zurlinden

Membres

Afficher le profil Afficher son activité

Compteur de contenus
106
Inscription
le 5 juin 2006
Dernière visite
le 22 février 2021
Jours gagnés
1

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par zurlinden

[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

zurlinden a répondu à un(e) sujet de zurlinden dans Analyses et éradication malwares

voilà ce que ça donne: Rapport de SFTGC (Pierre13) du Samedi 23 Novembre 2013 à 20:00:05 version : 2.0.0.55 Mis à jour le 12/09/2013 Outil lancé en Mode normal et En tant qu'administrateur Windows 8 64 bits Tool start in C:\Users\martial\Downloads 589 éléments supprimés => 39.73 Mo libérés. (54 s) C:\Users\martial\AppData\Local\Temp\upr307C.tmp C:\Users\martial\AppData\Local\Temp\~nsu.tmp C:\Users\martial\AppData\Local\Temp\~nsu.tmp\Au_.exe C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\AdwCleaner.lnk C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\AdwCleaner[R0].lnk C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\AdwCleaner[S0].lnk C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\desktop.ini C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\Documents.lnk C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\http--www.ludi.com-.lnk C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\JRT.lnk C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\LBP.XLS.lnk C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\PERSO.lnk C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\virus.lnk C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\ZHPDiag.lnk C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\ZHPFixReport.lnk C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\28c8b86deab549a1.customDestinations-ms C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\74d7f43c1561fc1e.customDestinations-ms C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccc0fa1b9f86f7b3.customDestinations-ms C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\5d696d521de238c3.automaticDestinations-ms C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\d64293cd816830d0.automaticDestinations-ms C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\e36bfc8972e5ab1d.automaticDestinations-ms C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\f01b4d95cf55d32a.automaticDestinations-ms C:\Users\martial\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\f3c90dec42360729.automaticDestinations-ms C:\Users\martial\AppData\Local\Microsoft\SmartScreen\ARC1419.tmp C:\Users\martial\AppData\Local\Microsoft\SmartScreen\ARC15EB.tmp C:\Users\martial\AppData\Local\Microsoft\SmartScreen\ARC2168.tmp C:\Users\martial\AppData\Local\Microsoft\SmartScreen\ARC28B0.tmp C:\Users\martial\AppData\Local\Microsoft\SmartScreen\ARC379A.tmp C:\Users\martial\AppData\Local\Microsoft\SmartScreen\ARC3876.tmp C:\Users\martial\AppData\Local\Microsoft\SmartScreen\ARC39B4.tmp C:\Users\martial\AppData\Local\Microsoft\SmartScreen\ARC3E32.tmp C:\Users\martial\AppData\Local\Microsoft\SmartScreen\ARC558.tmp C:\Users\martial\AppData\Local\Microsoft\SmartScreen\ARC6432.tmp C:\Users\martial\AppData\Local\Microsoft\SmartScreen\ARC7BED.tmp C:\Users\martial\AppData\Local\Microsoft\SmartScreen\ARC8418.tmp C:\Users\martial\AppData\Local\Microsoft\SmartScreen\ARC8863.tmp C:\Users\martial\AppData\Local\Microsoft\SmartScreen\ARC9085.tmp C:\Users\martial\AppData\Local\Microsoft\SmartScreen\ARC9DFB.tmp C:\Users\martial\AppData\Local\Microsoft\SmartScreen\ARCD687.tmp C:\Users\martial\AppData\Local\Microsoft\SmartScreen\ARCE08F.tmp C:\Users\martial\AppData\Local\Microsoft\SmartScreen\ARCFB8F.tmp C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\03C2624375988154FBF20373B7D495E8_4CE1399DE4CEDD0087BBFC0689796C3F C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0B1B84E1509125064E3D44331C3817C2_3E6BB635115BB4A3C7C9DF5009227113 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_13D04765184245BACBADE6B481C0B93F C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_20020A3B6E9BC56980B4DAFD19FB87B8 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_31B4375F30CFD88C4F841BDC203B76D7 