:39:47 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\countrycodeCAA5FEE1.htm [25]
O61 - LFC: 28/09/2013 - 17:41:00 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_player.vimeo.com_0.localstorage [3072]
O61 - LFC: 28/09/2013 - 17:41:00 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_player.vimeo.com_0.localstorage-journal [3608]
O61 - LFC: 28/09/2013 - 17:41:01 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_player.vimeo.com_0.localstorage [3072]
O61 - LFC: 28/09/2013 - 17:41:01 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_player.vimeo.com_0.localstorage-journal [3608]
O61 - LFC: 28/09/2013 - 17:41:02 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YS5KJFBT\broadcast.piximedia.fr\footerJS\v3\lib\so.swf\PmUI.sol [33]
O61 - LFC: 28/09/2013 - 17:41:02 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YS5KJFBT\macromedia.com\support\flashplayer\sys\#broadcast.piximedia.fr\settings.sol [92]
O61 - LFC: 28/09/2013 - 17:41:02 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YS5KJFBT\macromedia.com\support\flashplayer\sys\settings.sol [856]
O61 - LFC: 29/09/2013 - 15:21:17 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_chat.tchatche.com_0.localstorage [5120]
O61 - LFC: 29/09/2013 - 15:21:18 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_chat.tchatche.com_0.localstorage-journal [5672]
O61 - LFC: 29/09/2013 - 16:23:42 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\countrycodeCABKR0PU.htm [25]
O61 - LFC: 29/09/2013 - 16:24:13 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\Microsoft\CryptnetUrlCache\Content\AC9005F5466BD463DF06D711B370595F [26790]
O61 - LFC: 29/09/2013 - 16:24:15 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\AC9005F5466BD463DF06D711B370595F [26790]
O61 - LFC: 29/09/2013 - 16:24:16 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\7D1F03728133589A90656A87E482B21F [43143]
O61 - LFC: 29/09/2013 - 16:24:16 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\803D392C3051B3E3A74EB48BC5861291 [26790]
O61 - LFC: 29/09/2013 - 16:24:16 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\803D392C3051B3E3A74EB48BC5861291 [310]
O61 - LFC: 30/09/2013 - 07:07:44 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\countrycodeCAJ1ZVU9.htm [25]
O61 - LFC: 30/09/2013 - 07:08:14 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\Microsoft\CryptnetUrlCache\Content\7D1F03728133589A90656A87E482B21F [43143]
O61 - LFC: 30/09/2013 - 07:16:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db [7168]
O61 - LFC: 30/09/2013 - 07:16:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db-journal [5672]
O61 - LFC: 30/09/2013 - 07:16:58 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\databases\http_www.entre-infideles.com_0\1 [4096]
O61 - LFC: 30/09/2013 - 07:17:25 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Web Data [112640]
O61 - LFC: 30/09/2013 - 07:17:25 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal [16384]
O61 - LFC: 30/09/2013 - 07:17:27 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\QuotaManager [13312]
O61 - LFC: 30/09/2013 - 07:17:27 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal [8768]
O61 - LFC: 30/09/2013 - 07:19:08 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\countrycodeCA4B8R5Z.htm [25]
O61 - LFC: 30/09/2013 - 07:19:08 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CA0MXVI0.htm [0]
O61 - LFC: 30/09/2013 - 07:19:08 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 [340]
O61 - LFC: 30/09/2013 - 07:19:12 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 [338]
O61 - LFC: 30/09/2013 - 07:19:12 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\7D1F03728133589A90656A87E482B21F [256]
O61 - LFC: 30/09/2013 - 07:34:49 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.dailymotion.com_0.localstorage [3072]
O61 - LFC: 30/09/2013 - 07:34:49 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.dailymotion.com_0.localstorage-journal [3608]
O61 - LFC: 30/09/2013 - 07:36:31 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\countrycodeCATX49C5.htm [25]
O61 - LFC: 30/09/2013 - 07:36:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAVNRFLB.htm [0]
O61 - LFC: 30/09/2013 - 07:37:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CA33BRG8.htm [0]
O61 - LFC: 30/09/2013 - 07:38:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CAG15OK4.htm [0]
O61 - LFC: 30/09/2013 - 07:39:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAZ5AXT4.htm [0]
O61 - LFC: 30/09/2013 - 07:40:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAWG1ZY5.htm [0]
O61 - LFC: 30/09/2013 - 07:41:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA6U9B0T.htm [0]
O61 - LFC: 30/09/2013 - 07:42:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAPVAB46.htm [0]
O61 - LFC: 30/09/2013 - 07:43:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAC9SK4O.htm [0]
O61 - LFC: 30/09/2013 - 07:44:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAMAZ03X.htm [0]
O61 - LFC: 30/09/2013 - 07:45:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CAVB4CPK.htm [0]
O61 - LFC: 30/09/2013 - 08:16:53 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\avatars\7a616d6f757232303132 [3962]
O61 - LFC: 30/09/2013 - 08:16:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\chatsync\82\82b1f95bc85f3892.dat [3615]
O61 - LFC: 30/09/2013 - 08:23:53 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAIQ3O5X.htm [0]
O61 - LFC: 30/09/2013 - 08:23:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CACEWOLX.htm [0]
O61 - LFC: 30/09/2013 - 08:24:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAJWSTNS.htm [0]
O61 - LFC: 30/09/2013 - 08:25:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CAHHV3CP.htm [0]
O61 - LFC: 30/09/2013 - 08:26:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CA3RDK40.htm [0]
O61 - LFC: 30/09/2013 - 08:27:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAODL5FT.htm [0]
O61 - LFC: 30/09/2013 - 08:28:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CADN8742.htm [0]
O61 - LFC: 30/09/2013 - 08:29:58 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA379XUP.htm [0]
