~ Rapport de ZHPDiag v2013.10.25.66 - Nicolas Coolman (25/10/2013) ~ Lancé par admin (26/10/2013 11:49:54) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v9.0.8112.16421 GCIE: Google Chrome v30.0.1599.101 ---\\ Informations sur les produits Windows ~ Langage: Français Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002) Windows Server License Manager Script : OK ~ Vista, OEM_COA_SLP channel Windows ID Activation : OK ~ Windows Partial Key : 4462H Windows License : OK Windows Automatic Updates : OK ---\\ Logiciels de protection du système Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft Security Client v2.1.1116.0 ---\\ Logiciels d'optimisation du système ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 11 Plugin Adobe Reader XI Java 7 Update 17 ---\\ Informations sur le système ~ Processor: x86 Family 6 Model 42 Stepping 7, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3574 MB (51% free) System Restore: Activé (Enable) System drive C: has 280 GB (60%) free of 466 GB ---\\ Mode de connexion au système ~ Computer Name: PC-DE-ADMIN ~ User Name: admin ~ All Users Names: UpdatusUser, Administrateur, admin, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\admin\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\admin\AppData\Roaming\ ~ %Desktop% : C:\Users\admin\Desktop\ ~ %Favorites% : C:\Users\admin\Favorites\ ~ %LocalAppData% : C:\Users\admin\AppData\Local\ ~ %StartMenu% : C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 280 Go of 466 Go) D: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go) E: Hard drive, Flash drive, Thumb drive (Free 297 Go of 298 Go) F: CD-ROM drive (Not Inserted) G: Floppy drive, Flash card reader, USB Key (Not Inserted) H: Floppy drive, Flash card reader, USB Key (Not Inserted) I: Floppy drive, Flash card reader, USB Key (Not Inserted) J: Floppy drive, Flash card reader, USB Key (Not Inserted) L: Hard drive, Flash drive, Thumb drive (Free 118 Go of 233 Go) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowHelp: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyDocs: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyMusic: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyPics: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowPrinters: Modified =>PUA.StartShow [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSetProgramAccessAndDefaults: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowControlPanel: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowNetConn: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: 42 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.18/01/2008 - 22:33:38.) -- C:\Windows\System32\Wininit.exe [96768] [MD5.C8ADAA6948993D839D14524847EA5B75] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/09/2013 - 11:13:22.) -- C:\Windows\System32\wininet.dll [1129472] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368] [MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408] [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944] [MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.18/01/2008 - 20:28:04.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144] [MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072] [MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264] [MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152] [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.18/01/2008 - 20:49:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784] [MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.18/01/2008 - 20:56:30.) -- C:\Windows\system32\Drivers\IpNat.sys [100864] [MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496] [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856] [MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232] [MD5.8A79FDF04A73428597E2CAF9D0D67850] - (.Microsoft Corporation - Pilote de port parallèle.) (.18/01/2008 - 20:49:34.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.18/01/2008 - 20:56:36.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288] [MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688] [MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560] [MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192] [MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/7342 ~ Mes musiques (My Musics) : 9/110 ~ Mes Videos (My Videos) : 1/2 ~ Mes Favoris (My Favorites) : 1/68 ~ Mes Documents (My Documents) : 1/151384 ~ Mon Bureau (My Desktop) : 1/27 ~ Menu demarrer (Programs) : 1/34 ~ Hidden Files: Scanned in 00mn 26s ---\\ Processus lancés [MD5.488F6C93EF4ED581D80CE7AA9F5E9C46] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9398888] [PID.3144] [MD5.B93C4070F24E46B0097648C276B5039E] - (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [49152] [PID.3308] [MD5.AD4D7F2F4BEBF1DB647D93DA9172AA1E] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [18706176] [PID.3356] [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.3368] =>Toolbar.Google [MD5.1BA45CDEF852381DA4A95D056DDB4B48] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [210520] [PID.3384] [MD5.47C9EF1600EDD9EBD8155EB6B5206B6B] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1821984] [PID.3568] [MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [10376704] [PID.3988] [MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [10368512] [PID.780] [MD5.85E7BB8A103644085C5C665481022E56] - (.Hewlett-Packard Co. - HP CUE Status.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [271960] [PID.3548] [MD5.AB055E4E8A49E06469B137C93C8E11C6] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer.exe [12631904] [PID.2316] [MD5.45BDA923BE52906D1460BCB13AC2AB7A] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [757400] [PID.6008] [MD5.CC82669653807DFC27DF3B73ECE5EECD] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8135168] [PID.4456] [MD5.E4284FCF99FEA13A7E1836F87AE356F6] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.0.) -- C:\Windows\system32\nvvsvc.exe [639776] [PID.864] [MD5.5A19667A580B1CE886EAF968B9743F45] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [383264] [PID.876] [MD5.CFCE43B70CA0CC4DCC8ADB62B792B173] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736] [PID.1024] [MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1396] [MD5.8619BE54EC51A74A2C3F82B313AB445E] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [873248] [PID.1616] [MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1764] [MD5.AFFF9B106DB80D85FAEE14D47ECFC3CD] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [462088] [PID.2260] [MD5.F67C21CC4195F6AFC447418FE163E156] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [5087584] [PID.2408] [MD5.E70FD0D2C95F559A17321D831875593D] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277824] [PID.3188] [MD5.C485FB802F6C4A306B8F89BA087E5CA2] - (.Intel Corporation - User Notification Service.) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [365376] [PID.2000] [MD5.E623B98CC2F6275C027CCBDF13749A77] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\tv_w32.exe [195936] [PID.3452] [MD5.A09E329D8351719A5B17080304DF3C6D] - (.TeamViewer GmbH - TeamViewer 8.) -- c:\program files\teamviewer\version8\TeamViewer_Desktop.exe [4536672] [PID.2200] [MD5.F8D8BB3F6173FFF00128612F33D3197A] - (.Microsoft Corporation - WMI Reverse Performance Adapter Maintenance.) -- C:\Windows\system32\wbem\WMIADAP.exe [117248] [PID.4628] ~ Processes Running: Scanned in 00mn 02s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [User Data\Default] None G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com G0 - GCSP: Preference [User Data\Default] http://www.google.com G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé) G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé) G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé) G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé) G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Chrome In-App Payments service v.0.0.4.11 (Activé) G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé) ~ Google Browser: 12 Scanned in 00mn 06s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\wqusb1hh.default\prefs.js C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\wqusb1hh.default\user.js M3 - MFPP: Plugins - [admin] -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\wqusb1hh.default\searchplugins\delta.xml =>Toolbar.DeltaSearch M0 - MFSP: prefs.js [admin - wqusb1hh.default] http://www.delta-search.com =>Toolbar.DeltaSearch P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (...) -- C:\Program Files\Google\Picasa3\npPicasa3.dll (.not file.) P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.17.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.17.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.17.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@nvidia.com/3DVision] - (.NVIDIA Corporation - NVIDIA 3D Vision plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll P2 - FPN: [HKLM] [@nvidia.com/3DVisionStreaming] - (.NVIDIA Corporation - NVIDIA 3D Vision Streaming plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.5] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.05.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll ~ Firefox Browser: 14 Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.22find.com =>Hijacker.22Find R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.05.) (No version) -- (.not file.) R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ~ IE Browser: 10 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 20 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll ~ BHO: 6 Scanned in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google O3 - Toolbar\WebBrowser: (no name) - [HKCU]{F2CF5485-4E02-4F68-819C-B92DE9277049} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: 470 000 Cliparts.lnk . (.Hemera Technologies Inc. www.hemera.com - GraphicsDesk.) -- C:\Program Files\MicroApp\470 000 Cliparts\GraphicsDesk.exe O4 - GS\Desktop [Public]: Adobe Reader XI.lnk . (.Adobe Systems Incorporated - Adobe Reader.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe O4 - GS\Desktop [Public]: CDBurnerXP.lnk . (.Canneverbe Limited - CDBurnerXP.) -- C:\Program Files\CDBurnerXP\cdbxpp.exe O4 - GS\Desktop [Public]: Centre de solutions HP.lnk . (.Hewlett-Packard Company - hpqdirec.exe.) -- C:\Program Files\HP\Digital Imaging\bin\hpqdirec.exe O4 - GS\Desktop [Public]: HP Photosmart Essential.lnk . (.Hewlett-Packard, Co. - HP Photosmart Essential.) -- C:\Program Files\HP\Photosmart Essential\HP_IZE.exe =>.Hewlett-Packard Co O4 - GS\Desktop [Public]: MicroApp 1,5 Million de Cliparts.lnk . (.Hemera Technologies Inc. www.hemera.com - GraphicsDesk.) -- C:\Program Files\MicroApp\MicroApp 1,5 Million de Cliparts\GraphicsDesk.exe O4 - GS\Program [Public]: Adobe Reader XI.lnk . (...) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico O4 - GS\Program [Public]: CDBurnerXP.lnk . (.Canneverbe Limited - CDBurnerXP.) -- C:\Program Files\CDBurnerXP\cdbxpp.exe O4 - GS\Program [Public]: Enregistrement OCR I.R.I.S..lnk . (.I.R.I.S. SA - Registration Wizard for I.R.I.S. products.) -- C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe O4 - GS\Program [Public]: Eye Candy 5.0 Nature Manual.lnk . (...) -- C:\Users\admin\Documents\Fourniture pour PFS X\Alien Skin\Eye Candy 5 Nature\ec5nature.pdf O4 - GS\Program [Public]: Microsoft Security Essentials.lnk . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe O4 - GS\Program [Public]: TeamViewer 8.lnk . (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer.exe O4 - GS\Program [Public]: Windows Calendar.lnk . (.Microsoft Corporation - Calendrier Windows.) -- C:\Program Files\Windows Calendar\WinCal.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Collaboration.lnk . (.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Contacts.lnk . (.Microsoft Corporation - Windows Contacts.) -- C:\Program Files\Windows Mail\wab.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Defender.lnk . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe O4 - GS\Program [Public]: Windows Live.lnk - Clé orpheline O4 - GS\Program [Public]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\MOVIEMK.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Photo Gallery.lnk . (.Microsoft Corporation - Galerie de photos Windows.) -- C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Xenofex 2 Manual.lnk . (...) -- C:\Users\admin\Documents\Fourniture pour PFS X\8BF\Xenofex 2\xenofex2.pdf O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\System32\calc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) -- C:\Windows\System32\mblctr.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\System32\mspaint.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\System32\mstsc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sidebar.lnk . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\System32\SoundRecorder.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Backup.lnk . (.Microsoft Corporation - Sauvegarde Microsoft® Windows.) -- C:\Windows\System32\sdclt.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\System32\charmap.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) -- C:\Windows\System32\dfrgui.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\System32\cleanmgr.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: migwiz.lnk . (.Microsoft Corporation - Transfert de fichiers et paramètres Windows.) -- C:\Windows\System32\migwiz\migwiz.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) -- C:\Windows\System32\msinfo32.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\System32\rstrui.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\System32\taskschd.msc O4 - GS\QuickLaunch [UpdatusUser]: 470 000 Cliparts.lnk . (.Hemera Technologies Inc. www.hemera.com - GraphicsDesk.) -- C:\Program Files\MicroApp\470 000 Cliparts\GraphicsDesk.exe O4 - GS\QuickLaunch [UpdatusUser]: MicroApp 1,5 Million de Cliparts.lnk . (.Hemera Technologies Inc. www.hemera.com - GraphicsDesk.) -- C:\Program Files\MicroApp\MicroApp 1,5 Million de Cliparts\GraphicsDesk.exe O4 - GS\QuickLaunch [UpdatusUser]: Plus de 200 000 Cliparts et Photos.lnk . (...) -- C:\Program Files\Micro Application\Plus de 200 000 Cliparts et Photos\GraphicsDesk.exe (.not file.) O4 - GS\Accessories [UpdatusUser]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>.Microsoft Corporation O4 - GS\Accessories [UpdatusUser]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\System32\notepad.exe =>.Microsoft Corporation O4 - GS\Accessories [UpdatusUser]: Run.lnk - Clé orpheline O4 - GS\Accessories [UpdatusUser]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation O4 - GS\Desktop [UpdatusUser]: PhotoFiltre Studio X.lnk . (.PhotoFiltre - PhotoFiltre Studio X.) -- C:\Program Files\PhotoFiltre Studio X\pfstudiox.exe O4 - GS\QuickLaunch [admin]: 22find.lnk . (...) -- C:\Program Files\Mozilla Firefox\firefox.exe (.not file.) =>Hijacker.22Find O4 - GS\QuickLaunch [admin]: 470 000 Cliparts.lnk . (.Hemera Technologies Inc. www.hemera.com - GraphicsDesk.) -- C:\Program Files\MicroApp\470 000 Cliparts\GraphicsDesk.exe O4 - GS\QuickLaunch [admin]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O4 - GS\QuickLaunch [admin]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch [admin]: MicroApp 1,5 Million de Cliparts.lnk . (.Hemera Technologies Inc. www.hemera.com - GraphicsDesk.) -- C:\Program Files\MicroApp\MicroApp 1,5 Million de Cliparts\GraphicsDesk.exe O4 - GS\QuickLaunch [admin]: setup - Raccourci.lnk . (.Microsoft Corporation - Microsoft Security Client Setup.) -- C:\Program Files\Microsoft Security Client\setup.exe O4 - GS\QuickLaunch [admin]: TeamViewer 8.lnk . (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer.exe O4 - GS\Program [admin]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\Program [admin]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation O4 - GS\Program [admin]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O4 - GS\Accessories [admin]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>.Microsoft Corporation O4 - GS\Accessories [admin]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\System32\notepad.exe =>.Microsoft Corporation O4 - GS\Accessories [admin]: Run.lnk - Clé orpheline O4 - GS\Accessories [admin]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation O4 - GS\SystemTools [admin]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\SendTo [admin]: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - GS\Desktop [admin]: 7zG - Raccourci.lnk . (.Igor Pavlov - 7-Zip GUI.) -- C:\Program Files\7-Zip\7zG.exe O4 - GS\Desktop [admin]: Cartes de Visite.lnk . (...) -- C:\Program Files\Micro Application\Cartes de Visite\draw1007.exe O4 - GS\Desktop [admin]: Centre de sécurité - Raccourci.lnk - Clé orpheline O4 - GS\Desktop [admin]: E-Anim.lnk . (...) -- C:\Program Files\e-anim\!run.bat O4 - GS\Desktop [admin]: iexplore - Raccourci (2).