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_3BFC9FA9EB679808BA753CC377CC3671 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_7CD9983AD778D45F40A885A5B6D79EF6 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_86D3F159CB1C10E9A85FC2F8CF96D8A7 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_A1FCA30AC310D8EAE948F012B2135AEE C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_B9C22DB4E24EA3CE6502C7702DEEC49B C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_BFF3E82445C199812E8EC4CC74EA6FD4 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_D0391B6FFF376D887B6687A3A7BB5FDF C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_DEC353EC8C3D343E2C6259217C5AA748 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_EC2B8F0C530DA57B6BD72F9ED19E4B95 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_F0ED2E2E4C18AF767323D306D9F72B9E C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1F39B5CFACECFDE48DB25BCA2231FAC6_A8505893D5577B600C9E81545EA5091D C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\23B523C9E7746F715D33C6527C18EB9D C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\26AD01F9C002FAD37427E734302383D8_05C6D3E71E89B60FA438215AD56E8191 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\27371171D8BBA336302695C6CEB04833 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2A1B7D4872B847D875663438862EEAE9_C4E2769EE6DA526B40E335D794DF94A8 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\30F7B429BB1DACA9B591B41E016BED66_F6024CD0767F1B4C9F060C7479C6DC83 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C3948BE6E525B8A8CEE9FAC91C9E392_D3239BADA8ED0BB5E238AEB79C541B8F C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C3948BE6E525B8A8CEE9FAC91C9E392_D5DDFAB42EFB0088195E950E60A6F50F C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4309200C3DBAD0F6F0DFACE9165FD092 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\49514950C94E8026A2B06312597DFF49_569BD946168DB279A65378F7D088CFD0 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\49514950C94E8026A2B06312597DFF49_AFC22B77ED08EE3E2B28B6DE75CADDF5 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4BF36D32316DF6B21360F1A8997CD3E2 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4DD39726D4B55AC3B4119B35A893323C_0CFAE883DC130A58A591FE4EB9C6188E C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4DD39726D4B55AC3B4119B35A893323C_326CA95402CB60B6A60C4129D07E3080 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4E29C7E9E83048EFCCC5C3D57B6818DB C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5457A8CE4B2A7499F8299A013B6E1C7C_BD1446EE1580F7EA207C073F7ABA5015 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\566A973C3ADBC70963C072413659C1CB_39482AEE62881116513CBB19A044403F C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5A4015022CE0B085A0D1DF19E89151D0 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5BF987767EE121EB773E3E93D13C2F30_0B2AEF4FE043D0F11F387BBA16F05698 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5BF987767EE121EB773E3E93D13C2F30_EF26754C41825C23E00A83FE50225A1A C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AA3321A15A787985201D7A6820782F0_0AB46376AFB6F40B0426680E3025D384 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AA3321A15A787985201D7A6820782F0_35BFA9D40D21E81B408449EB9D85CCA4 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AA3321A15A787985201D7A6820782F0_4E35DE6F4FCFB7BE2C045F6B5ED89FC8 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6F0788892ECB795F56E658EDB1CA93AA_97391A8AEC40894166C06DB26C0B2F29 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6F0788892ECB795F56E658EDB1CA93AA_BE22580611FA5379F4C272D9515D1581 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_11D7BA58D75E54D622A3AD9CDF9905BB C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\783DF2F5A7C9BC04C36663632D14B993_09E6BFC8958A4903B51F28C3DF0B32CC C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\783DF2F5A7C9BC04C36663632D14B993_169DE3439FD2D9FE0AE07883B5A27A1B C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_0CEA468132C315C57095D808C7EF6A6A