O61 - LFC: 30/09/2013 - 08:30:58 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAJE3CA0.htm [0]
O61 - LFC: 30/09/2013 - 08:31:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAWK00R1.htm [0]
O61 - LFC: 30/09/2013 - 08:32:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAA9DKLK.htm [0]
O61 - LFC: 30/09/2013 - 08:33:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA98A38F.htm [0]
O61 - LFC: 30/09/2013 - 08:34:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAJN00Y3.htm [0]
O61 - LFC: 30/09/2013 - 08:35:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CA75W5NT.htm [0]
O61 - LFC: 30/09/2013 - 08:36:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAGHY4WS.htm [0]
O61 - LFC: 30/09/2013 - 08:36:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\chatsync\28\287ffa7814b92923.dat [2327]
O61 - LFC: 30/09/2013 - 08:37:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA5GOOME.htm [0]
O61 - LFC: 30/09/2013 - 08:38:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAZE6ZTJ.htm [0]
O61 - LFC: 30/09/2013 - 08:39:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAFPWC9T.htm [0]
O61 - LFC: 30/09/2013 - 08:40:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAU0URC0.htm [0]
O61 - LFC: 30/09/2013 - 08:41:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CAXDM8C1.htm [0]
O61 - LFC: 30/09/2013 - 08:42:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CARAJCUB.htm [0]
O61 - LFC: 30/09/2013 - 08:43:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAH3Q9TL.htm [0]
O61 - LFC: 30/09/2013 - 08:44:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CA443BRH.htm [0]
O61 - LFC: 30/09/2013 - 08:45:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA0CU0S0.htm [0]
O61 - LFC: 30/09/2013 - 08:46:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAMEGLCC.htm [0]
O61 - LFC: 30/09/2013 - 08:47:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAW6XY11.htm [0]
O61 - LFC: 30/09/2013 - 08:48:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAC2XC7G.htm [0]
O61 - LFC: 30/09/2013 - 08:49:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA4Z5Q7N.htm [0]
O61 - LFC: 30/09/2013 - 08:50:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CATW9R5Y.htm [0]
O61 - LFC: 30/09/2013 - 08:51:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAJVAIU6.htm [0]
O61 - LFC: 30/09/2013 - 08:52:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CADQXU49.htm [0]
O61 - LFC: 30/09/2013 - 08:53:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CAZ6TSTB.htm [0]
O61 - LFC: 30/09/2013 - 08:57:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\countrycodeCAMMAJQW.htm [25]
O61 - LFC: 30/09/2013 - 08:57:51 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CADPGIR9.htm [0]
O61 - LFC: 30/09/2013 - 08:58:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAR0MINQ.htm [0]
O61 - LFC: 30/09/2013 - 08:59:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA5U35OQ.htm [0]
O61 - LFC: 30/09/2013 - 09:00:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CA31TDHR.htm [0]
O61 - LFC: 30/09/2013 - 09:01:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CA4W4S7J.htm [0]
O61 - LFC: 30/09/2013 - 09:02:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAXLQ4RF.htm [0]
O61 - LFC: 30/09/2013 - 09:03:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CAZ0E9V0.htm [0]
O61 - LFC: 30/09/2013 - 09:03:56 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\avatars\656d696c696531353630 [12578]
O61 - LFC: 30/09/2013 - 09:03:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\chatsync\0c\0c1433f87b20c8a3.dat [4081]
O61 - LFC: 30/09/2013 - 09:04:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAX2CM8G.htm [0]
O61 - LFC: 30/09/2013 - 09:05:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CACP3IXD.htm [0]
O61 - LFC: 30/09/2013 - 09:06:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAQKBGLM.htm [0]
O61 - LFC: 30/09/2013 - 09:07:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA1U1C0C.htm [0]
O61 - LFC: 30/09/2013 - 09:08:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAZ1RTZW.htm [0]
O61 - LFC: 30/09/2013 - 09:09:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAVKZRU7.htm [0]
O61 - LFC: 30/09/2013 - 09:10:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAGC36OI.htm [0]
O61 - LFC: 30/09/2013 - 09:11:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA2MGGXE.htm [0]
O61 - LFC: 30/09/2013 - 09:12:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CA4LIVLJ.htm [0]
O61 - LFC: 30/09/2013 - 09:13:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CALPQ07O.htm [0]
O61 - LFC: 30/09/2013 - 09:13:52 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\chatsync\67\671ecb8d05c1f18c.dat [3124]
O61 - LFC: 30/09/2013 - 09:13:55 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\avatars\76616c657269652e64756c69657532 [4247]
O61 - LFC: 30/09/2013 - 09:14:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CASWKV4W.htm [0]
O61 - LFC: 30/09/2013 - 09:15:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CANOVB1Q.htm [0]
O61 - LFC: 30/09/2013 - 09:16:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAIKW2LL.htm [0]
O61 - LFC: 30/09/2013 - 09:17:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CA1E7S14.htm [0]
O61 - LFC: 30/09/2013 - 09:18:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CA652W3K.htm [0]
O61 - LFC: 30/09/2013 - 09:19:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CAH1DWXJ.htm [0]
O61 - LFC: 30/09/2013 - 09:20:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CA31208B.htm [0]
O61 - LFC: 30/09/2013 - 09:21:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CACBIV7U.htm [0]
O61 - LFC: 30/09/2013 - 09:22:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CAXOSQLU.htm [0]
O61 - LFC: 30/09/2013 - 09:23:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CAJQZ2A4.htm [0]
O61 - LFC: 30/09/2013 - 09:24:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\adsadclient31CAHXCLMB.htm [0]
O61 - LFC: 30/09/2013 - 09:25:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAE2VQOE.htm [0]