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\Desktop [admin]: Microsoft Office Excel 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe O4 - GS\Desktop [admin]: Microsoft Office PowerPoint 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe =>.Microsoft Corporation O4 - GS\Desktop [admin]: Microsoft Office Publisher 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe O4 - GS\Desktop [admin]: Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe O4 - GS\Desktop [admin]: Modèles pour Office.lnk . (.Micro Application - AppOffice.) -- C:\Program Files\Micro Application\Modeles pour Office\AppOffice.exe O4 - GS\Desktop [admin]: PhotoFiltre Studio X.lnk . (.PhotoFiltre - PhotoFiltre Studio X.) -- C:\Program Files\PhotoFiltre Studio X\pfstudiox.exe O4 - GS\Desktop [admin]: Rapports et solutions aux problèmes - Raccourci.lnk - Clé orpheline O4 - GS\Desktop [admin]: Scrapbook Edition Classic.lnk . (...) -- C:\Program Files\Micro Application\Scrapbook Edition Classic\draw1010.exe O4 - GS\Desktop [admin]: Sqirlz Water Reflections.lnk . (.xiberpix - Sqirlz Water Reflections.) -- C:\Program Files\Sqirlz Water Reflections\SqirlzReflect.exe O4 - GS\Desktop [admin]: Windows Photo Gallery.lnk . (.Microsoft Corporation - Galerie de photos Windows.) -- C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe =>.Microsoft Corporation O4 - GS\Desktop [admin]: Windows Update.lnk . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\System32\wuapp.exe ~ Global Startup: 80 Scanned in 00mn 00s ---\\ Applications lancées au démarrage du sytème (O4) O4 - GS\Startup [Public]: HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe =>.Hewlett-Packard Co O4 - GS\Startup [admin]: OpenOffice.org 3.4.1.lnk . (...) -- C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe =>.Realtek Semiconductor Corp O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline O4 - HKUS\S-1-5-21-2391148703-2938958122-1735579917-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-2391148703-2938958122-1735579917-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - HKUS\S-1-5-21-2391148703-2938958122-1735579917-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ~ Winsock: 6 Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{137C4188-9B51-4B9B-90CC-F7F0947A53ED}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{986AA61A-CC1A-41C6-A77F-43FE3969162E}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{DC9F4346-6F41-4C72-B921-7ACD41D74B8A}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{137C4188-9B51-4B9B-90CC-F7F0947A53ED}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{986AA61A-CC1A-41C6-A77F-43FE3969162E}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{DC9F4346-6F41-4C72-B921-7ACD41D74B8A}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{137C4188-9B51-4B9B-90CC-F7F0947A53ED}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{986AA61A-CC1A-41C6-A77F-43FE3969162E}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{DC9F4346-6F41-4C72-B921-7ACD41D74B8A}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =>.Microsoft Corporation O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ~ SSODL: 1 Scanned in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll ~ STS/SSO: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc O23 - Service: Intel(R) Capability Licensing Service In (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.0.) - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 8 (TeamViewer8) . (.TeamViewer GmbH - TeamViewer 8.) - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ~ Services: 9 Scanned in 00mn 02s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe O24 - Desktop General: BackupWallPaper - .(...) - C:\Windows\Web\Wallpaper\img16.jpg O24 - Desktop General: WallPaper - .(...) - C:\Windows\Web\Wallpaper\img16.jpg ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1050] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1054] [MD5.00000000000000000000000000000000] [APT] [4702] (...) -- C:\Users\admin\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0] [MD5.A283108E14F3970432C21AF4C0CB1BCE] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [257416] [MD5.00000000000000000000000000000000] [APT] [GoforFilesUpdate] (...) -- C:\Program Files\GoforFiles\GFFUpdater.exe (.not file.) [0] =>P2P.GoforFiles [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648] [MD5.00000000000000000000000000000000] [APT] [RunAsStdUser] (...) -- C:\Program Files\Desk 365\desk365.exe (.not file.) [0] =>Hijacker.22Find [MD5.00000000000000000000000000000000] [APT] [{0092C761-68C4-404D-B0F9-734F9325EFE0}] (...) -- F:\setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{3BCFD3E1-896C-4A08-818B-00B562BEF7E6}] (...) -- C:\Users\admin\Documents\pfsx-setup-fr-10.7.3.exe (.not file.) [0] ~ Scheduled Task: 12 Scanned in 00mn 01s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\system32\iedkcs32.dll O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe ~ Active Setup: 12 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\Windows\System32\DRIVERS\MpFilter.sys O41 - Driver: (MpKsl351cd3f2) . (.Microsoft Corporation - KSLDriver.) - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{56E8F2D3-67D0-458A-B5A7-DF6EC35E61EE}\MpKsl351cd3f2.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys ~ Drivers: 65 Scanned in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {A80FA752-C491-4ED9-ABF0-4278563160B2} O42 - Logiciel: 7-Zip 9.20 - (...) [HKLM] -- 7-Zip O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {5AF4B3C4-C393-48D7-AC7E-8E7615579548} O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader XI (11.0.05) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001} O42 - Logiciel: Alien Skin Eye Candy 5 Nature - (...) [HKLM] -- EyeCandy5Nature O42 - Logiciel: Alien Skin Xenofex 2.0 - (...) [HKLM] -- Xenofex2 O42 - Logiciel: Archiveur WinRAR - (...) [HKLM] -- WinRAR archiver O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1 O42 - Logiciel: Cartes de Visite - (.Micro Application.) [HKLM] -- {09301F67-9BF8-4F49-8109-9E5A23FD1C0E} O42 - Logiciel: Eye Candy 4000 - (...) [HKLM] -- Eye Candy 4000 O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>Toolbar.Google O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: HP Customer Participation Program 8.0 - (.HP.) [HKLM] -- HPExtendedCapabilities O42 - Logiciel: HP Imaging Device Functions 8.0 - (.HP.) [HKLM] -- HP Imaging Device Functions O42 - Logiciel: HP OCR Software 8.0 - (.HP.) [HKLM] -- HPOCR O42 - Logiciel: HP Photosmart Essential - (.HP.) [HKLM] -- {EB21A812-671B-4D08-B974-2A347F0D8F70} =>.Hewlett-Packard Co O42 - Logiciel: HP Photosmart.All-In-One Driver Software 8.0 .A - (.HP.) [HKLM] -- {282E5AB2-8E47-4571-B6FA-6B512555B557} =>.Hewlett-Packard Co O42 - Logiciel: HP Solution Center 8.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {8C6027FD-53DC-446D-BB75-CACD7028A134} O42 - Logiciel: HPSSupply - (.Nom de votre société.) [HKLM] -- {EB75DE50-5754-4F6F-875D-126EDF8E4CB3} O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM] -- {BCED7487-44BC-487C-94CF-824AB27909E0} O42 - Logiciel: IrfanView (remove only) - (.Irfan Skiljan.) [HKLM] -- IrfanView O42 - Logiciel: Java 7 Update 17 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217017FF} O42 - Logiciel: Java SE Development Kit 7 Update 13 - (.Oracle.) [HKLM] -- {32A3A4F4-B792-11D6-A78A-00B0D0170130} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: MicroApp 1,5 Million de Cliparts - (.MicroApp.) [HKLM] -- InstallShield_{8B0B35C7-D1FC-4C4E-A03F-B8736AF87BFF} O42 - Logiciel: MicroApp 470 000 Cliparts - (.MicroApp.) [HKLM] -- InstallShield_{6A7E3676-E09D-431D-AA16-1FD846DEB325} O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {05BFB060-4F22-4710-B0A2-2801A1B606C5} O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8} O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B} O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {50779A29-834E-4E36-BBEB-B7CABC67A825} O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Mises à jour NVIDIA 1.11.3 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update O42 - Logiciel: Modèles pour Office - (.Micro Application.) [HKLM] -- InstallShield_{EB2D7803-D46E-44A0-B544-6DF35815F07D} O42 - Logiciel: NVIDIA 3D Vision Controller Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIA StereoUSB Driver O42 - Logiciel: NVIDIA Logiciel système PhysX 9.10.0514 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {B9DB4C76-01A4-46D5-8910-F7AA6376DBAF} O42 - Logiciel: NVIDIA Pilote 3D Vision 311.06 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision O42 - Logiciel: NVIDIA Pilote audio HD : 1.2.23.3 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver O42 - Logiciel: NVIDIA Pilote du contrôleur 3D Vision 280.19 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB O42 - Logiciel: NVIDIA Pilote graphique 311.06 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo O42 - Logiciel: OpenOffice.org 3.4.1 - (.Apache Software Foundation.) [HKLM] -- {7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D} O42 - Logiciel: PDFCreator - (.pdfforge.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} O42 - Logiciel: Photo Notifier and Animation Creator - (.IncrediMail Ltd..) [HKLM] -- Photo Notifier and Animation Creator O42 - Logiciel: Photo Notifier and Animation Creator - (.Nom de votre société.) [HKLM] -- {6B7F28D4-160E-40C6-B7C8-5EC6B9734DA7} O42 - Logiciel: PhotoFiltre Studio X - (...) [HKCU] -- PhotoFiltre Studio X O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Scrapbook Edition Classic - (.Micro Application.) [HKLM] -- {F3E32A5B-F230-4110-8F08-44A3AC0C3D9F} O42 - Logiciel: Skype™ 6.1 - (.Skype Technologies S.A..) [HKLM] -- {1845470B-EB14-4ABC-835B-E36C693DC07D} O42 - Logiciel: Sqirlz Water Reflections - (.xiberpix.) [HKLM] -- Sqirlz Water Reflections O42 - Logiciel: TeamViewer 8 - (.TeamViewer.) [HKLM] -- TeamViewer 8 O42 - Logiciel: VLC media player 2.0.5 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN O42 - Logiciel: e-anim 10.02.022 - (...) [HKCU] -- e-anim 10.02.022 O42 - Logiciel: msvcrt_installer - (.SAH.) [HKLM] -- {6068A42A-C1CF-45F2-9859-5DB16287FE5D} ~ Logic: 103 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\5928cd9b36aba44] [HKCU\Software\7-Zip] [HKCU\Software\Adobe] [HKCU\Software\Alien Skin] [HKCU\Software\AppDataLow\Software\JavaSoft] [HKCU\Software\AppDataLow\{553F4221-46C9-4218-B2C1-1DB737F67206}] [HKCU\Software\AppDataLow\{73F14E83-4ABE-4365-9DD9-5BF7291B1B66}] [HKCU\Software\AppDataLow] [HKCU\Software\Auslogics] [HKCU\Software\Avast Software] [HKCU\Software\Canneverbe Limited] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\DragonFly] [HKCU\Software\Flaming Pear PV] [HKCU\Software\GlarySoft] [HKCU\Software\GoforFiles] =>P2P.GoforFiles [HKCU\Software\Google] [HKCU\Software\Hemera Technologies Inc.] [HKCU\Software\Hewlett-Packard] [HKCU\Software\HookNetwork] [HKCU\Software\I.C.NET Software GmbH] [HKCU\Software\IM Providers] [HKCU\Software\IM] [HKCU\Software\ImInstaller] [HKCU\Software\IncrediMail] [HKCU\Software\JavaSoft] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Micro Application] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Netscape] [HKCU\Software\New Virtual Research] [HKCU\Software\ODBC] [HKCU\Software\OpenOffice.org] [HKCU\Software\PDFCreator] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\SFX TEAM] [HKCU\Software\Skype] [HKCU\Software\Softonic] =>Toolbar.Conduit [HKCU\Software\TeamViewer] [HKCU\Software\TeleCharger] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\xiberpix] [HKLM\Software\5928cd9b36aba44] [HKLM\Software\AGEIA Technologies] [HKLM\Software\AVAST Software] [HKLM\Software\Adobe] [HKLM\Software\Alien Skin] [HKLM\Software\Babylon] =>Toolbar.Babylon [HKLM\Software\BrowserChoice] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Creative Tech] [HKLM\Software\DataMngr] =>PUP.Datamngr [HKLM\Software\DivXNetworks] [HKLM\Software\GlarySoft] [HKLM\Software\GoforFiles] =>P2P.GoforFiles [HKLM\Software\Google] [HKLM\Software\Hemera Technologies Inc.] [HKLM\Software\Hewlett-Packard] [HKLM\Software\ICE] [HKLM\Software\IM Providers] [HKLM\Software\ImInstaller] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\MSI] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NETGEAR] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\OpenOffice.org] [HKLM\Software\PDFCreator] [HKLM\Software\Policies] [HKLM\Software\Preclick] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SERCOMM] [HKLM\Software\SRS Labs] [HKLM\Software\Skype] [HKLM\Software\Tarma Installer] =>PUP.Tarma [HKLM\Software\TeamViewer] [HKLM\Software\V9] [HKLM\Software\VideoLAN] [HKLM\Software\Waves Audio] [HKLM\Software\deskSvc] [HKLM\Software\findSoftware] [HKLM\Software\hdcode] [HKLM\Software\mozilla.org] [HKLM\Software\webtogo] [HKLM\Software\xiberpix] ~ Key Software: 149 Scanned in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 08/02/2013 - 11:29:02 - [3,348] ----D C:\Program Files\7-Zip O43 - CFD: 08/02/2013 - 11:35:42 - [120,739] ----D C:\Program Files\Adobe O43 - CFD: 17/06/2013 - 10:05:12 - [0,542] ----D C:\Program Files\Alien Skin O43 - CFD: 08/02/2013 - 11:11:10 - [0] ----D C:\Program Files\AVAST Software O43 - CFD: 08/02/2013 - 11:41:39 - [17,073] ----D C:\Program Files\CDBurnerXP O43 - CFD: 19/10/2013 - 08:42:42 - [356,401] ----D C:\Program Files\Common Files O43 - CFD: 24/10/2013 - 13:07:37 - [0] ----D C:\Program Files\Desk 365 =>Hijacker.22Find O43 - CFD: 16/05/2013 - 17:50:41 - [306,573] ----D C:\Program Files\e-anim O43 - CFD: 06/02/2013 - 13:06:52 - [0] -SH-D C:\Program Files\Fichiers communs O43 - CFD: 21/04/2013 - 08:03:05 - [513,340] ----D C:\Program Files\Google O43 - CFD: 19/10/2013 - 08:43:07 - [0] ----D C:\Program Files\Hewlett-Packard O43 - CFD: 19/10/2013 - 08:44:49 - [181,292] ----D C:\Program Files\HP O43 - CFD: 17/02/2013 - 18:52:15 - [14,847] --H-D C:\Program Files\InstallShield Installation Information O43 - CFD: 08/02/2013 - 12:19:14 - [22,230] ----D C:\Program Files\Intel O43 - CFD: 10/10/2013 - 09:39:09 - [5,037] ----D C:\Program Files\Internet Explorer O43 - CFD: 08/02/2013 - 11:29:03 - [1,807] ----D C:\Program Files\IrfanView O43 - CFD: 26/03/2013 - 11:02:02 - [348,641] ----D C:\Program Files\Java O43 - CFD: 24/10/2013 - 11:01:17 - [13,251] ----D C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 17/02/2013 - 18:52:11 - [-1264,479] ----D C:\Program Files\Micro Application O43 - CFD: 16/02/2013 - 16:21:18 - [1561,919] ----D C:\Program Files\MicroApp O43 - CFD: 02/11/2006 - 14:35:51 - [44,772] ----D C:\Program Files\Microsoft Games O43 - CFD: 22/06/2013 - 11:06:03 - [561,101] ----D C:\Program Files\Microsoft Office O43 - CFD: 26/03/2013 - 12:02:29 - [16,955] ----D C:\Program Files\Microsoft Security Client O43 - CFD: 10/10/2013 - 09:40:27 - [40,851] ----D C:\Program Files\Microsoft Silverlight O43 - CFD: 16/02/2013 - 13:32:50 - [0,014] ----D C:\Program Files\Microsoft Visual Studio O43 - CFD: 16/02/2013 - 13:20:45 - [1,323] ----D C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 23/02/2013 - 08:51:28 - [3,554] ----D C:\Program Files\Microsoft Works O43 - CFD: 25/06/2013 - 06:55:00 - [7,789] ----D C:\Program Files\Microsoft.NET O43 - CFD: 22/06/2013 - 11:43:33 - [19,522] ----D