C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_1800A2B6DBCD050F6166C531FEC9CBC2 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_2519C48192CD8ACD7838F805BC293F81 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_3ED75ACD82F369ACA54D90731D46401D C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_5C25CBC044F014C00B0BA9E7FEE400D7 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_83F500F551B7EE7C27E10C290B448CFB C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_9719EA9CB3A43C4285E871D5F39D926E C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_B9CB69BBF501640E54FB8544F6A3AF82 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_BE1A8551BEDA9B47762E969E83952B4C C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7D1F03728133589A90656A87E482B21F C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7D266D9E1E69FA1EEFB9699B009B34C8_8CA7164968F366C9A94AC8E71C4BDD9B C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8059E9A0D314877E40FE93D8CCFB3C69_2F1BD5B4F9DBD26AB429C868029F876C C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8059E9A0D314877E40FE93D8CCFB3C69_3B544D333012FB463337A933E27FA00D C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8059E9A0D314877E40FE93D8CCFB3C69_4C5DEEF9B07E1262542AE6C030C69253 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8059E9A0D314877E40FE93D8CCFB3C69_6B51F8B211C8D2BE9261A66582B5351E C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8059E9A0D314877E40FE93D8CCFB3C69_72A8A3227555B8D9D0FEB7CED8B1BFBF C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8059E9A0D314877E40FE93D8CCFB3C69_88139EB4B3E9796D15327C2EC2F34CF5 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8059E9A0D314877E40FE93D8CCFB3C69_8A4ABE81D0B05920BC2AAF871936BF40 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8059E9A0D314877E40FE93D8CCFB3C69_918340BA089892122B5626AE042DBBDE C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8059E9A0D314877E40FE93D8CCFB3C69_95BE0E24685C739E0287588432223979 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8059E9A0D314877E40FE93D8CCFB3C69_B7F0B98819D6838FEFEBC351CA792E82 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8059E9A0D314877E40FE93D8CCFB3C69_C7911349A4546D0BB1F96FCC090CF908 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8059E9A0D314877E40FE93D8CCFB3C69_D43DCC4666343EAF47AAA7427A5FCDEB C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8059E9A0D314877E40FE93D8CCFB3C69_F0D84CB7919AFA8EDA0C1950AA5534A1 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8059E9A0D314877E40FE93D8CCFB3C69_F2EFD568D6CA72D7BC802424E3F92B9A C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\855CF405355328EC482A28D56A44CFB0_58A21FF826D0308E7A4A9C9C218A1D09 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\855CF405355328EC482A28D56A44CFB0_EF2197C1097E28A6F8B6C94BE1AD75DB C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8890A77645B73478F5B1DED18ACBF795_1E5D470765E0BE1964814B1F5A3581DC C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8890A77645B73478F5B1DED18ACBF795_96DEA2BAAACB5C7A91C910F0C6DB31C3 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8A9510437CB4EEB09F4B3AC2BC980E19 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8D3DBC545CD7FD762AF52F70D3AFA3A8_764E8C684D7F2A15B101AF9E5FC111EA C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8EBFACB3A66359F9514D044C86BA4794 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\91ECFED5143F7F4F4576655D8EFAB51C_1F847B9F56D0487C4E3C0F43B0A50367 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\955CAB6FF6A24D5820D50B5BA1CF79C7_0D0504E280D4BC90041F089A5D901106 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\955CAB6FF6A24D5820D50B5BA1CF79C7_AD9E7615297A3A83320AACE5801A04F9 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\955CAB6FF6A24D5820D50B5BA1CF79C7_CFEA3385E24D822B0027B3D9A091B242 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9EC3B71635F8BA3FC68DE181A104A0EF_C79CD306037D98FEE12E7BFC8B892833 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A3C4F17BF8CB09C3DF2A086B36306B5C_3F00B80E8934BD1F72A8282F3F394A45 