O61 - LFC: 30/09/2013 - 09:26:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CATSK02W.htm [0]
O61 - LFC: 30/09/2013 - 09:27:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CACXH6XP.htm [0]
O61 - LFC: 30/09/2013 - 09:57:29 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\countrycodeCAL501VM.htm [25]
O61 - LFC: 30/09/2013 - 09:57:30 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAXYJSID.htm [0]
O61 - LFC: 30/09/2013 - 09:57:59 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\Microsoft\CryptnetUrlCache\MetaData\4309200C3DBAD0F6F0DFACE9165FD092 [262]
O61 - LFC: 30/09/2013 - 10:01:18 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Top Sites [315392]
O61 - LFC: 30/09/2013 - 10:01:18 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal [16384]
O61 - LFC: 30/09/2013 - 10:01:33 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dub111.mail.live.com_0.localstorage [3072]
O61 - LFC: 30/09/2013 - 10:01:33 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dub111.mail.live.com_0.localstorage-journal [3608]
O61 - LFC: 30/09/2013 - 10:01:51 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_secure.shared.live.com_0.localstorage [32768]
O61 - LFC: 30/09/2013 - 10:01:51 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_secure.shared.live.com_0.localstorage-journal [16384]
O61 - LFC: 30/09/2013 - 10:01:56 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2 [1056768]
O61 - LFC: 30/09/2013 - 10:01:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_0 [45056]
O61 - LFC: 30/09/2013 - 10:01:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_1 [270336]
O61 - LFC: 30/09/2013 - 10:01:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_2 [1056768]
O61 - LFC: 30/09/2013 - 10:01:59 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old [145]
O61 - LFC: 30/09/2013 - 10:02:05 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage [3072]
O61 - LFC: 30/09/2013 - 10:02:05 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage-journal [3608]
O61 - LFC: 30/09/2013 - 10:02:16 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Shortcuts [24576]
O61 - LFC: 30/09/2013 - 10:02:17 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal [16384]
O61 - LFC: 30/09/2013 - 10:02:38 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Favicons [768000]
O61 - LFC: 30/09/2013 - 10:02:38 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal [16384]
O61 - LFC: 30/09/2013 - 10:02:38 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Last Session [15082]
O61 - LFC: 30/09/2013 - 10:02:38 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Last Tabs [10944]
O61 - LFC: 30/09/2013 - 10:02:38 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old [267]
O61 - LFC: 30/09/2013 - 10:02:38 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Visited Links [131072]
O61 - LFC: 30/09/2013 - 10:03:54 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT [16]
O61 - LFC: 30/09/2013 - 10:03:54 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000035 [426]
O61 - LFC: 30/09/2013 - 10:03:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor [157696]
O61 - LFC: 30/09/2013 - 10:03:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal [16384]
O61 - LFC: 30/09/2013 - 10:03:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT [16]
O61 - LFC: 30/09/2013 - 10:03:57 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000061 [202]
O61 - LFC: 30/09/2013 - 10:03:58 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG [0]
O61 - LFC: 30/09/2013 - 10:03:58 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old [0]
O61 - LFC: 30/09/2013 - 10:04:04 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Managed Mode Settings [8]
O61 - LFC: 30/09/2013 - 10:04:04 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity [1278]
O61 - LFC: 30/09/2013 - 10:04:07 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-09 [2486272]
O61 - LFC: 30/09/2013 - 10:08:24 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Safe Browsing Download [685212]
O61 - LFC: 30/09/2013 - 10:08:25 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom [11565556]
O61 - LFC: 30/09/2013 - 10:08:25 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [1737730]
O61 - LFC: 30/09/2013 - 10:08:25 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist [135236]
O61 - LFC: 30/09/2013 - 10:08:25 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist [19680]
O61 - LFC: 30/09/2013 - 10:08:25 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist [6520]
O61 - LFC: 30/09/2013 - 10:08:54 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies [6144]
O61 - LFC: 30/09/2013 - 10:08:54 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal [4640]
O61 - LFC: 30/09/2013 - 10:09:58 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [262726]
O61 - LFC: 30/09/2013 - 10:09:58 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Temp\CRX_75DAF8CB7768\crl-set [262726]
O61 - LFC: 30/09/2013 - 10:09:58 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.fingerprint [12]
O61 - LFC: 30/09/2013 - 10:09:58 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.json [34]
O61 - LFC: 30/09/2013 - 10:17:50 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\History [1261568]
O61 - LFC: 30/09/2013 - 10:17:53 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Current Session [16974]
O61 - LFC: 30/09/2013 - 10:18:10 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Cookies [450560]
O61 - LFC: 30/09/2013 - 10:18:10 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal [16384]
O61 - LFC: 30/09/2013 - 10:21:25 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\History-journal [25136]
O61 - LFC: 30/09/2013 - 10:24:31 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\countrycodeCA7AKJAU.htm [25]
O61 - LFC: 30/09/2013 - 10:24:36 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CAUAS34R.htm [0]
O61 - LFC: 30/09/2013 - 10:24:45 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\BackgroundTransferApi\a187606e-136e-4158-8c9f-84e01841df4c.up_meta [89]
O61 - LFC: 30/09/2013 - 10:24:45 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\bici\bi001000.sqm [894]