C:\Program Files\Movie Maker O43 - CFD: 16/02/2013 - 13:33:00 - [0,025] ----D C:\Program Files\MSBuild O43 - CFD: 22/02/2013 - 19:10:34 - [0] ----D C:\Program Files\MSXML 4.0 O43 - CFD: 24/06/2013 - 06:33:06 - [801,497] ----D C:\Program Files\NVIDIA Corporation O43 - CFD: 08/02/2013 - 11:40:37 - [288,773] ----D C:\Program Files\OpenOffice.org 3 O43 - CFD: 08/02/2013 - 11:30:45 - [25,787] ----D C:\Program Files\PDFCreator O43 - CFD: 26/03/2013 - 11:39:58 - [2,630] ----D C:\Program Files\Photo Notifier and Animation Creator O43 - CFD: 16/05/2013 - 17:58:00 - [43,636] ----D C:\Program Files\PhotoFiltre Studio X O43 - CFD: 12/02/2013 - 18:19:57 - [16,482] ----D C:\Program Files\Realtek O43 - CFD: 02/11/2006 - 14:35:51 - [36,910] ----D C:\Program Files\Reference Assemblies O43 - CFD: 08/02/2013 - 11:32:13 - [17,854] R---D C:\Program Files\Skype O43 - CFD: 16/05/2013 - 17:37:19 - [5,673] ----D C:\Program Files\Sqirlz Water Reflections O43 - CFD: 17/10/2013 - 11:11:17 - [26,559] ----D C:\Program Files\TeamViewer O43 - CFD: 06/02/2013 - 15:53:07 - [0] --H-D C:\Program Files\Temp O43 - CFD: 02/11/2006 - 14:58:18 - [0] --H-D C:\Program Files\Uninstall Information O43 - CFD: 08/02/2013 - 11:33:27 - [94,419] ----D C:\Program Files\VideoLAN O43 - CFD: 22/06/2013 - 11:43:33 - [0,970] ----D C:\Program Files\Windows Calendar O43 - CFD: 22/06/2013 - 11:43:33 - [2,610] ----D C:\Program Files\Windows Collaboration O43 - CFD: 22/06/2013 - 11:43:31 - [4,283] ----D C:\Program Files\Windows Defender O43 - CFD: 23/06/2013 - 21:32:18 - [8,522] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation O43 - CFD: 22/06/2013 - 11:43:33 - [4,290] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation O43 - CFD: 06/02/2013 - 13:06:52 - [7,589] ----D C:\Program Files\Windows NT O43 - CFD: 22/06/2013 - 11:43:33 - [7,847] ----D C:\Program Files\Windows Photo Gallery O43 - CFD: 23/06/2013 - 21:33:35 - [0,128] ----D C:\Program Files\Windows Portable Devices O43 - CFD: 22/06/2013 - 11:43:33 - [6,225] ----D C:\Program Files\Windows Sidebar O43 - CFD: 08/02/2013 - 11:11:19 - [3,280] ----D C:\Program Files\WinRAR O43 - CFD: 26/10/2013 - 11:49:45 - [23,559] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman O43 - CFD: 22/02/2013 - 17:26:46 - [0] ----D C:\Program Files\Common Files\337 O43 - CFD: 08/02/2013 - 11:35:47 - [6,289] ----D C:\Program Files\Common Files\Adobe O43 - CFD: 24/03/2013 - 15:00:33 - [44,202] ----D C:\Program Files\Common Files\Adobe AIR O43 - CFD: 16/02/2013 - 13:32:50 - [0,089] ----D C:\Program Files\Common Files\DESIGNER O43 - CFD: 16/02/2013 - 14:21:28 - [0,436] ----D C:\Program Files\Common Files\Hewlett-Packard O43 - CFD: 19/10/2013 - 08:44:53 - [2,065] ----D C:\Program Files\Common Files\HP O43 - CFD: 16/02/2013 - 16:11:11 - [3,572] ----D C:\Program Files\Common Files\InstallShield O43 - CFD: 08/02/2013 - 11:28:53 - [1,184] ----D C:\Program Files\Common Files\Java O43 - CFD: 23/02/2013 - 08:51:40 - [216,304] ----D C:\Program Files\Common Files\microsoft shared O43 - CFD: 08/02/2013 - 12:18:05 - [0,185] ----D C:\Program Files\Common Files\postureAgent O43 - CFD: 02/11/2006 - 13:18:33 - [0,003] ----D C:\Program Files\Common Files\Services O43 - CFD: 08/02/2013 - 11:32:13 - [2,056] ----D C:\Program Files\Common Files\Skype O43 - CFD: 02/11/2006 - 13:18:33 - [39,198] ----D C:\Program Files\Common Files\SpeechEngines O43 - CFD: 23/06/2013 - 21:32:00 - [40,820] ----D C:\Program Files\Common Files\System O43 - CFD: 21/04/2013 - 08:04:03 - [166,072] ----D C:\ProgramData\Adobe O43 - CFD: 17/06/2013 - 10:07:09 - [0] ----D C:\ProgramData\Alien Skin O43 - CFD: 02/11/2006 - 14:59:44 - [0] -SH-D C:\ProgramData\Application Data O43 - CFD: 26/03/2013 - 12:41:30 - [0] ----D C:\ProgramData\AVAST Software O43 - CFD: 22/02/2013 - 17:33:09 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon O43 - CFD: 06/02/2013 - 13:06:52 - [0] -SH-D C:\ProgramData\Bureau O43 - CFD: 16/02/2013 - 14:32:35 - [0] ----D C:\ProgramData\Canneverbe Limited O43 - CFD: 02/11/2006 - 14:59:44 - [0] -SH-D C:\ProgramData\Desktop O43 - CFD: 02/11/2006 - 14:59:44 - [0] -SH-D C:\ProgramData\Documents O43 - CFD: 06/02/2013 - 13:06:52 - [0] -SH-D C:\ProgramData\Favoris O43 - CFD: 02/11/2006 - 14:59:44 - [0] -SH-D C:\ProgramData\Favorites O43 - CFD: 20/03/2013 - 14:22:01 - [0,012] ----D C:\ProgramData\Google O43 - CFD: 16/02/2013 - 14:18:06 - [0,498] ----D C:\ProgramData\Hewlett-Packard O43 - CFD: 19/10/2013 - 08:44:19 - [5,009] ----D C:\ProgramData\HP O43 - CFD: 16/10/2013 - 16:51:15 - [0] ----D C:\ProgramData\HPSSUPPLY O43 - CFD: 26/03/2013 - 11:40:05 - [0] ----D C:\ProgramData\IM O43 - CFD: 26/03/2013 - 11:39:04 - [0,012] ----D C:\ProgramData\IncrediMail O43 - CFD: 08/02/2013 - 12:19:22 - [0,748] ----D C:\ProgramData\Intel O43 - CFD: 24/10/2013 - 11:01:14 - [6,422] ----D C:\ProgramData\Malwarebytes O43 - CFD: 06/02/2013 - 13:06:52 - [0] -SH-D C:\ProgramData\Menu Démarrer O43 - CFD: 21/10/2013 - 21:19:36 - [2008,751] -S--D C:\ProgramData\Microsoft O43 - CFD: 10/10/2013 - 09:11:33 - [0,061] ----D C:\ProgramData\Microsoft Help O43 - CFD: 06/02/2013 - 13:06:52 - [0] -SH-D C:\ProgramData\Modèles O43 - CFD: 08/02/2013 - 11:25:58 - [0] ----D C:\ProgramData\Mozilla O43 - CFD: 26/10/2013 - 07:46:54 - [2,744] ----D C:\ProgramData\NVIDIA O43 - CFD: 08/02/2013 - 15:37:30 - [2,104] ----D C:\ProgramData\NVIDIA Corporation O43 - CFD: 26/03/2013 - 11:39:58 - [0,982] ----D C:\ProgramData\Photo Notifier and Animation Creator O43 - CFD: 08/02/2013 - 11:32:15 - [22,397] ----D C:\ProgramData\Skype O43 - CFD: 02/11/2006 - 14:59:44 - [0] -SH-D C:\ProgramData\Start Menu O43 - CFD: 08/02/2013 - 11:28:54 - [0] ----D C:\ProgramData\Sun O43 - CFD: 02/11/2006 - 14:59:44 - [0] -SH-D C:\ProgramData\Templates O43 - CFD: 16/02/2013 - 14:24:47 - [0] ----D C:\ProgramData\WEBREG O43 - CFD: 12/04/2013 - 13:09:32 - [0,401] ----D C:\Users\admin\AppData\Roaming\Adobe O43 - CFD: 21/06/2013 - 10:11:59 - [0,003] ----D C:\Users\admin\AppData\Roaming\Alien Skin O43 - CFD: 26/03/2013 - 10:57:42 - [0] ----D C:\Users\admin\AppData\Roaming\Auslogics O43 - CFD: 24/10/2013 - 13:07:37 - [0] ----D C:\Users\admin\AppData\Roaming\Babylon =>Toolbar.Babylon O43 - CFD: 08/02/2013 - 11:41:41 - [0,001] ----D C:\Users\admin\AppData\Roaming\Canneverbe Limited O43 - CFD: 24/10/2013 - 13:07:37 - [0] ----D C:\Users\admin\AppData\Roaming\Desk 365 =>Hijacker.22Find O43 - CFD: 02/04/2013 - 13:55:11 - [0] ----D C:\Users\admin\AppData\Roaming\dvdcss O43 - CFD: 22/02/2013 - 17:33:08 - [0,001] ----D C:\Users\admin\AppData\Roaming\GoforFiles =>P2P.GoforFiles O43 - CFD: 22/03/2013 - 09:13:53 - [0,021] ----D C:\Users\admin\AppData\Roaming\Google O43 - CFD: 16/02/2013 - 16:29:02 - [0,001] ----D C:\Users\admin\AppData\Roaming\Hemera O43 - CFD: 18/02/2013 - 20:37:42 - [0,220] ----D C:\Users\admin\AppData\Roaming\HP O43 - CFD: 26/03/2013 - 20:25:05 - [0] ----D C:\Users\admin\AppData\Roaming\Identities O43 - CFD: 22/10/2013 - 12:55:28 - [8,692] ----D C:\Users\admin\AppData\Roaming\Image Zone Express O43 - CFD: 08/02/2013 - 11:01:56 - [0] ----D C:\Users\admin\AppData\Roaming\InstallShield O43 - CFD: 08/02/2013 - 11:27:32 - [0,088] ----D C:\Users\admin\AppData\Roaming\Macromedia O43 - CFD: 24/10/2013 - 11:01:23 - [69,262] ----D C:\Users\admin\AppData\Roaming\Malwarebytes O43 - CFD: 21/10/2013 - 21:19:36 - [23,076] -S--D C:\Users\admin\AppData\Roaming\Microsoft O43 - CFD: 08/02/2013 - 11:57:00 - [13,490] ----D C:\Users\admin\AppData\Roaming\Mozilla O43 - CFD: 08/08/2013 - 08:10:30 - [12,381] ----D C:\Users\admin\AppData\Roaming\OpenOffice.org O43 - CFD: 08/02/2013 - 11:30:40 - [0,001] ----D C:\Users\admin\AppData\Roaming\pdfforge O43 - CFD: 15/02/2013 - 16:02:43 - [0,001] ----D C:\Users\admin\AppData\Roaming\PhotoFiltre 7 O43 - CFD: 28/07/2013 - 21:40:59 - [0,012] ----D C:\Users\admin\AppData\Roaming\PhotoFiltre Studio X O43 - CFD: 17/03/2013 - 23:01:18 - [0,006] ----D C:\Users\admin\AppData\Roaming\Printer Info Cache O43 - CFD: 26/10/2013 - 11:47:32 - [3,911] ----D C:\Users\admin\AppData\Roaming\Skype O43 - CFD: 19/10/2013 - 18:38:47 - [0,739] ----D C:\Users\admin\AppData\Roaming\vlc O43 - CFD: 09/09/2013 - 03:07:06 - [0] ----D C:\Users\admin\AppData\Roaming\WinRAR O43 - CFD: 26/10/2013 - 11:50:42 - [0,211] ----D C:\Users\admin\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 16/07/2013 - 07:03:13 - [17,910] ----D C:\Users\admin\AppData\Local\Adobe O43 - CFD: 17/06/2013 - 10:06:48 - [0] ----D C:\Users\admin\AppData\Local\Alien Skin O43 - CFD: 06/02/2013 - 13:08:39 - [0] -SH-D C:\Users\admin\AppData\Local\Application Data O43 - CFD: 21/04/2013 - 08:03:41 - [132,399] ----D C:\Users\admin\AppData\Local\Google O43 - CFD: 06/02/2013 - 13:08:39 - [0] -SH-D C:\Users\admin\AppData\Local\Historique O43 - CFD: 26/03/2013 - 11:41:14 - [16,860] ----D C:\Users\admin\AppData\Local\IM O43 - CFD: 08/02/2013 - 11:58:23 - [0] ----D C:\Users\admin\AppData\Local\Macromedia O43 - CFD: 16/02/2013 - 15:59:29 - [0,314] ----D C:\Users\admin\AppData\Local\Micro Application O43 - CFD: 24/02/2013 - 17:33:50 - [1200,581] ----D C:\Users\admin\AppData\Local\Microsoft O43 - CFD: 11/05/2013 - 19:17:34 - [0,287] ----D C:\Users\admin\AppData\Local\Microsoft Help O43 - CFD: 08/02/2013 - 11:56:55 - [6,914] ----D C:\Users\admin\AppData\Local\Mozilla O43 - CFD: 26/10/2013 - 11:36:14 - [-1796,791] ----D C:\Users\admin\AppData\Local\Temp O43 - CFD: 06/02/2013 - 13:08:39 - [0] -SH-D C:\Users\admin\AppData\Local\Temporary Internet Files O43 - CFD: 04/05/2013 - 22:34:04 - [19,540] ----D C:\Users\admin\AppData\Local\VirtualStore O43 - CFD: 23/02/2013 - 08:36:48 - [0,016] ----D C:\Users\admin\AppData\Local\WindowsUpdate O43 - CFD: 02/11/2006 - 14:51:30 - [0,015] R---D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 06/02/2013 - 13:08:50 - [0] R---D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 02/11/2006 - 14:47:50 - [0,001] R---D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 16/02/2013 - 16:03:08 - [0,008] ----D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Micro Application O43 - CFD: 16/05/2013 - 17:15:51 - [0] ----D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X O43 - CFD: 16/05/2013 - 17:37:19 - [0,003] ----D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections O43 - CFD: 08/08/2013 - 08:10:42 - [0,001] R---D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 08/02/2013 - 11:11:19 - [0,002] ----D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ~ Program Folder: 151 Scanned in 00mn 01s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.50656E1EBCD62DD470762B05FB087304] - 19/10/2013 - 07:19:48 ----- . (...) -- C:\Windows\hpoins18.dat.temp [145780] O44 - LFC:[MD5.507F0E4A942D79CF023FF3AD0F4474D1] - 19/10/2013 - 07:27:54 ---A- . (...) -- C:\Windows\PFRO.log [43630] O44 - LFC:[MD5.3E43E13EFCF744BFD2F33CF9807996DC] - 19/10/2013 - 07:40:37 ---A- . (...) -- C:\Windows\DPINST.LOG [35008] O44 - LFC:[MD5.CEAE82FAE01F422EEDB004407A9C6023] - 22/10/2013 - 07:35:23 ---A- . (...) -- C:\Windows\setupact.log [76134] O44 - LFC:[MD5.5DCABDAC60DA90A663CD9A5D0A05179C] - 22/10/2013 - 07:35:32 ---A- . (...) -- C:\Windows\win.ini [254] O44 - LFC:[MD5.C662E7782A84A617A84F188AA9ECD4B8] - 22/10/2013 - 07:39:12 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1495948] O44 - LFC:[MD5.A35F69D674DF72590F27B8FEC4556517] - 22/10/2013 - 07:39:12 ---A- . (...) -- C:\Windows\System32\perfc009.dat [103872] O44 - LFC:[MD5.663FB11F74ADE5382A5A4857F6E77415] - 22/10/2013 - 07:39:12 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [126420] O44 - LFC:[MD5.B026801D96333FA8668CD229078F7732] - 22/10/2013 - 07:39:12 ---A- . (...) -- C:\Windows\System32\perfh009.dat [595798] O44 - LFC:[MD5.C8AB8F82E48814B759F04BE4767549DB] - 22/10/2013 - 07:39:12 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [678804] O44 - LFC:[MD5.560217BD279679DF86AA55E41924F62F] - 22/10/2013 - 07:54:06 ---A- . (...) -- C:\Windows\hpoins18.dat [146377] O44 - LFC:[MD5.F5A2769FA8AE7CF23E211AC53B861F35] - 23/10/2013 - 20:11:15 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [834496] O44 - LFC:[MD5.4470E3C1E0C3378E4CAB137893C12C3A] - 24/10/2013 - 10:01:12 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [22856] O44 - LFC:[MD5.0DB7527DB188C7D967A37BB51BBF3963] - 24/10/2013 - 13:57:01 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\Drivers\mbamswissarmy.sys [40776] O44 - LFC:[MD5.84881D45C220A95971A86817AFE36CA0] - 26/10/2013 - 06:46:53 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.4FD1450CADE60F3D3A0DFDAD43EE84F1] - 26/10/2013 - 09:33:31 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1710923] O44 - LFC:[MD5.17895CC6ECF5545A44B9A79F21633598] - 26/10/2013 - 10:07:28 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] ~ Files: 17 Scanned in 00mn 01s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.3F859BC142BDA56A3F7A08B72D6B16A5] - 04/10/2013 - 20:18:56 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx O45 - LFCP:[MD5.83CD398B8239E7B9463B5CE269726F2C] - 04/10/2013 - 20:19:56 ---A- - C:\Windows\Prefetch\AgCx_SC1.db O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 08/08/2040 - 04:05:14 ----D - C:\Windows\Prefetch\ReadyBoot O45 - LFCP:[MD5.FCDC1614A064C177A136175E97D4F86E] - 22/10/2013 - 07:35:00 ---A- - C:\Windows\Prefetch\DRVINST.EXE-4CB4314A.pf O45 - LFCP:[MD5.99B34A4852B282DAC574129AF07CC484] - 22/10/2013 - 07:35:34 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-A2D55CB6.pf O45 - LFCP:[MD5.ED95A6DEF0B191D1EE672666C98FAE9F] - 22/10/2013 - 08:19:20 ---A- - C:\Windows\Prefetch\Layout.ini O45 - LFCP:[MD5.C4FC4AD2E687A8D9A08406952EC9F8DC] - 22/10/2013 - 08:19:27 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-588F90AD.pf O45 - LFCP:[MD5.379E05E5566213C2DCDE920BE404FC4F] - 22/10/2013 - 08:19:30 ---A- - C:\Windows\Prefetch\DFRGNTFS.EXE-7E4077FE.pf O45 - LFCP:[MD5.32D6FF06BD4C75ADBF4FBF5A879CB54F] - 22/10/2013 - 11:49:50 ---A- - C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf O45 - LFCP:[MD5.D355BCEDA2BAA367FB17007A26DEBAEC] - 22/10/2013 - 11:49:50 ---A- - C:\Windows\Prefetch\NVVSVC.EXE-0B2AA3F6.pf O45 - LFCP:[MD5.99199C2F73E45D0F6E26558A2890647D] - 22/10/2013 - 11:49:50 ---A- - C:\Windows\Prefetch\NVXDSYNC.EXE-EE6F7768.pf O45 - LFCP:[MD5.048C2263309A097E4716A43941053482] - 22/10/2013 - 11:49:50 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-17944F30.pf O45 - LFCP:[MD5.69414D6AC220ACD333863561CFE66CA2] - 22/10/2013 - 11:49:50 ---A- - C:\Windows\Prefetch\USERINIT.EXE-2257A3E7.pf O45 - LFCP:[MD5.306E743AA305ABA3D8BDDD7280374755] - 22/10/2013 - 11:50:02 ---A- - C:\Windows\Prefetch\READER_SL.EXE-6BFEB128.pf O45 - LFCP:[MD5.7A9FB9DE2DB17269C35832EA505D14DB] - 22/10/2013 - 11:52:46 ---A- - C:\Windows\Prefetch\HPQDIREC.EXE-6B6EA665.pf O45 - LFCP:[MD5.E9A22C7591E39B1D7E2AF8689E863F3C] - 22/10/2013 - 11:54:16 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf O45 - LFCP:[MD5.7D647D95C2A31B30EDDDB0DA3FCC4E00] - 22/10/2013 - 11:54:44 ---A- - C:\Windows\Prefetch\HPQDSTCP.EXE-00539358.pf O45 - LFCP:[MD5.C13DF73508642AD42A3C65E757838D86] - 22/10/2013 - 11:54:44 ---A- - C:\Windows\Prefetch\HPQKYGRP.EXE-50CBDD0B.pf O45 - LFCP:[MD5.22F050A6C293CC5ADAE01C2928210A6A] - 22/10/2013 - 11:54:47 ---A- - C:\Windows\Prefetch\HPQSCNVW.EXE-3E0AD7DF.pf O45 - LFCP:[MD5.50E6A0069739AD5AC8BDF4994A5707C6] - 22/10/2013 - 11:55:27 ---A- - C:\Windows\Prefetch\DOCPROC.EXE-40C4D914.pf O45 - LFCP:[MD5.6CD6E9E29D7690687CEC4B6BB52D0A9B] - 22/10/2013 - 11:55:36 ---A- - C:\Windows\Prefetch\HP_IZE.EXE-5A54D862.pf O45 - LFCP:[MD5.C019424C1B870D70611F91BCF2E97203] - 22/10/2013 - 17:44:07 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.161.343.0.EX-C925F84A.pf O45 - LFCP:[MD5.B3D307FC4060CED78FDADB7AFEF349BC] - 22/10/2013 - 17:55:49 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-4A10D371.pf O45 - LFCP:[MD5.BA5B82F5A35580D117B1A0F60B35FBA8] - 22/10/2013 - 17:56:56 ---A- - C:\Windows\Prefetch\HELPPANE.EXE-FEDC965B.pf O45 - LFCP:[MD5.D766007EE9E8FEBE8235BC4E582E56D6] - 22/10/2013 - 18:01:00 ---A- - C:\Windows\Prefetch\HPRBLOG.EXE-EF38A44E.pf O45 - LFCP:[MD5.6CD221E142BB8357D7BBAC988C42038E] - 22/10/2013 - 18:01:27 ---A- - C:\Windows\Prefetch\HPQPPROP.EXE-54B2B73F.pf O45 - LFCP:[MD5.89E9C4D0F26C2BDEF741CCB4AC68B7CC] - 22/10/2013 - 18:01:33 ---A- - C:\Windows\Prefetch\HPQTBX01.EXE-5B14679D.pf O45 - LFCP:[MD5.D607CD93BBD7E8338A1775074172E26D] - 22/10/2013 - 18:01:37 ---A- - C:\Windows\Prefetch\HPQUSGL.EXE-BF611759.pf O45 - LFCP:[MD5.80DBE54B88D4A95D38C7080E76A51065] - 22/10/2013 - 19:55:25 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-1304AE86.pf O45 - LFCP:[MD5.31D768EFE56AC45512BB863AE1363C1C] - 22/10/2013 - 19:55:33 ---A- - C:\Windows\Prefetch\MOBSYNC.EXE-C5E2284F.pf O45 - LFCP:[MD5.41372C64E75C7A67906CF86A8CEF5004] - 23/10/2013 - 19:48:22 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-601D770E.pf O45 - LFCP:[MD5.EF63227F4724CD8F69A627001226B7F7] - 23/10/2013 - 19:52:37 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6A473D35.pf O45 - LFCP:[MD5.DF20D0264EBDC9C9B2B2631D1C8907C3] - 23/10/2013 - 20:12:11 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf O45 - LFCP:[MD5.12D772632D9BC3E5CE1543ED141A6A3E] - 23/10/2013 - 20:12:11 ---A- - C:\Windows\Prefetch\SLSVC.EXE-53F2276F.pf O45 - LFCP:[MD5.D70ECD3307F3B8B589F2E2D0E7D1AD10] - 23/10/2013 - 20:12:11 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-05F624AB.pf O45 - LFCP:[MD5.49FAEF5ADF2A22A2CDA687633BA28409] - 23/10/2013 - 20:12:11 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5901D5E8.pf O45 - LFCP:[MD5.7D997E2B0F3C9F244E68601C22B999B7] - 23/10/2013 - 20:12:11 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-A1476A17.pf O45 - LFCP:[MD5.EF2442283BC938E00E6586CFFF045F6D] - 23/10/2013 - 20:12:11 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-A6A810C9.pf O45 - LFCP:[MD5.46E414724F5692BBC4CF01D2F1D7B25B] - 23/10/2013 - 20:12:11 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-CF79EE4C.pf O45 - LFCP:[MD5.D811D118E698F886F05E41F401D74D1B] - 23/10/2013 - 22:21:54 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.161.462.0.EX-CCD956D4.pf O45 - LFCP:[MD5.6F19BC9587BF47FD5CD12AF3B99D9F93] - 24/10/2013 - 07:40:22 ---A- - C:\Windows\Prefetch\CONTROL.EXE-817F8F1D.pf O45 - LFCP:[MD5.2C71165D062EF268E4724FDE3A226120] - 24/10/2013 - 10:01:06 ---A- - C:\Windows\Prefetch\MBAM-SETUP-1.75.0.1300.EXE-91FF98BB.pf O45 - LFCP:[MD5.9FAE0B36C9327346628C1B84D37C23CF] - 24/10/2013 - 10:01:06 ---A- - C:\Windows\Prefetch\MBAM-SETUP-1.75.0.1300.TMP-1C0B8717.pf O45 - LFCP:[MD5.82E1F661FC2F7DD1E567526F3EC019E9] - 24/10/2013 - 10:10:34 ---A- - C:\Windows\Prefetch\WUAPP.EXE-C6167071.pf O45 - LFCP:[MD5.91614732BB416CCF5FF79364EC180DB5] - 24/10/2013 - 10:21:10 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-C07AF423.pf O45 - LFCP:[MD5.60053C052E654C2BB6C9ADE9C3C1C309] - 24/10/2013 - 10:22:13 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-974607B0.pf O45 - LFCP:[MD5.1D660C1DA33F1956B6691FFB444A9465] - 24/10/2013 - 12:01:28 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-6D10E244.pf O45 - LFCP:[MD5.AD284D2A735394763B923F65800AA82B] - 24/10/2013 - 12:07:32 ---A- - C:\Windows\Prefetch\REGEDIT.EXE-35B4B7CB.pf O45 - LFCP:[MD5.B2E5652DA6826BBBF4C1E7217A5CBA7E] - 24/10/2013 - 13:57:01 ---A- - C:\Windows\Prefetch\MBAM.EXE-305FF92C.pf O45 - LFCP:[MD5.C2CE946557E8AF34487F2ADF4258154B] - 24/10/2013 - 13:57:01 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-8461DBEE.pf O45 - LFCP:[MD5.DAE2E0FD2E86A9A8A0FC56B08CEBBDE8] - 24/10/2013 - 15:14:56 ---A- - C:\Windows\Prefetch\MSHTA.EXE-A970B441.pf O45 - LFCP:[MD5.0019256C42D99EFA2A1FE9A3E60CE36F] - 25/10/2013 - 06:24:11 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-007FEA55.pf O45 - LFCP:[MD5.B7C39907A60B737F4F8420A93A34B471] - 25/10/2013 - 06:33:02 ---A- - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf O45 - LFCP:[MD5.44735D4A79E45EC13A53D4F8370032FD] - 25/10/2013 - 06:33:11 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf O45 - LFCP:[MD5.1A6624E290D2424548FAA51A3BE595AA] - 25/10/2013 - 06:33:27 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.161.563.0.EX-25422EEE.pf O45 - LFCP:[MD5.533449E5E697E36582F357AA9E42D1FD] - 25/10/2013 - 08:47:59 ---A- - C:\Windows\Prefetch\LOGON.SCR-30601369.pf O45 - LFCP:[MD5.67FB606F817FFAC0ECF6B6311DA848EB] - 25/10/2013 - 09:16:55 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-BF1A352E.pf O45 - LFCP:[MD5.7AC22A4CB7131005AE6B653C2B59DB18] - 25/10/2013 - 09:16:55 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-FD126C57.pf O45 - LFCP:[MD5.EFEA0F60BE3E5B6EB5F65F5E663FF09C] - 25/10/2013 - 09:21:05 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2391148703-2938958122-1735579917-1000.db O45 - LFCP:[MD5.F02CEBFA251934FA2E90F423CFA102A0] - 25/10/2013 - 09:21:05 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2391148703-2938958122-1735579917-1000.db O45 - LFCP:[MD5.90F352DC92CEF06FDB876E17F812BCDF] - 25/10/2013 - 09:42:10 ---A- - C:\Windows\Prefetch\HPQWRG.EXE-671907D2.pf O45 - LFCP:[MD5.0B80B33D6639BB8720DAD63F246E27F3] - 25/10/2013 - 10:20:59 ---A- - C:\Windows\Prefetch\GOOGLEUPDATERSERVICE.EXE-09540BCD.pf O45 - LFCP:[MD5.30D6319F02D2FD1BB18005B03F3E034F] - 25/10/2013 - 15:34:57 ---A- - C:\Windows\Prefetch\HPQSTE08.EXE-8FA26316.pf O45 - LFCP:[MD5.ABC4996102F36A9A88D0D2619CFA40AB] - 25/10/2013 - 16:43:02 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-4F28A26F.pf O45 - LFCP:[MD5.CE40671708C667331B939D7751323DEB] - 25/10/2013 - 18:34:27 ---A- - C:\Windows\Prefetch\7ZG.EXE-0F8C4081.pf O45 - LFCP:[MD5.9B643CE52B5983916238C2445A267C52] - 25/10/2013 - 22:41:22 ---A- - C:\Windows\Prefetch\VERCLSID.EXE-7C52E31C.pf O45 - LFCP:[MD5.2F4AEF4611013352B6251663FD74AC41] - 26/10/2013 - 00:47:42 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin O45 - LFCP:[MD5.0EC39055FC4E67D46362D255D5E466E1] - 26/10/2013 - 06:49:24 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf O45 - LFCP:[MD5.CE7F9F5DCC4A1919E9FCFFBBC9A7D961] - 26/10/2013 - 06:49:36 ---A- - C:\Windows\Prefetch\LMS.EXE-75D6F05A.pf O45 - LFCP:[MD5.99A6FAABD7357B299E8C8BC536534E7B] - 26/10/2013 - 06:49:44 ---A- - C:\Windows\Prefetch\UNS.EXE-D04A8F4E.pf O45 - LFCP:[MD5.242C5466842F18961E21D7B7EFC1DD26] - 26/10/2013 - 06:50:43 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf O45 - LFCP:[MD5.1741B33EE29038AEFCE505A3B63DDD70] - 26/10/2013 - 06:57:44 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.161.695.0.EX-82990D84.pf O45 - LFCP:[MD5.EE1180A37DA01A77E23A7E7D14D9FD5E] - 26/10/2013 - 06:57:44 ---A- - C:\Windows\Prefetch\MPSIGSTUB.EXE-6CB27A06.pf O45 - LFCP:[MD5.38347B4DCD0049B8ADEF7391A4A31510] - 26/10/2013 - 06:57:44 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf O45 - LFCP:[MD5.C14B8D3DE002FEB0F04D06D3F318CB40] - 26/10/2013 - 07:00:05 ---A- - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf O45 - LFCP:[MD5.6E3C170CDD132E7259CBD05961DE236C] - 26/10/2013 - 07:00:08 ---A- - C:\Windows\Prefetch\WERCON.EXE-E36BD04E.pf O45 - LFCP:[MD5.9E78A13C36D88EDF60FBA2613C3629A7] - 26/10/2013 - 07:57:13 ---A- - C:\Windows\Prefetch\WINWORD.EXE-C91725A1.pf O45 - LFCP:[MD5.E8C900256225742D2C8816F567069C6A] - 26/10/2013 - 09:29:37 ---A- - C:\Windows\Prefetch\SKYPE.EXE-4929A84C.pf O45 - LFCP:[MD5.FE82655EB54CCE93226C4925009577A4] - 26/10/2013 - 09:32:08 ---A- - C:\Windows\Prefetch\TEAMVIEWER.EXE-53E59FDA.pf O45 - LFCP:[MD5.AEB2764C37D3A1D6D08BC066A0271E15] - 26/10/2013 - 09:32:08 ---A- - C:\Windows\Prefetch\TV_W32.EXE-C1F4168E.pf O45 - LFCP:[MD5.E68EED2D2CAFDF0B584AFEF9D98BA1AD] - 26/10/2013 - 09:32:10 ---A- - C:\Windows\Prefetch\TEAMVIEWER_DESKTOP.EXE-81AB4947.pf O45 - LFCP:[MD5.D6D983F4ED821BBAA31D5FDABC1C1C53] - 26/10/2013 - 09:35:43 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-20F71D09.pf O45 - LFCP:[MD5.06F81A16F652A5BFF6E61A4EF91C5696] - 26/10/2013 - 09:35:43 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-40ACC130.pf O45 - LFCP:[MD5.3FA2E5E869D59703C9BF7427C1297548] - 26/10/2013 - 09:36:53 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-574F56C6.pf O45 - LFCP:[MD5.69BD0A626988FB53BCC4C7B4E79FEC10] - 26/10/2013 - 09:36:54 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-A8A503D1.pf O45 - LFCP:[MD5.E5AB09054B0ACF9A1124B0F6B8C12C82] - 26/10/2013 - 09:46:03 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-5D4CC7D6.pf O45 - LFCP:[MD5.BCE4A381344340E89B297C3608648432] - 26/10/2013 - 10:00:11 ---A- - C:\Windows\Prefetch\WSQMCONS.EXE-118B52B7.pf O45 - LFCP:[MD5.6D83FD14B5008BA2EBF2414A985BE180] - 26/10/2013 - 10:02:17 ---A- - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf O45 - LFCP:[MD5.D351ABA83DC7256E854287760D09D96E] - 26/10/2013 - 10:02:33 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-59FE505A.pf O45 - LFCP:[MD5.2AB99DA81D597858B40B0FF313383CFB] - 26/10/2013 - 10:04:50 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-9221A75A.pf O45 - LFCP:[MD5.E553CA32A07CF805A1481F1069279796] - 26/10/2013 - 10:05:57 ---A- - C:\Windows\Prefetch\LADS.EXE-3D3801BD.pf O45 - LFCP:[MD5.FA1ED486FD4D713EC07DE87FED1065C9] - 26/10/2013 - 10:07:16 ---A- - C:\Windows\Prefetch\NSLOOKUP.EXE-3D06E09F.pf O45 - LFCP:[MD5.B4B50DAFF58C0BECE718E04FF7487949] - 26/10/2013 - 10:07:28 ---A- - C:\Windows\Prefetch\MBRCHECK.EXE-015A14A4.pf O45 - LFCP:[MD5.E1B94501E5839FF102EDB20AD10F9580] - 26/10/2013 - 10:07:36 ---A- - C:\Windows\Prefetch\MBR.EXE-3DE60006.pf O45 - LFCP:[MD5.6EB894C62541279810978F8A87940BCF] - 26/10/2013 - 10:08:47 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf O45 - LFCP:[MD5.B0317E238DD25A30B4A0F8C47A4B8CD4] - 26/10/2013 - 10:12:00 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-FE771DDA.pf O45 - LFCP:[MD5.D20CC2C80B306EBCFBB2F379ADD1CD88] - 26/10/2013 - 10:20:50 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf O45 - LFCP:[MD5.FC21DAE3D1D01BFA538E75719CF6BFAC] - 26/10/2013 - 10:24:00 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-ECAD9571.pf O45 - LFCP:[MD5.E637BFF1D6BA80E26BC8ECD680BB9512] - 26/10/2013 - 10:25:48 ---A- - C:\Windows\Prefetch\CHROME.EXE-5A1054AF.pf O45 - LFCP:[MD5.FCB2A482F5629FC88753F4E1CD8EF072] - 26/10/2013 - 10:30:59 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf O45 - LFCP:[MD5.42327605B58665F512A9140E78068E4B] - 26/10/2013 - 10:36:39 ---A- - C:\Windows\Prefetch\PFSTUDIOX.EXE-D7AD2294.pf O45 - LFCP:[MD5.8740660A7AAC86EB4F7E468CE2778261] - 26/10/2013 - 10:44:53 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf O45 - LFCP:[MD5.1E8A6501B5F91BC2747213435B6DD4C9] - 26/10/2013 - 10:47:55 ---A- - C:\Windows\Prefetch\AgRobust.db O45 - LFCP:[MD5.9311AB3373872145507A0A4115F9D66C] - 26/10/2013 - 10:47:56 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db O45 - LFCP:[MD5.7D338B75B737E587FAA6140DA2A44BF1] - 26/10/2013 - 10:47:56 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db O45 - LFCP:[MD5.3ABF579964517EBD7555AF621A09134C] - 26/10/2013 - 10:47:57 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db O45 - LFCP:[MD5.37D95A78D915DB48800B2405BD93DD9E] - 26/10/2013 - 10:48:58 ---A- - C:\Windows\Prefetch\WMPLAYER.EXE-BAD6BD53.pf O45 - LFCP:[MD5.50B0E76EAB2DBC6DF65DD7C6353998A0] - 26/10/2013 - 10:49:25 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf O45 - LFCP:[MD5.91BE40945243445D993F8445C67E4C37] - 26/10/2013 - 10:49:39 ---A- - C:\Windows\Prefetch\NVTRAY.EXE-DB83881B.pf O45 - LFCP:[MD5.2FB9F5085BEBA37AF6BBE0BBE8ABF33C] - 26/10/2013 - 10:49:43 ---A- - C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf O45 - LFCP:[MD5.E95C6E5F3A2A1312810D6F8403E96B62] - 26/10/2013 - 10:49:43 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-56A9B19C.pf O45 - LFCP:[MD5.37F098F93E9898C090FD57C7C17E7A67] - 26/10/2013 - 10:49:48 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf O45 - LFCP:[MD5.8AC2F7E9AD8A439171D45E9C669953AD] - 26/10/2013 - 10:49:53 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-5F50D22C.pf O45 - LFCP:[MD5.3427BF265E74E85DA427231346C762F1] - 26/10/2013 - 10:50:02 ---A- - C:\Windows\Prefetch\CMD.EXE-4A81B364.pf O45 - LFCP:[MD5.C91D8584604D212C80951FD71171FE5E] - 26/10/2013 - 10:50:02 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-943166CC.pf O45 - LFCP:[MD5.207167BC19DA75385E944594BBE71A2F] - 26/10/2013 - 10:50:06 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf O45 - LFCP:[MD5.7C9F8E40FD599DE9997AC020775D5182] - 26/10/2013 - 10:50:06 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf O45 - LFCP:[MD5.7EB2DF5DEF71C07533DD19240CA9BE7B] - 26/10/2013 - 10:50:29 ---A- - C:\Windows\Prefetch\PV.EXE-7B89A1E7.pf O45 - LFCP:[MD5.C6C62A60BD886B73FB7DBFE40836EAE5] - 26/10/2013 - 10:50:36 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf O45 - LFCP:[MD5.15945D882B577522828677FE6F0652DD] - 26/10/2013 - 10:50:40 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-7FBD134E.pf O45 - LFCP:[MD5.C987A7FD65D7D7C035B91B5BAA9F596C] - 26/10/2013 - 10:50:44 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-5CA45734.pf ~ Prefetcher: 121 Scanned in 00mn 01s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll ~ LSA: 7 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 13 Scanned in 00mn 00s ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51) O51 - MPSK:{41ffa548-7cfb-11e2-a7b4-1c6f65c4c865}\AutoRun\command. (...) -- K:\urDrive.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 3 Scanned in 00mn 00s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ~ MWPS: 16 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 ~ MWPE Keys: 1 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [420968] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] ~ Drivers: 16 Scanned in 00mn 00s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 22/10/2096 - 11:51:00 ---A- . (...) -- C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\dsbflux\Blast.8BF [33792] O61 - LFC: 22/10/2096 - 11:51:00 ---A- . (...) -- C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\dsbflux\BrightNoise.8BF [30720] O61 - LFC: 22/10/2096 - 11:51:00 ---A- . (...) -- C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\dsbflux\Bubbles.8BF [34816] O61 - LFC: 22/10/2096 - 11:51:00 ---A- . (...) -- C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\dsbflux\CenMirror.8BF [32768] O61 - LFC: 22/10/2096 - 11:51:00 ---A- . (...) -- C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\dsbflux\Electro.8BF [38400] O61 - LFC: 22/10/2096 - 11:51:00 ---A- . (...) -- C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\dsbflux\Gears.8BF [32768] O61 - LFC: 22/10/2096 - 11:51:00 ---A- . (...) -- C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\dsbflux\Isotope.8BF [39936] O61 - LFC: 22/10/2096 - 11:51:00 ---A- . (...) -- C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\dsbflux\LnrTrans.8BF [31744] O61 - LFC: 22/10/2096 - 11:51:00 ---A- . (...) -- C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\dsbflux\Mirror.8BF [30720] O61 - LFC: 22/10/2096 - 11:51:00 ---A- . (...) -- C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\dsbflux\MosaicRipple.8BF [31744] O61 - LFC: 22/10/2096 - 11:51:00 ---A- . (...) -- C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\dsbflux\Psycho.8BF [32256] O61 - LFC: 22/10/2096 - 11:51:00 ---A- . (...) -- C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\dsbflux\RadMosaic.8BF [33280] O61 - LFC: 22/10/2096 - 11:51:00 ---A- . (...) -- C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\dsbflux\RadNoise.8BF [33792] O61 - LFC: 22/10/2096 - 11:51:00 ---A- . (...) -- C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\dsbflux\RadSmox.8BF [35328] O61 - LFC: 22/10/2096 - 11:51:00 ---A- . (...) -- C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\dsbflux\RadTrans.8BF [33792] O61 - LFC: 22/10/2096 - 11:51:00 ---A- . (...) -- C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\dsbflux\RadialWarp.8BF [37376] O61 - LFC: 22/10/2096 - 11:51:00 ---A- . (...) -- C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\dsbflux\RadicalWarp.8BF [37888] O61 - LFC: 22/10/2096 - 11:51:00 ---A- . (...) -- C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\dsbflux\Tiler.8BF [30720] O61 - LFC: 23/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT [270568] O61 - LFC: 23/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Alien Skin\Xenofex 2\Lightning\Last Used [326] O61 - LFC: 