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A8FABA189DB7D25FBA7CAC806625FD30 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\AC9005F5466BD463DF06D711B370595F C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BBB768C456D9E2DCD3EF595C400D483D_64C05B9EB32FC3D0CE6CB126561EEBFF C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BD8A14C7C024625432CC03FE72E47EF0_35DB72DF5C829F76FA820993F2C82D80 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BD8A14C7C024625432CC03FE72E47EF0_6FD1BEFD298F4FD3EE4B4EE2E6631CC7 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BD8A14C7C024625432CC03FE72E47EF0_BC4EC46B2A6D9424FFBAF3A0C035586C C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C5C16E8B8D126375C32C54465617D152_E89BE6285BCA3816E41A2C36E7E420A5 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CA7B2D59B4E9BC2D316D1AECDFC12F63_68E0BD50FB6728A2D6BF5880FD8775B3 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CA7B2D59B4E9BC2D316D1AECDFC12F63_C1E12B24931DF30EF8125657DA7A408C C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CD8C121BC8135099F7941729A0B24F8A C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D0197CD123129A6D466C5F0FC1584EA2_1908307EAA0BB901F9AC41F4F1B03E99 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D0197CD123129A6D466C5F0FC1584EA2_23221D1FBCC67200057A8CF6B3E2276C C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D0197CD123129A6D466C5F0FC1584EA2_756E57A0CDEB435E973D0DD36C2A2A61 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D0197CD123129A6D466C5F0FC1584EA2_8966E2D68DC048BC0518A9129C1EE35E C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D0197CD123129A6D466C5F0FC1584EA2_A4A32417B696E82BE39AEA21B534F467 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D0197CD123129A6D466C5F0FC1584EA2_CBD7F5ED2D99231AE5EBDFCE72CB4255 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D0197CD123129A6D466C5F0FC1584EA2_CD4973DFB3CD26EE2FAE2BEE6FA3FBF8 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D0197CD123129A6D466C5F0FC1584EA2_D497ABC833AA0B4AB6F096704DEBCF9C C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D0197CD123129A6D466C5F0FC1584EA2_D533E63DDB6789186EA26CE5DF894562 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D33BA91FECBE98D217EE38BE0B2B0EF5 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EE44ECA143B76F2B9F2A5AA75B5D1EC6_847118BE2683F0C241D1D702F3A3F5F9 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F4B372709D6C2AD766C34D274501DC76_0336A3E438E66920481D8300B8B34509 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FB788E090BC1F3AA2FBC9E8FB2859601 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FCEA474F228C13CD0DAD678431D0ACFC C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FE4CE54DB2FF4A306DFFD2A15CCE2909_D51F0EB505E8BF26A100088B8F74D0A2 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\03C2624375988154FBF20373B7D495E8_4CE1399DE4CEDD0087BBFC0689796C3F C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0B1B84E1509125064E3D44331C3817C2_3E6BB635115BB4A3C7C9DF5009227113 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_13D04765184245BACBADE6B481C0B93F C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_20020A3B6E9BC56980B4DAFD19FB87B8 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_31B4375F30CFD88C4F841BDC203B76D7 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_3BFC9FA9EB679808BA753CC377CC3671 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_7CD9983AD778D45F40A885A5B6D79EF6 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_86D3F159CB1C10E9A85FC2F8CF96D8A7 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_A1FCA30AC310D8EAE948F012B2135AEE C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_B9C22DB4E24EA3CE6502C7702DEEC49B C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_BFF3E82445C199812E8EC4CC74EA6FD4 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_D0391B6FFF376D887B6687A3A7BB5FDF C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_DEC353EC8C3D343E2C6259217C5AA748 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_EC2B8F0C530DA57B6BD72F9ED19E4B95 