O61 - LFC: 30/09/2013 - 10:24:46 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\BackgroundTransferApi\a187606e-136e-4158-8c9f-84e01841df4c.7577bcbd-dab9-4adf-8462-01b4eca85c61.down_meta [380]
O61 - LFC: 30/09/2013 - 10:24:46 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\BackgroundTransferApi\a187606e-136e-4158-8c9f-84e01841df4c.down_data [0]
O61 - LFC: 30/09/2013 - 10:25:06 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\4309200C3DBAD0F6F0DFACE9165FD092 [262]
O61 - LFC: 30/09/2013 - 10:25:06 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\AC9005F5466BD463DF06D711B370595F [314]
O61 - LFC: 30/09/2013 - 10:30:27 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0 [45056]
O61 - LFC: 30/09/2013 - 10:30:27 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1 [270336]
O61 - LFC: 30/09/2013 - 10:30:28 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Current Tabs [12089]
O61 - LFC: 30/09/2013 - 10:30:28 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG [145]
O61 - LFC: 30/09/2013 - 10:30:28 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache [237858]
O61 - LFC: 30/09/2013 - 10:30:28 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Preferences [144755]
O61 - LFC: 30/09/2013 - 10:30:28 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Local State [42520]
O61 - LFC: 30/09/2013 - 10:30:28 ---A- . (...) -- C:\Users\mohamed\AppData\Roaming\Microsoft\MSN Messenger\sqmnoopt00.sqm [518]
O61 - LFC: 30/09/2013 - 10:30:29 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-09-journal [16928]
O61 - LFC: 30/09/2013 - 10:30:29 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG [267]
O61 - LFC: 30/09/2013 - 10:30:29 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [5]
O61 - LFC: 30/09/2013 - 10:30:29 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Windows Live\uxcore_msnmsgr_00.etl [4096]
O61 - LFC: 30/09/2013 - 10:30:32 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\LiveComm.etl [2228224]
O61 - LFC: 30/09/2013 - 10:30:32 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\LiveComm\nouser\120712-0049\DBStore\livecomm.edb [6307840]
O61 - LFC: 30/09/2013 - 10:30:32 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\Microsoft.WindowsLive.ModernPhotos.etl [4718592]
O61 - LFC: 30/09/2013 - 10:30:32 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\ModernPhoto.edb [109084672]
O61 - LFC: 30/09/2013 - 10:30:32 --HA- . (...) -- C:\Users\mohamed\AppData\Local\IconCache.db [166554]
O61 - LFC: 30/09/2013 - 10:30:33 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\Settings\settings.dat [262144]
O61 - LFC: 30/09/2013 - 10:50:45 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Temp\qtsingleapp-EAABFC-151a-2-lockfile [0]
O61 - LFC: 30/09/2013 - 10:50:51 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Temp\.challenge_plain [344]
O61 - LFC: 30/09/2013 - 10:51:00 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\Content\23B523C9E7746F715D33C6527C18EB9D [1802]
O61 - LFC: 30/09/2013 - 10:51:00 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\Content\49514950C94E8026A2B06312597DFF49_569BD946168DB279A65378F7D088CFD0 [1455]
O61 - LFC: 30/09/2013 - 10:51:01 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\Content\8059E9A0D314877E40FE93D8CCFB3C69_CBE43AE7F5F64D8D961C9C8AA1224695 [463]
O61 - LFC: 30/09/2013 - 10:51:01 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 [338]
O61 - LFC: 30/09/2013 - 10:51:01 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 [290]
O61 - LFC: 30/09/2013 - 10:51:02 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\DJQZECBC\google_fr[1].htm [112640]
O61 - LFC: 30/09/2013 - 10:51:03 ---A- . (...) -- C:\Users\mohamed\AppData\Roaming\sp_data.sys [408]
O61 - LFC: 30/09/2013 - 10:51:06 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\KF87MEGA\nav_logo161[1].png [27450]
O61 - LFC: 30/09/2013 - 10:51:07 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\JJDDPB2G\rs=AItRSTPPT8mCQxU70amvztNA-oTr8_VcHw[1].js [368070]
O61 - LFC: 30/09/2013 - 10:51:07 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\JJDDPB2G\sem_c1787bbb690d1eddadda88b00d88ed15[1].js [50863]
O61 - LFC: 30/09/2013 - 10:51:08 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\DJQZECBC\76b3b3b380e8c8ad[1].js [86767]
O61 - LFC: 30/09/2013 - 10:51:08 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\KF87MEGA\rs=AItRSTPPT8mCQxU70amvztNA-oTr8_VcHw[1].js [287350]
O61 - LFC: 30/09/2013 - 10:51:11 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\DJQZECBC\s[2].json [801]
O61 - LFC: 30/09/2013 - 10:51:11 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\DJQZECBC\s[3].json [786]
O61 - LFC: 30/09/2013 - 10:51:12 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\8X9I07P7\s[1].json [94418]
O61 - LFC: 30/09/2013 - 10:51:12 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\JJDDPB2G\rs=AItRSTPPT8mCQxU70amvztNA-oTr8_VcHw[2].js [74922]
O61 - LFC: 30/09/2013 - 10:51:12 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\Content\8059E9A0D314877E40FE93D8CCFB3C69_B8167929DF5FBDEF84BAE741CCB8D129 [463]
O61 - LFC: 30/09/2013 - 10:51:13 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\8X9I07P7\photo[1].png [4727]
O61 - LFC: 30/09/2013 - 10:51:21 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\Internet Explorer\DOMStore\TY471OB8\www.google[1].xml [171]
O61 - LFC: 30/09/2013 - 10:51:31 ---A- . (...) -- C:\Users\mohamed\AppData\Local\ASUS\P4G\P4GUI.INI [501]
O61 - LFC: 30/09/2013 - 10:51:32 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\Content\4309200C3DBAD0F6F0DFACE9165FD092 [727]
O61 - LFC: 30/09/2013 - 10:51:32 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\MetaData\23B523C9E7746F715D33C6527C18EB9D [292]
O61 - LFC: 30/09/2013 - 10:51:32 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\MetaData\4309200C3DBAD0F6F0DFACE9165FD092 [262]
O61 - LFC: 30/09/2013 - 10:51:32 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\MetaData\49514950C94E8026A2B06312597DFF49_569BD946168DB279A65378F7D088CFD0 [386]