23/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\=Cours 1 (2).LNK [1298] O61 - LFC: 23/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\=Cours 1.LNK [1298] O61 - LFC: 23/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\=Cours 2.LNK [1368] O61 - LFC: 23/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\=Cours 4 (2).LNK [1288] O61 - LFC: 23/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\=Cours 4.LNK [1288] O61 - LFC: 23/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\=Cours 5.LNK [1283] O61 - LFC: 23/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\=Cours 6.LNK [1333] O61 - LFC: 23/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\=Cours 7 (2).LNK [1398] O61 - LFC: 23/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\=Cours 7.LNK [1398] O61 - LFC: 23/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cours 1 - Choupintte (2).LNK [1160] O61 - LFC: 23/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cours 1 - Choupintte.LNK [1160] O61 - LFC: 23/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cours 2 - Faure un cadre-Josephine.LNK [1230] O61 - LFC: 23/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cours 4 - Florence (2).LNK [1150] O61 - LFC: 23/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cours 4 - Florence.LNK [1150] O61 - LFC: 23/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cours 6 - Cadre scintillant.LNK [1195] O61 - LFC: 23/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cours.LNK [1266] O61 - LFC: 23/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\cous 7 Fleur et signature scintillantes (2).LNK [1260] O61 - LFC: 23/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\cous 7 Fleur et signature scintillantes.LNK [1260] O61 - LFC: 23/10/2013 - 11:51:15 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 1 - Choupintte\=Cours 1.docx [174332] O61 - LFC: 23/10/2013 - 11:51:15 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 1 - Choupintte\=Support -\1er partie.pfi [1829730] O61 - LFC: 23/10/2013 - 11:51:16 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 4 - Florence\=Cours 4.docx [233894] O61 - LFC: 23/10/2013 - 11:51:16 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 4 - Florence\=Support\1er partie.pfi [2653350] O61 - LFC: 23/10/2013 - 11:51:16 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 4 - Florence\=Support\=Net 2.bmp [1482974] O61 - LFC: 23/10/2013 - 11:51:16 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 5 - Eclairs\=COURS 5.docx [125023] O61 - LFC: 23/10/2013 - 11:51:16 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 5 - Eclairs\=Support -\1er partie.pfi [2057200] O61 - LFC: 23/10/2013 - 11:51:16 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 6 - Cadre scintillant\=Support -\1er partie.pfi [2682545] O61 - LFC: 23/10/2013 - 11:51:16 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\cous 7 Fleur et signature scintillantes\=Cours 7.docx [355506] O61 - LFC: 23/10/2013 - 11:51:16 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\cous 7 Fleur et signature scintillantes\jellyka_western_princess.zip [37862] O61 - LFC: 23/10/2096 - 11:51:00 ---A- . (...) -- C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\dsbflux\SpiderWeb.8BF [32256] O61 - LFC: 24/10/2013 - 11:50:54 ---A- . (...) -- C:\Users\admin\AppData\Local\Temp\3234462.od [134] O61 - LFC: 24/10/2013 - 11:50:54 ---A- . (...) -- C:\Users\admin\AppData\Local\Temp\CVR5A9E.tmp.cvr [0] O61 - LFC: 24/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Local\Temp\TeamViewer\Version8\7.hta [1066] O61 - LFC: 24/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\3=Planetegr.- 20 1er partie.LNK [916] O61 - LFC: 24/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\=Cours 13 Comobe.LNK [1333] O61 - LFC: 24/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\=Planete Graphisme.LNK [862] O61 - LFC: 24/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cours 11.LNK [1318] O61 - LFC: 24/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cours 13 - Colombe.LNK [1150] O61 - LFC: 24/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Crea - PFS 1.LNK [1050] O61 - LFC: 24/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Final 1er 20 Cours.LNK [1104] O61 - LFC: 24/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Final 1er 20 Crea.LNK [1233] O61 - LFC: 24/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Planete.LNK [1149] O61 - LFC: 24/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\X Demo - probleme.LNK [1016] O61 - LFC: 24/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\cours 1 signature - Texte - Macha.LNK [1279] O61 - LFC: 24/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\mes Filtre.LNK [1010] O61 - LFC: 24/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\paula.pere3\chatsync\98\98f28bc5eab93aa4.dat [3219] O61 - LFC: 24/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\paula.pere3\config.lck [0] O61 - LFC: 24/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\paula.pere3\httpfe\cookies.dat [2] O61 - LFC: 24/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\Documents\10A J= J 2\tuto et variante 11 Couleur cuivre.rar [4887741] O61 - LFC: 24/10/2013 - 11:51:15 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Cours 10 - Etoile Blings\=Support -\Eroile A.pfi [61352] O61 - LFC: 24/10/2013 - 11:51:15 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Cours 9 - jupe flottante\=Support\2em partie.pfi [919383] O61 - LFC: 24/10/2013 - 11:51:15 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Cours 9 - jupe flottante\=Support\=Tube.png [212333] O61 - LFC: 24/10/2013 - 11:51:15 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 11 - Fleche animée\=Support -\1er partie -Fleche.pfi [73348] O61 - LFC: 24/10/2013 - 11:51:15 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 11 - Fleche animée\=Support -\Texture.pfi [4717] O61 - LFC: 24/10/2013 - 11:51:15 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 13 - Colombe\=Support -\1er partie.pfi [1350173] O61 - LFC: 24/10/2013 - 11:51:16 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\X Demo - probleme\Probleme enreg. transparance\partie - Cours 9.pfi [919383] O61 - LFC: 24/10/2096 - 11:51:00 ---A- . (...) -- C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\dsbflux\Cassini.8BF [39936] O61 - LFC: 25/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\=COURS 5.LNK [1427] O61 - LFC: 25/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\=Cours 10 - Etoile Blings.LNK [1185] O61 - LFC: 25/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\=Cours 12.LNK [1303] O61 - LFC: 25/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\=Cours 14.LNK [1293] O61 - LFC: 25/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\=Cours 8.LNK [1308] O61 - LFC: 25/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\=Cours 9.LNK [1457] O61 - LFC: 25/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\=cours 3.LNK [1154] O61 - LFC: 25/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\=PFS1 - 10 Lys scintillant.LNK [1304] O61 - LFC: 25/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cour 3 - Charlyne.LNK [1016] O61 - LFC: 25/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cours 10 - Etoile Blings.LNK [1180] O61 - LFC: 25/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cours 10 Lys scintillant.LNK [1522] O61 - LFC: 25/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cours 10.LNK [1323] O61 - LFC: 25/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cours 11 - Fleche animée.LNK [1319] O61 - LFC: 25/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cours 12 - Elisabeth.LNK [1160] O61 - LFC: 25/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cours 14 - Crystal.LNK [1150] O61 - LFC: 25/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cours 15 - En Fouchsia.LNK [1170] O61 - LFC: 25/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cours 5 - Eclairs.LNK [1284] O61 - LFC: 25/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cours 8 -Sous la pluie.LNK [1170] O61 - LFC: 25/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cours 9 - jupe flottante.LNK [1319] O61 - LFC: 25/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Le 25.10.2013 - Josy.LNK [1517] O61 - LFC: 25/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Word12.pip [1692] O61 - LFC: 25/10/2013 - 11:51:15 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Cours 10 - Etoile Blings\=Support -\Etoile B.pfi [69672] O61 - LFC: 25/10/2013 - 11:51:15 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cour 3 - Charlyne\=Support Perso -\partie A Dernier.pfi [2211041] O61 - LFC: 25/10/2013 - 11:51:15 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 11 - Fleche animée\Le 25.10.2013 - Josy.docx [11172] O61 - LFC: 25/10/2013 - 11:51:15 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 12 - Elisabeth\=Sipport -\1er partie.pfi [2021319] O61 - LFC: 25/10/2013 - 11:51:15 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 14 - Crystal\=Support -\1er partie.pfi [2196662] O61 - LFC: 25/10/2013 - 11:51:15 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 14 - Crystal\=Support -\Partie Animee.pfi [4165629] O61 - LFC: 25/10/2013 - 11:51:15 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 14 - Crystal\NON\2em partie- Anime.pfi [4216413] O61 - LFC: 25/10/2013 - 11:51:16 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 15 - En Fouchsia - Voir\En Fushia\tubebetty.png [673340] O61 - LFC: 25/10/2013 - 11:51:16 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 8 -Sous la pluie\=Support -\Cours 8 Sous la pluie.pfi [3809430] O61 - LFC: 25/10/2013 - 11:51:16 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\X Non\2 em partie.pfi [1950782] O61 - LFC: 25/10/2013 - 11:51:16 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\X Demo - probleme\1er partie - Etoile.pfi [87169] O61 - LFC: 25/10/2013 - 11:51:16 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\X Demo - probleme\Probleme enreg. transparance\Etoile B - Etoile.pfi [69672] O61 - LFC: 25/10/2013 - 11:51:16 -SHA- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 8 -Sous la pluie\~$ours 8.docx [162] O61 - LFC: 25/10/2013 - 11:51:22 ---A- . (...) -- C:\Users\admin\Documents\Fourniture pour PFS X\8BF\Filters Unlimited 2.0\ICNET-Filters.db\index [233992] O61 - LFC: 25/10/2013 - 11:51:23 ---A- . (...) -- C:\Users\admin\Documents\Nom 2 - 30.png [8588] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Archived History [65536] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Archived History-journal [16384] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cookies [74752] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal [16384] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Current Session [563785] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Current Tabs [118929] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT [16] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG [145] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old [145] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000029 [426] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\128.png [3524] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\ar\messages.json [401] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\bg\messages.json [427] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\ca\messages.json [250] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\cs\messages.json [255] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\da\messages.json [242] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\de\messages.json [226] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\el\messages.json [475] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\en\messages.json [227] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\es\messages.json [240] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\fi\messages.json [222] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\fil\messages.json [236] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\fr\messages.json [249] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\he\messages.json [419] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\hi\messages.json [408] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\hr\messages.json [220] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\hu\messages.json [253] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\id\messages.json [231] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\it\messages.json [224] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\ja\messages.json [349] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\ko\messages.json [323] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\lt\messages.json [266] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\lv\messages.json [245] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\nl\messages.json [225] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\no\messages.json [216] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\pl\messages.json [274] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\pt_BR\messages.json [237] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\pt_PT\messages.json [236] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\ro\messages.json [248] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\ru\messages.json [394] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\sk\messages.json [241] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\sl\messages.json [245] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\sr\messages.json [437] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\sv\messages.json [238] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\th\messages.json [365] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\tr\messages.json [255] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\uk\messages.json [442] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\vi\messages.json [310] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\zh_CN\messages.json [257] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\zh_TW\messages.json [269] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\manifest.json [785] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\128.png [5367] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\16.png [499] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\32.png [1154] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\48.png [1872] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ar\messages.json [423] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\bg\messages.json [515] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ca\messages.json [330] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\cs\messages.json [355] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\da\messages.json [328] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\de\messages.json [307] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\el\messages.json [569] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en\messages.json [314] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en_GB\messages.json [314] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en_US\messages.json [314] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\es\messages.json [340] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\es_419\messages.json [341] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\et\messages.json [314] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fi\messages.json [305] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fil\messages.json [337] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fr\messages.json [329] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\he\messages.json [471] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hi\messages.json [326] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hr\messages.json [340] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hu\messages.json [336] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\id\messages.json [319] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\it\messages.json [324] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ja\messages.json [388] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ko\messages.json [380] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\lt\messages.json [359] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\lv\messages.json [360] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\nl\messages.json [323] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\no\messages.json [300] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pl\messages.json [336] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pt_BR\messages.json [332] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pt_PT\messages.json [331] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ro\messages.json [332] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ru\messages.json [471] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sk\messages.json [338] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sl\messages.json [329] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sr\messages.json [483] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sv\messages.json [333] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\th\messages.json [472] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\tr\messages.json [330] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\uk\messages.json [501] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\vi\messages.json [363] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\zh_CN\messages.json [346] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\zh_TW\messages.json [346] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\manifest.json [817] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\background.js [1368] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\load_symbols.js [2447] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name.js [13935] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_ar.js [54117] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_bg.js [51067] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_ca.js [15513] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_cs.js [19494] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_da.js [14038] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_de.js [15552] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_el.js [55324] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_en_gb.js [13942] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_es.js [15179] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_es_419.js [15179] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_fi.js [14370] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_fil.js [13992] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_fr.js [15435] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_hi.js [47597] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_hr.js [14656] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_hu.js [16140] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_id.js [13888] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_it.js [13943] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_iw.js [35117] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_ja.js [34352] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_ko.js [29930] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_lt.js [17128] O61 - LFC: 26/10/2013 - 11:50:51 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [5] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_lv.js [17105] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_nl.js [14243] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_no.js [14395] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_pl.js [15282] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_pt_br.js [15497] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_pt_pt.js [15486] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_ro.js [16064] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_ru.js [54888] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_sk.js [19282] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_sl.js [19834] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_sr.js [50705] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_sv.js [14839] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_th.js [50049] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_tr.js [15702] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_uk.js [55785] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_vi.js [22382] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_zh_cn.js [26826] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\locale_name_zh_tw.js [26509] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols.js [3135] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_ar.js [6384] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_bg.js [5653] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_ca.js [3447] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_cs.js [3639] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_da.js [3294] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_de.js [3287] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_el.js [5843] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_en_gb.js [3245] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_es.js [3342] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_es_419.js [3336] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_fi.js [3591] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_fil.js [3259] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_fr.js [3422] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_hi.js [6181] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_hr.js [3414] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_hu.js [3644] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_id.js [3203] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_it.js [3307] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_iw.js [5722] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_ja.js [3798] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_ko.js [4048] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_lt.js [3562] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_lv.js [3569] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_nl.js [3286] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_no.js [3307] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_pl.js [3430] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_pt_br.js [3405] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_pt_pt.js [3425] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_ro.js [3418] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_ru.js [5819] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_sk.js [3430] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_sl.js [3381] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_sr.js [5689] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_sv.js [3376] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_th.js [6459] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_tr.js [3455] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_uk.js [5684] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_vi.js [3888] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_zh_cn.js [4089] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n\symbols_zh_tw.js [3964] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\icon_128.png [9460] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\icon_16.png [702] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\1x\amex.png [2052] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\1x\bank.png [234] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\1x\check.png [235] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\1x\checkmark.png [239] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\1x\close_dialog.png [139] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\1x\close_dialog_hover.png [214] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\1x\close_dialog_pressed.png [213] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\1x\cvc-amex.png [1344] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\1x\cvc.png [1343] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\1x\discover.png [1700] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\1x\info_icon.png [1354] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\1x\jcb.png [1179] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\1x\lock.png [182] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\1x\mastercard.png [1818] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\1x\stored_value.png [1141] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\1x\visa.png [1710] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\2x\amex.png [3446] O61 - LFC: 26/10/2013 - 11:50:52 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\2x\bank.png [412] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\ar\messages.json [52790] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\bg\messages.json [41117] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\ca\messages.json [16920] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\cs\messages.json [21633] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\da\messages.json [15723] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\de\messages.json [16303] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\el\messages.json [45461] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\en\messages.json [16620] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\en_GB\messages.json [15076] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\es\messages.json [17148] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\es_419\messages.json [16477] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\fi\messages.json [15881] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\fil\messages.json [16003] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\fr\messages.json [20254] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\hi\messages.json [38236] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\hr\messages.json [22320] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\hu\messages.json [20750] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\id\messages.json [15356] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\it\messages.json [16030] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\iw\messages.json [19337] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\ja\messages.json [24124] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\ko\messages.json [21891] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\lt\messages.json [21284] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\lv\messages.json [21167] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\nl\messages.json [15358] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\no\messages.json [12707] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\pl\messages.json [23217] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\pt_BR\messages.json [16741] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\pt_PT\messages.json [17074] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\ro\messages.json [20402] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\ru\messages.json [57898] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\sk\messages.json [20607] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\sl\messages.json [22304] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\sr\messages.json [58404] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\sv\messages.json [15748] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\th\messages.json [41806] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\tr\messages.json [18435] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\uk\messages.json [59279] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\vi\messages.json [23117] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\zh_CN\messages.json [20233] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\zh_TW\messages.json [20013] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\2x\check.png [631] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\2x\checkmark.png [358] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\2x\close_dialog.png [170] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\2x\close_dialog_hover.png [385] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\2x\close_dialog_pressed.png [390] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\2x\cvc-amex.png [1748] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\2x\cvc.png [1744] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\2x\discover.png [2928] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\2x\info_icon.png [1817] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\2x\jcb.png [2874] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\2x\lock.png [298] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\2x\mastercard.png [3585] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\2x\stored_value.png [1985] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\2x\visa.png [2584] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\wallet-icon-sm.png [1528] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\wallet-icon-tiny.png [800] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\main.html [950] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\manifest.json [1426] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\payments.js [257480] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\pbhelper.html [119] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\pbhelper.js [581] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\styles\payments.css [13283] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Favicons [43008] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal [16384] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0 [45056] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1 [270336] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2 [1056768] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_3 [8192] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\index [262512] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico [181623] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\History [106496] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache [9871] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\History-journal [16384] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Last Session [2870] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Last Tabs [2291] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.meetic.fr_0.localstorage [3072] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.meetic.fr_0.localstorage-journal [3608] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage [3072] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage-journal [3608] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Login Data [12288] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Login Data-journal [6680] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Managed Mode Settings [8] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor [49152] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal [9800] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs [10240] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs-journal [3608] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\FCS6AP57\adventori.com\cookie.sol [94] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\FCS6AP57\macromedia.com\support\flashplayer\sys\#adventori.com\settings.sol [83] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\FCS6AP57\macromedia.com\support\flashplayer\sys\settings.sol [463] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences [101302] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT [16] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG [768] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old [267] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000039 [382] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Shortcuts [12288] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal [12824] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Top Sites [20480] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal [12824] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity [641] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links [131072] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Web Data [75776] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal [16384] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State [43997] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\PepperFlash\11.9.900.117\manifest.fingerprint [14] =>.Google PepperFlash O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\PepperFlash\11.9.900.117\manifest.json [2054] =>.Google PepperFlash O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\PepperFlash\11.9.900.117\pepflashplayer.dll [13584776] =>.Google PepperFlash O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom [4400420] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [684228] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies [6144] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal [4640] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist [135236] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing Download [1085900] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist [21552] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist [6660] O61 - LFC: 26/10/2013 - 11:50:53 ---A- . (...) -- C:\Users\admin\AppData\Local\Google\Chrome\User Data\fr-FR-3-0.bdic [1074744] O61 - LFC: 26/10/2013 - 11:50:54 ---A- . (...) -- C:\Users\admin\AppData\Local\Temp\admin.bmp [31832] O61 - LFC: 26/10/2013 - 11:50:54 --HA- . (...) -- C:\Users\admin\AppData\Local\IconCache.db [4368176] O61 - LFC: 26/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Alien Skin\Xenofex 2\Constellation\Last Used [233] O61 - LFC: 26/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Alien Skin\Xenofex 2\Xenofex 2 Options [36] O61 - LFC: 26/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\HP\CRMLogs\BrandAuthentication.htm [4776] O61 - LFC: 26/10/2013 - 11:50:56 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\=image scintillante.LNK [1225] O61 - LFC: 26/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\C=Cours 16 (2).LNK [1353] O61 - LFC: 26/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\C=Cours 16.LNK [1353] O61 - LFC: 26/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Comment rendre scintillante une partie d.LNK [1523] O61 - LFC: 26/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\Cours 15 - En Fouchsia - Voir.LNK [1205] O61 - LFC: 26/10/2013 - 11:50:57 ---A- . (...) -- C:\Users\admin\AppData\Roaming\OpenOffice.org\3\.lock [143] O61 - LFC: 26/10/2013 - 11:50:57 --H-- . (...) -- C:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\index.dat [118351] O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\OpenOffice.org\3\user\registrymodifications.xcu [33669] O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\DbTemp\temp-04c4Mjow2zUj6MNoLQBk6NfR [8720] O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\DbTemp\temp-GquYlS051ibff7scIWdNsOB3 [20480] O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\paula.pere3\bistats.db [61440] O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\paula.pere3\bistats.db-journal [33344] O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\paula.pere3\chatsync\90\90ff457321b55d0a.dat [2809] O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\paula.pere3\config.xml [6723] O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\paula.pere3\dc.db [45056] O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\paula.pere3\eas.db [53248] O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\paula.pere3\eas.db-journal [41552] O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\paula.pere3\keyval.db [40960] O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\paula.pere3\keyval.db-journal [33344] O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\paula.pere3\main.db [307200] O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\paula.pere3\main.db-journal [148256] O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\paula.pere3\msn.db [53248] O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\paula.pere3\msn.db-journal [33344] O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\shared.xml [83836] O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\shared_dynco\dc.db [2105344] O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\Skype\shared_dynco\dc.db-journal [969056] O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\ZHP\Log.txt [38057] =>.Nicolas Coolman O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\ZHP\TestsZHPDiag.txt [2818] =>.Nicolas Coolman O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\ZHP\ZHPADSReport.txt [351] =>.Nicolas Coolman O61 - LFC: 26/10/2013 - 11:50:58 ---A- . (...) -- C:\Users\admin\AppData\Roaming\ZHP\ZHPDiag.txt [183138] =>.Nicolas Coolman O61 - LFC: 26/10/2013 - 11:51:15 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 15 - En Fouchsia - Voir\=Support - -\1er parti.pfi [2579595] O61 - LFC: 26/10/2013 - 11:51:16 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\=PFS 2 - faits\Cours 15 - En Fouchsia - Voir\C=Cours 16.docx [142050] O61 - LFC: 26/10/2013 - 11:51:16 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\=Defis PFS 2\X Non\1er parti.pfi [35298] O61 - LFC: 26/10/2013 - 11:51:16 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\Gif en transp. - Anant et apres -\2em partie Vert - Roue.pfi [1917825] O61 - LFC: 26/10/2013 - 11:51:16 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\Gif en transp. - Anant et apres -\Le roue qui tourn - Cyber B..pfi [1617363] O61 - LFC: 26/10/2013 - 11:51:16 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\Gif en transp. - Anant et apres -\essai2-Rose roue.pfi [1733579] O61 - LFC: 26/10/2013 - 11:51:16 ---A- . (...) -- C:\Users\admin\Documents\=Planete Graphisme\X Demo - probleme\Tout PNG- Etoile.pfi [87130] ~ 4 Fichiers temporaires (Temporary files) ~ Files: 474 Scanned in 00mn 40s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 21/04/2011 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - 18/01/2008 - C:\Windows\System32\Drivers\Beep.sys (Beep) .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP O64 - Services: CurCS - 22/02/2011 - C:\Windows\System32\DRIVERS\bowser.sys (bowser) .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER O64 - Services: CurCS - 18/01/2008 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\CLFS.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\crcdisk.sys (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK O64 - Services: CurCS - 14/04/2011 - C:\Windows\System32\Drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC O64 - Services: CurCS - 01/08/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL O64 - Services: CurCS - 18/01/2008 - C:\Windows\System32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR O64 - Services: CurCS - 03/11/2009 - C:\Windows\System32\drivers\HTTP.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP O64 - Services: CurCS - 04/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD O64 - Services: CurCS - 18/01/2008 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - 18/01/2008 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV O64 - Services: CurCS - 26/10/2013 - C:\Users\admin\AppData\Local\Temp\mbr.sys (mbr) .(...) - LEGACY_MBR O64 - Services: CurCS - 18/01/2008 - C:\Windows\System32\drivers\mountmgr.sys (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR O64 - Services: CurCS - 18/04/2011 - C:\Windows\System32\DRIVERS\MpFilter.sys (MpFilter) .(.Microsoft Corporation - Microsoft antimalware file system filter dr.) - LEGACY_MPFILTER O64 - Services: CurCS - 26/10/2013 - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{56E8F2D3-67D0-458A-B5A7-DF6EC35E61EE}\MpKsl351cd3f2.sys (MpKsl351cd3f2) .(.Microsoft Corporation - KSLDriver.) - LEGACY_MPKSL351CD3F2 O64 - Services: CurCS - 18/04/2011 - C:\Windows\System32\DRIVERS\MpNWMon.sys (MpNWMon) .(.Microsoft Corporation - Network monitor driver.) - LEGACY_MPNWMON O64 - Services: CurCS - 18/01/2008 - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\drivers\mrxdav.sys (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\mrxsmb.sys (mrxsmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB O64 - Services: CurCS - 06/07/2011 - C:\Windows\System32\DRIVERS\mrxsmb10.sys (mrxsmb10) .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10 O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\mrxsmb20.sys (mrxsmb20) .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20 O64 - Services: CurCS - 18/01/2008 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\Drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP) .(.Microsoft Corporation - NativeWiFi Miniport Driver.) - LEGACY_NATIVEWIFIP O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS O64 - Services: CurCS - 18/01/2008 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O driver.) - LEGACY_NDISUIO O64 - Services: CurCS - 18/01/2008 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\DRIVERS\netbt.sys (netbt) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - 18/01/2008 - C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY O64 - Services: CurCS - 18/01/2008 - C:\Windows\System32\DRIVERS\parvdm.sys (Parvdm) .(.Microsoft Corporation - Pilote parallèle VDM.) - LEGACY_PARVDM O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\peauth.sys (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED O64 - Services: CurCS - 18/01/2008 - C:\Windows\System32\DRIVERS\rasacd.sys (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\DRIVERS\rdbss.sys (rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS O64 - Services: CurCS - 18/01/2008 - C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - 18/01/2008 - C:\Windows\System32\drivers\rdpencdd.sys (RDPENCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD O64 - Services: CurCS - 18/01/2008 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\tcpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB O64 - Services: CurCS - 18/01/2008 - C:\Windows\System32\Drivers\spldr.sys (spldr) .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR O64 - Services: CurCS - 18/02/2011 - C:\Windows\System32\DRIVERS\srv.sys (srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srv2.sys (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2 O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP O64 - Services: CurCS - 08/02/2013 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX O64 - Services: CurCS - 18/01/2008 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX O64 - Services: CurCS - 21/08/2012 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP O64 - Services: CurCS - 18/01/2008 - C:\Windows\System32\DRIVERS\wanarp.sys (Wanarpv6) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6 O64 - Services: CurCS - 27/06/2013 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000 O64 - Services: CurCS - 26/07/2012 - C:\Windows\system32\drivers\Wudfpf.sys (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF ~ Legacy: 72 Scanned in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ FASS Keys: 20 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.22find.com =>Hijacker.22Find ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("avg.install.userHPSettings", "http://www.delta-search.com/?affID=119295&babsrc=HP_ss&mntrId=24b07ff5000000000000e0469a2[...] =>Toolbar.DeltaSearch O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("avg.install.userSPSettings", "Delta Search"); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.BabylonToolbar_i.newTab", true); =>Toolbar.Babylon O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://www.delta-search.com/?affID=119295&babsrc=NT_ss&mntrId=24b07ff500000000[...] =>Toolbar.Babylon O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.admin", false); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.aflt", "babsst"); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.autoRvrt", "false"); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.bbDpng", "22"); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.cntry", "FR"); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.dfltLng", "en"); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.excTlbr", false); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.hdrMd5", "8121A9F148D826EFA4351ED60115749D"); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.id", "24b07ff5000000000000e0469a28f61e"); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.instlDay", "15758"); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.instlRef", "sst"); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.lastVrsnTs", "1.8.10.016:33:23"); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.newTab", false); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.prdct", "delta"); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.prtnrId", "delta"); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.rvrt", "false"); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.sg", "azb"); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.smplGrp", "azb"); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.tlbrId", "base"); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.tlbrSrchUrl", ""); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.vrsn", "1.8.10.0"); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.vrsnTs", "1.8.10.016:33:23"); O69 - SBI: prefs.js [admin - wqusb1hh.default] user_pref("extensions.delta.vrsni", "1.8.10.0"); O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Delta Search) - http://www.delta-search.com =>Toolbar.DeltaSearch O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (22find) - http://search.22find.com =>Hijacker.22Find O69 - SBI: SearchScopes [HKCU] {412AECD8-4DF3-4D6A-B35B-E3AECA2B89E1} - (Rechercher des forums) - http://www.fullforums.com O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Bing) - http://www.bing.com ~ Keys: Scanned in 00mn 00s ---\\ Enumère les fichiers Crack & Keygen (CKF) (O82) C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\flamingpear\Filter_of_Flaming_Pear\Flaming Pear keygen.exe C:\Users\admin\Documents\10B = Josy 3 -DISK Copier -Juin -2013\PFS X\Plugins\flamingpear\Filter_of_Flaming_Pear\Flaming Pear keygen.exe ~ Files: Scanned in 00mn 43s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [24576] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [125952] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [576512] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [438784] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [315392] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [262144] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [47104] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242688] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [449024] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [1933848] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [758784] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [200704] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [33280] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [111616] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [45056] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [153088] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [162304] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [601600] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll [84992] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [81920] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [68096] ~ Services: 31 Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.1B17C2C61EEACAA3DD6DAEBED53750FF] [SPRF][08/02/2013] (...) -- C:\Users\admin\AppData\Local\d3d9caps.dat [680] [MD5.B28C334C03CEE7C5E829C43AE75DAE5A] [SPRF][28/01/2013] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\admin\AppData\Local\Temp\AskSLib.dll [248008] [MD5.A55B82103A202C20717F45C201EC4553] [SPRF][26/03/2013] (.Terra Informatica Software, Inc., British C - HTMLayout - embeddable HTML rendering and layout component.) -- C:\Users\admin\AppData\Local\Temp\htmlayout.dll [936960] [MD5.DE052920795380A41CD3674134CD9E64] [SPRF][22/02/2013] (.Microsoft Corporation - Programme d’installation Windows Internet Explorer 9.) -- C:\Users\admin\AppData\Local\Temp\IE9-WindowsVista-x86.exe [1183024] [MD5.6717F5E12752B4F5823F2CED4E837C07] [SPRF][22/02/2013] (.Microsoft Corporation - Programme d’installation Windows Internet Explorer.) -- C:\Users\admin\AppData\Local\Temp\iesetup-vista-x86.exe [681984] [MD5.CC11C8B9623B60F9DAC1BE4580240ED2] [SPRF][12/06/2000] (...) -- C:\Users\admin\AppData\Local\Temp\INST01.dll [40960] [MD5.F015BF84A795C70C12767CD9E644A33F] [SPRF][27/06/2002] (...) -- C:\Users\admin\AppData\Local\Temp\INST011.dll [53248] [MD5.A620A735458E04AE0CF471319B6D6E7D] [SPRF][01/03/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\admin\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe [897448] [MD5.5A432A042DAE460ABE7199B758E8606C] [SPRF][28/10/2006] (.Microsoft Corporation - Office Source Engine.) -- C:\Users\admin\AppData\Local\Temp\ose00000.exe [145184] [MD5.8693B3CED5EB97F365042AB1F41D5CD6] [SPRF][21/06/2013] (...) -- C:\Users\admin\AppData\Local\Temp\SPISqmData.dat [120] [MD5.E13B0EDC1C1D6546D5AE84B90E47A38E] [SPRF][21/06/2013] (...) -- C:\Users\admin\AppData\Local\Temp\SPISqmDataReview.dat [120] [MD5.3AE0F11F3D91179443113CAB0F94F944] [SPRF][26/03/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\admin\AppData\Local\Temp\uninst1.exe [372736] =>Toolbar.Babylon [MD5.9455BE5DB5C1092A89ED3D9DAEAAC9B3] [SPRF][22/02/2013] (.http://goforfiles.com/ - GoforFiles Application.) -- C:\Users\admin\AppData\Local\Temp\uninstall796650.exe [891984] =>P2P.GoforFiles [MD5.A55B82103A202C20717F45C201EC4553] [SPRF][22/02/2013] (.Terra Informatica Software, Inc., British C - HTMLayout - embeddable HTML rendering and layout component.) -- C:\Users\admin\AppData\Local\Temp\uninstall796728.exe [936960] [MD5.FD30ACC7A696C32F661B33668E73BF7B] [SPRF][17/10/2010] (.Microsoft Corporation - Microsoft Visual C++ 2008 Redistributable Setup.) -- C:\Users\admin\AppData\Local\Temp\vcredist_x86.exe [4485976] [MD5.43C35081CE0AC367267C5916AB25A817] [SPRF][25/05/2013] (...) -- C:\Users\admin\AppData\Local\Temp\vlc-2.0.6-win32.exe [22948790] [MD5.06D5E5E952C61923C9D24C83E7FE1F45] [SPRF][08/08/2013] (...) -- C:\Users\admin\AppData\Local\Temp\vlc-2.0.7-win32.exe [22937227] ~ Files: 17 Scanned in 00mn 00s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Serveur DCOM des journaux et alertes de performance.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur DCOM des journaux et alertes de performance.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe =>.Microsoft Corporation O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe =>.Microsoft Corporation O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe =>.Microsoft Corporation O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe =>.Microsoft Corporation O87 - FAEL: "WinCollab-P2P-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WinCollab-P2P-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "Collab-P2PHost-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-PNRP-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "BITSSVC-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "BITSSVC-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "BITSSVC-RPC-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "BITSSVC-RPCSS-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{16BC607E-0006-421B-ACB5-2CC22600F7D6}" | In - None - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O87 - FAEL: "{BE326EE8-9CE7-4847-AB46-B3FB35433E5B}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\ma-config.com\maconfservice.exe (.not file.) O87 - FAEL: "{194C95CD-A4F4-4DB5-8A4F-1055D088B0FA}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\ma-config.com\maconfservice.exe (.not file.) O87 - FAEL: "{39DAF043-BC53-4D34-8261-AD0C902D7515}" | In - Public - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O87 - FAEL: "{52D6C7C4-C4F5-4172-95D2-4B972A1FBEBC}" | In - Public - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O87 - FAEL: "CoreNet-DHCP-In" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-Out" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-In" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-Out" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l’autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe O87 - FAEL: "{70B6B50B-2439-4F7F-89A4-C5EDF791CCB2}" |In - Public - P6 - TRUE | .(...) -- F:\fscommand\CKSocketServer.exe (.not file.) O87 - FAEL: "{8FB2C830-03FB-4556-B2B5-18231C276BE9}" |In - Public - P17 - TRUE | .(...) -- F:\fscommand\CKSocketServer.exe (.not file.) O87 - FAEL: "{CA4E792F-4E5D-405C-803C-ECA8C91CFE6B}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\outlook.exe =>.Microsoft Corporation O87 - FAEL: "{7B7F0D93-FD59-4F08-AB17-5884120AADF0}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\GoforFiles\goforfilesdl.exe (.not file.) =>P2P.GoforFiles O87 - FAEL: "{EC92ACEA-31A4-4603-8442-19B01E92505A}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\GoforFiles\goforfilesdl.exe (.not file.) =>P2P.GoforFiles O87 - FAEL: "{F8091727-F800-4F34-9D64-4417BB13F657}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\GoforFiles\GoforFiles.exe (.not file.) =>P2P.GoforFiles O87 - FAEL: "{DBFF9F28-D0BD-4129-920D-1C4BB049DFCB}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\GoforFiles\GoforFiles.exe (.not file.) =>P2P.GoforFiles O87 - FAEL: "{B316B2CA-F05F-4D8F-A653-5039D832337D}" |In - Public - P6 - FALSE | .(...) -- C:\Program Files\IncrediMail\Bin\ImpCnt.exe (.not file.) O87 - FAEL: "{4DE5F8B6-911C-4713-A3BA-3DEC438E1CA7}" |In - Public - P17 - FALSE | .(...) -- C:\Program Files\IncrediMail\Bin\ImpCnt.exe (.not file.) O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{1E721A0E-9DEE-4F6C-9351-A1DAA063AC76}" | In - Public - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O87 - FAEL: "{23D90A29-C4B2-4A42-93B6-C7694DEACAA0}" | In - Public - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O87 - FAEL: "{98B8715E-4308-4E2F-8C4A-35821AC1D395}" |In - Public - P6 - FALSE | .(...) -- C:\Program Files\IncrediMail\Bin\IncMail.exe (.not file.) O87 - FAEL: "{2CCD9FF1-67EB-48D9-9043-994483626E3F}" |In - Public - P17 - FALSE | .(...) -- C:\Program Files\IncrediMail\Bin\IncMail.exe (.not file.) O87 - FAEL: "{C45BF82E-D08C-46D2-9B27-6C09080779B6}" |In - Public - P6 - FALSE | .(...) -- C:\Program Files\IncrediMail\Bin\ImApp.exe (.not file.) O87 - FAEL: "{F14C8B3A-5A7F-445F-B9DE-9383773CFBDF}" |In - Public - P17 - FALSE | .(...) -- C:\Program Files\IncrediMail\Bin\ImApp.exe (.not file.) O87 - FAEL: "{A4BB61B5-A616-44EE-A7E2-16E6B80064AB}" | In - Public - P6 - TRUE | .(.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer.exe O87 - FAEL: "{6540E183-84D1-4175-8868-DFBDE3045E6C}" | In - Public - P17 - TRUE | .(.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer.exe O87 - FAEL: "{93F55F62-EA34-433D-A4EC-77BD7239500B}" | In - Public - P6 - TRUE | .(.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O87 - FAEL: "{4D7FEB20-0AA5-4B0C-B28B-334047AA1C3F}" | In - Public - P17 - TRUE | .(.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O87 - FAEL: "{8F9EE623-E092-41B9-85EF-7463487EB256}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe ~ Firewall: 174 Scanned in 00mn 00s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "05ED57BE4575F6F478D521E6FDE8C43B" . (.HPSSupply.) -- C:\Windows\Installer\{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}\ARPPRODUCTICON.exe O90 - PUC: "218A12BEB17680D49B47A243F7D0F807" . (.HP Photosmart Essential.) -- C:\Windows\Installer\{EB21A812-671B-4D08-B974-2A347F0D8F70}\ARPPRODUCTICON.exe =>.Hewlett-Packard Co O90 - PUC: "3087D2BEE64D0A445B44D63F85510FD7" . (.Modèles pour Office.) -- C:\Windows\Installer\{EB2D7803-D46E-44A0-B544-6DF35815F07D}\ARPPRODUCTICON.exe O90 - PUC: "4D82F7B6E0616C047B8CE56C9B37D47A" . (.Photo Notifier and Animation Creator.) -- C:\Windows\Installer\{6B7F28D4-160E-40C6-B7C8-5EC6B9734DA7}\ARPPRODUCTICON.exe O90 - PUC: "6763E7A6D90ED134AA61F18D64ED3B52" . (.MicroApp 470 000 Cliparts.) -- C:\Windows\Installer\{6A7E3676-E09D-431D-AA16-1FD846DEB325}\ARPPRODUCTICON.exe O90 - PUC: "68AB67CA7DA76301B744BA0000000010" . (.Adobe Reader XI (11.0.05) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico O90 - PUC: "7C53B0B8CF1DE4C40AF38B37A68FB7FF" . (.MicroApp 1,5 Million de Cliparts.) -- C:\Windows\Installer\{8B0B35C7-D1FC-4C4E-A03F-B8736AF87BFF}\ARPPRODUCTICON.exe O90 - PUC: "B074548141BECBA438B53EC696D30CD7" . (.Skype™ 6.1.) -- C:\Windows\Installer\{1845470B-EB14-4ABC-835B-E36C693DC07D}\SkypeIcon.exe O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon O90 - PUC: "DF7206C8CD35D644BB57ACDC07821A43" . (.HP Update.) -- C:\Windows\Installer\{8C6027FD-53DC-446D-BB75-CACD7028A134}\ARPPRODUCTICON.exe O90 - PUC: "F60C1AD7319C7C64A8F0ADC2AB71AED1" . (.OpenOffice.org 3.4.1.) -- C:\Windows\Installer\{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}\soffice.ico ~ Update Products: 74 Scanned in 00mn 00s ---\\ Export de clés de registre aléatoires (O91) [HKCU\Software\5928cd9b36aba44\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" [HKCU\Software\5928cd9b36aba44\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:version="2.6.1095.52" [HKCU\Software\5928cd9b36aba44] =>Toolbar.Babylon^ [HKLM\Software\5928cd9b36aba44] => Clé orpheline ~ Export Key Software: Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.F877FBA63D7262BA4210B5126B0C8119] [WIS][26/03/2013] (.Nom de votre société - Photo Notifier and Animation Creator.) -- C:\Windows\Installer\11fc0a.msi [1106944] [MD5.B00F764E6C226FCD4ABBAA9A0BC85F83] [WIS][19/10/2013] (.DeviceManagementQFolder - DeviceManagementQFolder.) -- C:\Windows\Installer\402e4.msi [121344] [MD5.F1E5D00A4726D74843AA2A06179DFD36] [WIS][19/10/2013] (.eSupportQFolder - eSupportQFolder.) -- C:\Windows\Installer\4030c.msi [121344] [MD5.CECB974B0C84E394F7DEEF604516DF54] [WIS][19/10/2013] (.CustomerResearchQFolder - CustomerResearchQFolder.) -- C:\Windows\Installer\4032b.msi [121344] [MD5.09E8C7506F124F95A174DADF3A99C501] [WIS][19/10/2013] (.HP - GPS.) -- C:\Windows\Installer\40340.msi [1574912] [MD5.E60E774ADF3AA2D33934A0DB7D43F4DF] [WIS][19/10/2013] (.DocumentViewerQFolder - DocumentViewerQFolder.) -- C:\Windows\Installer\40349.msi [121344] [MD5.95F3D3728146A02222CABD03FDCBD118] [WIS][20/03/2013] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\5657b.msi [24064] =>Toolbar.Google [MD5.21EB3C26B0E4DF221273B807903DBA45] [WIS][16/02/2013] (.Micro Application - Cartes de visite.) -- C:\Windows\Installer\7d00ce.msi [8997376] [MD5.C3B9817A8A973FAB5AE4BF14BF41E17E] [WIS][16/02/2013] (.Micro Application - Scrapbook.) -- C:\Windows\Installer\7d00d7.msi [8902144] [MD5.DCD3F6ED60C49F89B5D8C32FE5BFEEC0] [WIS][16/02/2013] (.Micro Application - Blank Project Template.) -- C:\Windows\Installer\7d00ea.msi [6220800] [MD5.D6E3447FAA9009FDA8EF18A784A7F6CD] [WIS][08/02/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\8c41474.msi [3673600] ~ WIS: 76 Scanned in 00mn 05s ---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe SS - | Demand 09/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Auto 20/03/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 20/03/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SR - | Demand 20/03/2013 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Demand 18/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe SR - | Auto 18/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe SR - | Auto 19/06/2012 462088 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe SR - | Auto 19/07/2012 277824 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe SR - | Auto 18/01/2008 21504 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 18/01/2013 639776 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SS - | Auto 25/02/2013 1260320 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe SR - | Auto 18/01/2008 21504 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 18/01/2013 383264 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe SR - | Auto 01/10/2013 5087584 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe SR - | Auto 19/07/2012 365376 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe SS - | Auto 18/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 18/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 05s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by admin at 26/10/2013 11:52:28 device: opened successfully user: MBR read successfully Disk trace: kernel: MBR read successfully user & kernel MBR OK ~ MBR: 9 Scanned in 00mn 02s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by admin at 26/10/2013 11:52:30 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 04s ---\\ Scan Additionnel (O88) Database Version : 12960 - (25/10/2013) Clés trouvées (Keys found) : 12 Valeurs trouvées (Values found) : 2 Dossiers trouvés (Folders found) : 7 Fichiers trouvés (Files found) : 12 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4D91-8333-CF10577473F7}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] =>Toolbar.Google^ [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software [HKLM\Software\Classes\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}] =>Adware.Yontoo [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo [HKLM\Software\DataMngr] =>Adware.Bandoo [HKCU\Software\Softonic] =>Toolbar.Conduit [HKLM\Software\Tarma Installer] =>PUP.Tarma [HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc] =>Hijacker.22find [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^ C:\Program Files\Desk 365 =>Hijacker.22Find^ C:\ProgramData\Babylon =>Toolbar.Babylon^ C:\Users\admin\AppData\Roaming\Babylon =>Toolbar.Babylon^ C:\Users\admin\AppData\Roaming\Desk 365 =>Hijacker.22Find^ C:\Users\admin\AppData\Roaming\GoforFiles =>P2P.GoforFiles^ C:\Program Files\Common Files\337 =>Hijacker.22find C:\Users\admin\AppData\Local\Temp\Desk365 =>Hijacker.22find [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowPrinters: Modified =>PUA.StartShow ^ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google^ [HKCU\Software\GoforFiles] =>P2P.GoforFiles^ [HKLM\Software\Babylon] =>Toolbar.Babylon^ [HKLM\Software\GoforFiles] =>P2P.GoforFiles^ C:\Users\admin\AppData\Local\Temp\uninst1.exe =>Toolbar.Babylon^ C:\Users\admin\AppData\Local\Temp\uninstall796650.exe =>P2P.GoforFiles^ [HKCU\Software\5928cd9b36aba44] =>Toolbar.Babylon^^ C:\Windows\Installer\5657b.msi =>Toolbar.Google^ C:\Users\admin\AppData\Local\Temp\GoogleToolbarInstaller1.log =>Toolbar.Babylon C:\Users\admin\AppData\Local\Temp\GoogleToolbarInstaller2.log =>Toolbar.Babylon ~ Additionnel Scan: 349972 Items scanned in 00mn 40s ---\\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/34077727-pua-startshow =>PUA.StartShow ~ http://nicolascoolman.webs.com/apps/blog/show/32384220-toolbar-google =>Toolbar.Google ~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch ~ http://nicolascoolman.webs.com/apps/blog/show/26630379-hijacker-22find =>Hijacker.22Find ~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit ~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon ~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr ~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma ~ http://nicolascoolman.webs.com/apps/blog/show/27672211-pup-v9software =>PUP.V9Software ~ http://nicolascoolman.webs.com/apps/blog/show/26811836-adware-yontoo =>Adware.Yontoo ~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo ~ MSI: 11 link(s) detected in 00mn 41s End of the scan (2085 lines in 03mn 19s)(2)