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_F0ED2E2E4C18AF767323D306D9F72B9E C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1F39B5CFACECFDE48DB25BCA2231FAC6_A8505893D5577B600C9E81545EA5091D C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\23B523C9E7746F715D33C6527C18EB9D C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\26AD01F9C002FAD37427E734302383D8_05C6D3E71E89B60FA438215AD56E8191 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\27371171D8BBA336302695C6CEB04833 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2A1B7D4872B847D875663438862EEAE9_C4E2769EE6DA526B40E335D794DF94A8 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\30F7B429BB1DACA9B591B41E016BED66_F6024CD0767F1B4C9F060C7479C6DC83 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C3948BE6E525B8A8CEE9FAC91C9E392_D3239BADA8ED0BB5E238AEB79C541B8F C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C3948BE6E525B8A8CEE9FAC91C9E392_D5DDFAB42EFB0088195E950E60A6F50F C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4309200C3DBAD0F6F0DFACE9165FD092 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\49514950C94E8026A2B06312597DFF49_569BD946168DB279A65378F7D088CFD0 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\49514950C94E8026A2B06312597DFF49_AFC22B77ED08EE3E2B28B6DE75CADDF5 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4BF36D32316DF6B21360F1A8997CD3E2 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4DD39726D4B55AC3B4119B35A893323C_0CFAE883DC130A58A591FE4EB9C6188E C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4DD39726D4B55AC3B4119B35A893323C_326CA95402CB60B6A60C4129D07E3080 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4E29C7E9E83048EFCCC5C3D57B6818DB C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5457A8CE4B2A7499F8299A013B6E1C7C_BD1446EE1580F7EA207C073F7ABA5015 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\566A973C3ADBC70963C072413659C1CB_39482AEE62881116513CBB19A044403F C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5A4015022CE0B085A0D1DF19E89151D0 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5BF987767EE121EB773E3E93D13C2F30_0B2AEF4FE043D0F11F387BBA16F05698 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5BF987767EE121EB773E3E93D13C2F30_EF26754C41825C23E00A83FE50225A1A C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AA3321A15A787985201D7A6820782F0_0AB46376AFB6F40B0426680E3025D384 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AA3321A15A787985201D7A6820782F0_35BFA9D40D21E81B408449EB9D85CCA4 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AA3321A15A787985201D7A6820782F0_4E35DE6F4FCFB7BE2C045F6B5ED89FC8 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6F0788892ECB795F56E658EDB1CA93AA_97391A8AEC40894166C06DB26C0B2F29 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6F0788892ECB795F56E658EDB1CA93AA_BE22580611FA5379F4C272D9515D1581 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_11D7BA58D75E54D622A3AD9CDF9905BB C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\783DF2F5A7C9BC04C36663632D14B993_09E6BFC8958A4903B51F28C3DF0B32CC C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\783DF2F5A7C9BC04C36663632D14B993_169DE3439FD2D9FE0AE07883B5A27A1B C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_0CEA468132C315C57095D808C7EF6A6A C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_1800A2B6DBCD050F6166C531FEC9CBC2 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_2519C48192CD8ACD7838F805BC293F81 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_3ED75ACD82F369ACA54D90731D46401D C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_5C25CBC044F014C00B0BA9E7FEE400D7 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_83F500F551B7EE7C27E10C290B448CFB C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_9719EA9CB3A43C4285E871D5F39D926E C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_B9CB69BBF501640E54FB8544F6A3AF82 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_BE1A8551BEDA9B47762E969E83952B4C C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7D1F03728133589A90656A87E482B21F