O61 - LFC: 30/09/2013 - 10:51:32 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\MetaData\7D1F03728133589A90656A87E482B21F [256]
O61 - LFC: 30/09/2013 - 10:51:32 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\MetaData\8059E9A0D314877E40FE93D8CCFB3C69_B8167929DF5FBDEF84BAE741CCB8D129 [390]
O61 - LFC: 30/09/2013 - 10:51:32 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\CryptnetUrlCache\MetaData\8059E9A0D314877E40FE93D8CCFB3C69_CBE43AE7F5F64D8D961C9C8AA1224695 [386]
O61 - LFC: 30/09/2013 - 11:07:21 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\Microsoft\CryptnetUrlCache\MetaData\7D1F03728133589A90656A87E482B21F [256]
O61 - LFC: 30/09/2013 - 11:07:22 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\R9AS6SXA\countrycodeCAU8J31F.htm [25]
O61 - LFC: 30/09/2013 - 11:07:22 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\mmanager\mediacache.ldb [40]
O61 - LFC: 30/09/2013 - 11:07:22 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\thmanager\thcache.ldb [40]
O61 - LFC: 30/09/2013 - 11:07:22 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\TempState\DbTemp\temp-87m0k5lY1pigtOIZaQq6htA7 [20480]
O61 - LFC: 30/09/2013 - 11:07:22 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\TempState\DbTemp\temp-DG16XkEG6dIhM7Vm4sE5zu1D [512]
O61 - LFC: 30/09/2013 - 11:07:23 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\imcache [58]
O61 - LFC: 30/09/2013 - 11:07:26 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\4GUKCQ8E\adsadclient31CAZXTHOH.htm [0]
O61 - LFC: 30/09/2013 - 11:07:27 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\eas.db [49152]
O61 - LFC: 30/09/2013 - 11:07:27 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\eas.db-journal [33344]
O61 - LFC: 30/09/2013 - 11:07:28 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\chatsync\79\7972eed5d1fa99f4.dat [1962]
O61 - LFC: 30/09/2013 - 11:07:28 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\chatsync\9c\9cbe722e16b539b1.dat [1926]
O61 - LFC: 30/09/2013 - 11:07:28 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\chatsync\a9\a94b9643cb8aa11a.dat [2074]
O61 - LFC: 30/09/2013 - 11:07:33 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\VWRQOZ66\adsadclient31CA5TH5YN.htm [0]
O61 - LFC: 30/09/2013 - 11:07:43 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\msn.db [86016]
O61 - LFC: 30/09/2013 - 11:07:43 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\msn.db-journal [57968]
O61 - LFC: 30/09/2013 - 11:07:43 ---A- . (...) -- C:\Users\mohamed\AppData\Roaming\Microsoft\Spelling\fr-FR\default.acl [2]
O61 - LFC: 30/09/2013 - 11:07:43 ---A- . (...) -- C:\Users\mohamed\AppData\Roaming\Microsoft\Spelling\fr-FR\default.dic [2]
O61 - LFC: 30/09/2013 - 11:07:43 ---A- . (...) -- C:\Users\mohamed\AppData\Roaming\Microsoft\Spelling\fr-FR\default.exc [2]
O61 - LFC: 30/09/2013 - 11:07:44 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\chatsync\1f\1f36e4af70a39d36.dat [2258]
O61 - LFC: 30/09/2013 - 11:07:52 -S-A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\Microsoft\CryptnetUrlCache\MetaData\AC9005F5466BD463DF06D711B370595F [314]
O61 - LFC: 30/09/2013 - 11:08:24 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\INetCache\H6IIK53O\adsadclient31CA321TEE.htm [0]
O61 - LFC: 30/09/2013 - 11:08:49 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\shared.xml [83735]
O61 - LFC: 30/09/2013 - 11:09:13 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\config.xml [8271]
O61 - LFC: 30/09/2013 - 11:09:32 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\main.db [1970176]
O61 - LFC: 30/09/2013 - 11:09:32 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\main.db-journal [222128]
O61 - LFC: 30/09/2013 - 11:09:44 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\_sessionState.json [578]
O61 - LFC: 30/09/2013 - 11:09:44 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\bistats.db [311296]
O61 - LFC: 30/09/2013 - 11:09:44 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\live#3asalah.msb\bistats.db-journal [131840]
O61 - LFC: 30/09/2013 - 11:09:44 ---A- . (...) -- C:\Users\mohamed\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\stats.json [2]
O61 - LFC: 30/09/2013 - 12:10:16 ---A- . (.Nicolas Coolman.) -- C:\Users\mohamed\Downloads\ZHPFix.exe [3515295] =>.Nicolas Coolman
O61 - LFC: 30/09/2013 - 12:17:26 ---A- . (.Nicolas Coolman.) -- C:\Users\mohamed\Downloads\ZHPDiag2.exe [6830715] =>.Nicolas Coolman
O61 - LFC: 30/09/2013 - 12:18:58 ---A- . (...) -- C:\Users\mohamed\AppData\Roaming\ZHP\TestsZHPDiag.txt [2895] =>.Nicolas Coolman
O61 - LFC: 30/09/2013 - 12:20:56 ---A- . (...) -- C:\Users\mohamed\AppData\Roaming\ZHP\Log.txt [19139] =>.Nicolas Coolman
~ 5 Fichiers temporaires (Temporary files)
~ Files: 287 Scanned in 01mn 01s
---\\ Liste des outils de d�sinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
O63 - Logiciel: ZHPFix 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
~ FASS Keys: 19 Scanned in 00mn 00s
---\\ Menu de d�marrage Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {D8E7A64E-EA3D-497C-A1A6-B988B48E1325} - (Ask Search) - http://www.search.ask.com
~ Keys: Scanned in 00mn 00s
---\\ Enum�re les service demarr�s par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Exp�rience d�application.) -- C:\Windows\System32\aelupsvc.dll [190976]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [309248]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de strat�gie de groupe.) -- C:\Windows\System32\gpsvc.dll [1366016]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1156096]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de num�rotation automatique d�acc�s distant.) -- C:\Windows\System32\rasauto.dll [99840]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d�acc�s � distance.) -- C:\Windows\System32\rasmans.dll [358400]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d�interface dynamique.) -- C:\Windows\System32\mprdim.dll [107520]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d��v�nements syst�me (SENS).) -- C:\Windows\System32\sens.dll [62976]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l�application d�assistance � Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [438784]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de t�l�phonie Microsoft� Windows(TM).) -- C:\Windows\System32\tapisrv.dll [305664]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise � jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [3275776]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arri�re-plan.) -- C:\Windows\System32\qmgr.dll [826368]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [565760]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivit� IPv6 sur un r�seau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [894464]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d�ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d�application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de d�couverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [151552]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [105472]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de t�ches.) -- C:\Windows\System32\schedsvc.dll [1285632]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [219648]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multim�dias.) -- C:\Windows\System32\mmcss.dll [80896]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d�ordinateurs.) -- C:\Windows\System32\browser.dll [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau � distance.) -- C:\Windows\System32\sessenv.dll [291328]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux probl�mes.) -- C:\Windows\System32\wercplsupport.dll [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des cl�s.) -- C:\Windows\System32\kmsvc.dll [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [190976]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft�.) -- C:\Windows\System32\wlidsvc.dll [1964544]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des th�mes Windows Shell.) -- C:\Windows\System32\themeservice.dll [47104]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d�installation de p�riph�rique.) -- C:\Windows\System32\DeviceSetupManager.dll [207872]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivit� r�seau Microsoft.) -- C:\Windows\System32\ncasvc.dll [161792]
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les �v�nements syst�me.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [180224]
~ Services: 34 Scanned in 00mn 00s
---\\ Recherche particuli�re � la racine du syst�me (SPRF) (O84)
[MD5.4A93070098539B54FDA391D4D551C880] [SPRF][22/07/2009] (...) -- C:\ProgramData\SetStretch.exe [24576]
[MD5.3BC853FCC8DABE43A64823C4D2968EDF] [SPRF][15/07/2013] (.Ask Partner Network - Stub Installer.) -- C:\Users\mohamed\AppData\Local\Temp\APNSetup.exe [489936]
[MD5.7DD4DC5C7A9E9096733F36B205AEA636] [SPRF][03/09/2009] (.Windows (R) Codename Longhorn DDK provider - Windows Setup API.) -- C:\Users\mohamed\AppData\Local\Temp\DeviceSetup64.exe [10752]
[MD5.8B1D49ECFE1D4C980DC7942EA0CD605B] [SPRF][03/04/2013] (.Adobe Systems Incorporated - Adobe� Flash� Player Installer/Uninstaller 11.6 r602.) -- C:\Users\mohamed\AppData\Local\Temp\fp_pl_pfs_installer.exe [16486616]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][19/12/2012] (...) -- C:\Users\mohamed\AppData\Local\Temp\hpxpsinfo.dat [0]
[MD5.3CF2C2F7FC07728536B532322AF61FF3] [SPRF][30/09/2013] (...) -- C:\Users\mohamed\AppData\Roaming\sp_data.sys [408]
[MD5.30C4ED6B07688BFBC9479E83B7D23137] [SPRF][05/11/2012] (...) -- C:\Users\mohamed\Desktop\bibus-1.4.3.1-Win32-wx2.8.7.1-Full-Setup.exe [12210253]
[MD5.601A4103C0A21219969B43A1DA956097] [SPRF][30/09/2013] (.Nicolas Coolman - ZHPFix.) -- C:\Users\mohamed\Desktop\ZHPFix.exe [3515295]
~ Files: 8 Scanned in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "vm-monitoring-rpc" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "vm-monitoring-dcom" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMP-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de d�marrage de Windows.) -- C:\Windows\system32\wininit.exe
O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de d�marrage de Windows.) -- C:\Windows\system32\wininit.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Netlogon-TCP-RPC-In" | In - None - P6 - FALSE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "ProximityUxHost-Sharing-In-TCP-NoScope" | In - None - P6 - TRUE | .(.Microsoft Corporation - H�te UX de proximit�.) -- C:\Windows\system32\proximityuxhost.exe
O87 - FAEL: "ProximityUxHost-Sharing-Out-TCP-NoScope" | Out - None - P6 - TRUE | .(.Microsoft Corporation - H�te UX de proximit�.) -- C:\Windows\system32\proximityuxhost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-syst�me spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-syst�me spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-DAS-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnPHost-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-DAS-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d�assistance � distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d�assistance � distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-In-UDP-NoScope" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-UDP-LocalSubnetScope" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-NoScope" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-LocalSubnetScope" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-NoScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-LocalSubnetScope" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-In-RTSP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe
O87 - FAEL: "PlayTo-SSDP-Discovery-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-In-TCP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PlayTo-QWave-Out-TCP-PlayToScope" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TPMVSCMGR-Server-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-Server-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TPMVSCMGR-Server-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "TPMVSCMGR-Server-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" |In - None - P6 - TRUE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.)