C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7D266D9E1E69FA1EEFB9699B009B34C8_8CA7164968F366C9A94AC8E71C4BDD9B C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8059E9A0D314877E40FE93D8CCFB3C69_2F1BD5B4F9DBD26AB429C868029F876C C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8059E9A0D314877E40FE93D8CCFB3C69_3B544D333012FB463337A933E27FA00D C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8059E9A0D314877E40FE93D8CCFB3C69_4C5DEEF9B07E1262542AE6C030C69253 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8059E9A0D314877E40FE93D8CCFB3C69_6B51F8B211C8D2BE9261A66582B5351E C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8059E9A0D314877E40FE93D8CCFB3C69_72A8A3227555B8D9D0FEB7CED8B1BFBF C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8059E9A0D314877E40FE93D8CCFB3C69_88139EB4B3E9796D15327C2EC2F34CF5 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8059E9A0D314877E40FE93D8CCFB3C69_8A4ABE81D0B05920BC2AAF871936BF40 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8059E9A0D314877E40FE93D8CCFB3C69_918340BA089892122B5626AE042DBBDE C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8059E9A0D314877E40FE93D8CCFB3C69_95BE0E24685C739E0287588432223979 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8059E9A0D314877E40FE93D8CCFB3C69_B7F0B98819D6838FEFEBC351CA792E82 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8059E9A0D314877E40FE93D8CCFB3C69_C7911349A4546D0BB1F96FCC090CF908 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8059E9A0D314877E40FE93D8CCFB3C69_D43DCC4666343EAF47AAA7427A5FCDEB C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8059E9A0D314877E40FE93D8CCFB3C69_F0D84CB7919AFA8EDA0C1950AA5534A1 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8059E9A0D314877E40FE93D8CCFB3C69_F2EFD568D6CA72D7BC802424E3F92B9A C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\855CF405355328EC482A28D56A44CFB0_58A21FF826D0308E7A4A9C9C218A1D09 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\855CF405355328EC482A28D56A44CFB0_EF2197C1097E28A6F8B6C94BE1AD75DB C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8890A77645B73478F5B1DED18ACBF795_1E5D470765E0BE1964814B1F5A3581DC C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8890A77645B73478F5B1DED18ACBF795_96DEA2BAAACB5C7A91C910F0C6DB31C3 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8A9510437CB4EEB09F4B3AC2BC980E19 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8D3DBC545CD7FD762AF52F70D3AFA3A8_764E8C684D7F2A15B101AF9E5FC111EA C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8EBFACB3A66359F9514D044C86BA4794 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\91ECFED5143F7F4F4576655D8EFAB51C_1F847B9F56D0487C4E3C0F43B0A50367 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\955CAB6FF6A24D5820D50B5BA1CF79C7_0D0504E280D4BC90041F089A5D901106 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\955CAB6FF6A24D5820D50B5BA1CF79C7_AD9E7615297A3A83320AACE5801A04F9 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\955CAB6FF6A24D5820D50B5BA1CF79C7_CFEA3385E24D822B0027B3D9A091B242 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9EC3B71635F8BA3FC68DE181A104A0EF_C79CD306037D98FEE12E7BFC8B892833 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A3C4F17BF8CB09C3DF2A086B36306B5C_3F00B80E8934BD1F72A8282F3F394A45 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\AC9005F5466BD463DF06D711B370595F C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BBB768C456D9E2DCD3EF595C400D483D_64C05B9EB32FC3D0CE6CB126561EEBFF C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BD8A14C7C024625432CC03FE72E47EF0_35DB72DF5C829F76FA820993F2C82D80 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BD8A14C7C024625432CC03FE72E47EF0_6FD1BEFD298F4FD3EE4B4EE2E6631CC7 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BD8A14C7C024625432CC03FE72E47EF0_BC4EC46B2A6D9424FFBAF3A0C035586C C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C5C16E8B8D126375C32C54465617D152_E89BE6285BCA3816E41A2C36E7E420A5 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E7EC0C85688F4738F3BE49B104BA67 