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contr�leur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contr�leur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus h�te de l�infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus h�te de l�infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-TCP" |In - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-TERMSRV-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.)
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-Prov-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcx2prov.exe (.not file.)
O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-McrMgr-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcrmgr.exe (.not file.)
O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{9E087DF3-D8D8-4E70-9A4C-A96BFFC0F31B}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Microsoft SharePoint Workspace.) -- C:\Program Files\Microsoft Office\Office14\GROOVE.exe
O87 - FAEL: "{37038080-B2B7-4E74-8270-E4C11B35E724}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Microsoft SharePoint Workspace.) -- C:\Program Files\Microsoft Office\Office14\GROOVE.exe
O87 - FAEL: "{BBB50CB8-EC5A-45DD-A104-A578D5187BD1}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files\Microsoft Office\Office14\ONENOTE.exe =>.Microsoft Corporation
O87 - FAEL: "{CE2C6726-1F28-4C07-B27C-2DDF5072D2FF}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files\Microsoft Office\Office14\ONENOTE.exe =>.Microsoft Corporation
O87 - FAEL: "{141FF2F0-AFFA-4FBF-80E1-040C339E03B5}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files\Microsoft Office\Office14\outlook.exe
O87 - FAEL: "{906BD463-8CB6-4E9A-B707-B427D1EB135C}" |In - None - P17 - TRUE | .(...) -- F:\DJ_AIO_06_F4500_\setup\hpznui40.exe (.not file.)
O87 - FAEL: "{EB68D7F3-BAF1-4095-AFE5-D685839256BE}" | In - None - P17 - TRUE | .(.Hewlett-Packard - HP Software Update Client.) -- C:\Program Files (x86)\HP\hp software update\hpwucli.exe =>.Hewlett-Packard Co
O87 - FAEL: "{06FAE245-2332-4B4F-B459-87F6ABDC9C96}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
O87 - FAEL: "{C5D23185-5115-4FFC-BE12-E24EFA42E937}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O87 - FAEL: "{D3E62FDD-5839-4048-9DDC-37369D565322}" | In - None - P17 - TRUE | .(.Apowersoft - Video Download Capture.) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
O87 - FAEL: "{38EE2C79-BB0C-4A03-A628-80B8444B0AAA}" | Out - None - P17 - TRUE | .(.Apowersoft - Video Download Capture.) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
O87 - FAEL: "{FE86B190-21B0-4B3D-A90A-335E460569C0}" | In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
O87 - FAEL: "{C6D52BB4-6C53-413D-91F2-5DBD4E35922D}" | Out - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
O87 - FAEL: "{EC07F1F3-A815-4D6A-9D98-80600A91782A}" | In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
O87 - FAEL: "{4B373D41-419E-4DE9-97D4-51B414A4B1B5}" | Out - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
O87 - FAEL: "{5FAE210F-FA2A-47BA-BB12-8936AB0AABAB}" | In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
O87 - FAEL: "{4053CD36-AB26-41E0-8E3A-7D2BD54AD814}" | Out - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
O87 - FAEL: "{3F54B112-5891-42B7-9B7F-9473BA36C001}" | In - None - P17 - TRUE | .(.Pas de propri�taire - MPlayer - The Movie Player.) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
O87 - FAEL: "{BA6C2E20-F4C2-4F06-8AEC-6B5A4CF91F23}" | Out - None - P17 - TRUE | .(.Pas de propri�taire - MPlayer - The Movie Player.) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
O87 - FAEL: "{5380D6AD-75FB-4E8C-B721-321D0528F369}" | In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
O87 - FAEL: "{04B4FF0E-3292-4112-8A59-9318FD8D7808}" | Out - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
~ Firewall: 225 Scanned in 00mn 04s
---\\ Enum�re les codes produits des logiciels (PUC) (O90)
O90 - PUC: "047163973EAE2E1199118BCAF689CC3E" . (.Google Earth Plug-in.) -- C:\Windows\Installer\{79361740-EAE3-11E2-9911-B8AC6F98CCE3}\ARPPRODUCTICON.exe =>.Google Inc
O90 - PUC: "1B641C2DD849FE743878D5C1B689F0C7" . (.Windows Live Writer.) -- C:\Windows\Installer\{D2C146B1-948D-47EF-8387-5D1C6B980F7C}\ApplicationIcon.ico
O90 - PUC: "21F1DBD139DE0C947ACC65BCED841885" . (.ASUS LifeFrame3.) -- C:\Windows\Installer\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}\_853F67D554F05449430E7E.exe
O90 - PUC: "50FA96906FF400C4496034952983EDD0" . (.ASUS Splendid Video Enhancement Technology.) -- C:\Windows\Installer\{0969AF05-4FF6-4C00-9406-43599238DE0D}\_853F67D554F05449430E7E.exe
O90 - PUC: "66D2718596F25124A9CEDE1869207363" . (.ASUS Tutor.) -- C:\windows\Installer\{58172D66-2F69-4215-9AEC-ED8196023736}\_853F67D554F05449430E7E.exe
O90 - PUC: "68AB67CA7DA76301B744BA0000000010" . (.Adobe Reader XI (11.0.04) - Fran�ais.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O90 - PUC: "6A6823D4BA6FA894284A4E0F0425F9D3" . (.ASUS Smart Gesture.) -- C:\Windows\Installer\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}\_853F67D554F05449430E7E.exe
O90 - PUC: "76E045AFC590B1A479ABD445D7CEA94F" . (.ASUS Live Update.) -- C:\Windows\Installer\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}\MyIcon
O90 - PUC: "A58BCE98339DAEC41961C5CBC9E29DB5" . (.ASUS Instant Connect.) -- C:\Windows\Installer\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}\_853F67D554F05449430E7E.exe
O90 - PUC: "A865EE1FF17160C4B96E3259EB0D763A" . (.LibreOffice 4.1.1.2.) -- C:\Windows\Installer\{F1EE568A-171F-4C06-9BE6-2395BED067A3}\soffice.ico
O90 - PUC: "B476F94747628E7478C965620AB6A219" . (.ASUS InstantOn.) -- C:\Windows\Installer\{749F674B-2674-47E8-879C-5626A06B2A91}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "E19212F84440D1B49B9F34077AE343D6" . (.WinFlash.) -- C:\Windows\Installer\{8F21291E-0444-4B1D-B9F9-4370A73E346D}\MyIcon
O90 - PUC: "E339C5BAD7C503D43B41C9384AB949EB" . (.ATK Package.) -- C:\Windows\Installer\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}\_4ae13d6c.exe
O90 - PUC: "E5E5322F18873924B9F6402B06F9FB0F" . (.Windows Live Messenger.) -- C:\Windows\Installer\{F2235E5E-7881-4293-9B6F-04B2609FBFF0}\MsblIco.Exe
O90 - PUC: "F9A84C6AA49643243BAA2695B0669872" . (.Intel(R) Manageability Engine Firmware Recovery Agent.) -- C:\Windows\Installer\{A6C48A9F-694A-4234-B3AA-62590B668927}\AppIcon
O90 - PUC: "FB9326B958E40954D827153ED01B9AAA" . (.ASUS Power4Gear Hybrid.) -- C:\Windows\Installer\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}\_853F67D554F05449430E7E.exe
~ Update Products: 97 Scanned in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.0235566E5134C79D5D40C1397220AC4E] [WIS][05/12/2012] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\38e5fa3.msi [28160] =>Toolbar.Google
[MD5.7AE5FF598B22E4F65558BAF73107FA7E] [WIS][14/05/2009] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\acba640.msi [459264]
~ WIS: 98 Scanned in 00mn 11s
---\\ Etat g�n�ral des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 10/09/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 23/07/2012 105120 | (ASLDRService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 13/04/2012 277120 | (ASUS InstantOn) . (.ASUS.) - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
SR - | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SS - | Demand 16/08/2012 276288 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 05/12/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 05/12/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 05/12/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Demand 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 27/06/2012 129856 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 25/06/2012 166720 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 17/07/2012 277824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Demand 06/09/2013 117656 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 20/09/2012 29696 | C:\Windows\System32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 20/09/2012 29696 | C:\Windows\System32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 17/07/2012 365376 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 13s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by mohamed at 30/09/2013 13:22:55
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by mohamed at 30/09/2013 13:22:57
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 12932 - (29/09/2013)
Cl�s trouv�es (Keys found) : 12
Valeurs trouv�es (Values found) : 4
Dossiers trouv�s (Folders found) : 12
Fichiers trouv�s (Files found) : 6
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4D91-8333-CF10577473F7}] =>Toolbar.Google^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}] =>Toolbar.Google^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] =>Toolbar.Google^
[HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion] =>Toolbar.Yahoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{EF99BD32-C1FB-11D2-892F-0090271D4F88} =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{EF99BD32-C1FB-11D2-892F-0090271D4F88} =>Toolbar.Yahoo
C:\Program Files (x86)\AddLyrics =>Adware.AddLyrics^
C:\Program Files (x86)\Boxore =>Adware.Boxore^
C:\Program Files (x86)\SweetIM =>PUP.SweetIM^
C:\ProgramData\SweetIM =>PUP.SweetIM^
C:\ProgramData\Tarma Installer =>PUP.Tarma^
C:\Users\mohamed\AppData\Local\Smartbar =>Hijacker.SmartBar^
C:\Users\mohamed\AppData\Local\SwvUpdater =>PUP.Software.Updater^
C:\Users\mohamed\AppData\Local\Wajam =>Toolbar.Wajam^
C:\Users\mohamed\AppData\Local\Software =>Adware.Boxore
C:\Users\mohamed\AppData\LocalLow\Smartbar =>Hijacker.SmartBar
C:\Users\mohamed\AppData\LocalLow\SweetIM =>PUP.SweetIM
C:\Users\mohamed\AppData\Local\Temp\Smartbar =>Hijacker.SmartBar
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google^
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google^
C:\Windows\Installer\38e5fa3.msi =>Toolbar.Google^
C:\Windows\KMSEmulator.exe =>Hijacker.Windows
C:\Users\mohamed\AppData\Local\Temp\GoogleToolbarInstaller1.log =>Toolbar.Babylon
C:\Users\mohamed\AppData\Local\Temp\GoogleToolbarInstaller2.log =>Toolbar.Babylon
~ Additionnel Scan: 269849 Items scanned in 00mn 21s
---\\ R�capitulatif des d�tections trouv�es sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/32384220-toolbar-google =>Toolbar.Google
~ http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar =>Hijacker.SmartBar
~ http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy =>Hijacker.Proxy
~ http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics =>Adware.AddLyrics
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/32713686-pup-software-updater =>PUP.Software.Updater
~ http://nicolascoolman.webs.com/apps/blog/show/27379491-toolbar-wajam =>Toolbar.Wajam
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo =>Toolbar.Yahoo
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon
~ MSI: 11 link(s) detected in 00mn 21s
End of the scan (1815 lines in 03mn 38s)(0)