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CA7B2D59B4E9BC2D316D1AECDFC12F63_68E0BD50FB6728A2D6BF5880FD8775B3 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CA7B2D59B4E9BC2D316D1AECDFC12F63_C1E12B24931DF30EF8125657DA7A408C C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CD8C121BC8135099F7941729A0B24F8A C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D0197CD123129A6D466C5F0FC1584EA2_1908307EAA0BB901F9AC41F4F1B03E99 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D0197CD123129A6D466C5F0FC1584EA2_23221D1FBCC67200057A8CF6B3E2276C C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D0197CD123129A6D466C5F0FC1584EA2_756E57A0CDEB435E973D0DD36C2A2A61 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D0197CD123129A6D466C5F0FC1584EA2_8966E2D68DC048BC0518A9129C1EE35E C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D0197CD123129A6D466C5F0FC1584EA2_A4A32417B696E82BE39AEA21B534F467 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D0197CD123129A6D466C5F0FC1584EA2_CBD7F5ED2D99231AE5EBDFCE72CB4255 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D0197CD123129A6D466C5F0FC1584EA2_CD4973DFB3CD26EE2FAE2BEE6FA3FBF8 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D0197CD123129A6D466C5F0FC1584EA2_D497ABC833AA0B4AB6F096704DEBCF9C C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D0197CD123129A6D466C5F0FC1584EA2_D533E63DDB6789186EA26CE5DF894562 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D33BA91FECBE98D217EE38BE0B2B0EF5 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EE44ECA143B76F2B9F2A5AA75B5D1EC6_847118BE2683F0C241D1D702F3A3F5F9 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F4B372709D6C2AD766C34D274501DC76_0336A3E438E66920481D8300B8B34509 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FB788E090BC1F3AA2FBC9E8FB2859601 C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FCEA474F228C13CD0DAD678431D0ACFC C:\Users\martial\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FE4CE54DB2FF4A306DFFD2A15CCE2909_D51F0EB505E8BF26A100088B8F74D0A2 C:\Users\martial\AppData\Local\Microsoft\Sqm\WindowsLL\WindowsLL.wns.0.sqm C:\Users\martial\AppData\Local\Microsoft\Sqm\WindowsLL\WindowsLL.wns.1.sqm C:\Users\martial\AppData\Local\Microsoft\Sqm\WindowsLL\WindowsLL.wns.2.sqm C:\Users\martial\AppData\Local\Microsoft\Sqm\WindowsLL\WindowsLL.wns.3.sqm C:\Users\martial\AppData\Local\Microsoft\Sqm\WindowsLL\WindowsLL.wns.4.sqm C:\Users\martial\AppData\Local\Microsoft\Sqm\WindowsLL\WindowsLL.wns.5.sqm C:\Users\martial\AppData\Local\Microsoft\Sqm\WindowsLL\WindowsLL.wns.6.sqm C:\Users\martial\AppData\Local\Microsoft\Sqm\WindowsLL\WindowsLL.wns.7.sqm C:\Users\martial\AppData\Local\Microsoft\Sqm\WindowsLL\WindowsLL.wns.8.sqm C:\Windows\TEMP\GoogleToolbarInstaller1.log C:\Windows\TEMP\grbcsezl.tmp C:\Windows\TEMP\winstore.log C:\Windows\Prefetch\ACERCLOUD DOCS.EXE-BD9B7EA4.pf C:\Windows\Prefetch\ACERCLOUD.EXE-D8BF6DB3.pf C:\Windows\Prefetch\ACEREXPLORER.EXE-CFB053F7.pf C:\Windows\Prefetch\ACER_MEDIA.EXE-A390F5FF.pf C:\Windows\Prefetch\ACPANEL_WIN.EXE-C447F13D.pf C:\Windows\Prefetch\AgAppLaunch.db C:\Windows\Prefetch\AgCx_SC1.db C:\Windows\Prefetch\AgCx_SC1.db.trx C:\Windows\Prefetch\AgCx_SC2.db C:\Windows\Prefetch\AgCx_SC4.db C:\Windows\Prefetch\AgCx_SC5.db C:\Windows\Prefetch\AgGlFaultHistory.db C:\Windows\Prefetch\AgGlFgAppHistory.db C:\Windows\Prefetch\AgGlGlobalHistory.db C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-3778166341-1465188008-936229986-1001.db C:\Windows\Prefetch\AgGlUAD_S-1-5-21-3778166341-1465188008-936229986-1001.db C:\Windows\Prefetch\AgRobust.db C:\Windows\Prefetch\APN_ATU3_.EXE-87D19F27.pf C:\Windows\Prefetch\APN_ATU3_.EXE-F4D7F051.pf C:\Windows\Prefetch\ARA.EXE-A6FD5EAC.pf C:\Windows\Prefetch\ARCSERVER.EXE-E9376B07.pf C:\Windows\Prefetch\ATUBE_CATCHER.EXE-68902735.pf C:\Windows\Prefetch\AUDIODG.EXE-9848A323.pf C:\Windows\Prefetch\AU_.EXE-DE061371.pf C:\Windows\Prefetch\BACKGROUNDTRANSFERHOST.EXE-7DDF8CD2.pf C:\Windows\Prefetch\CASINOCLASSIC.EXE-965C10E3.pf C:\Windows\Prefetch\CASINOGAME.EXE-901BA985.pf C:\Windows\Prefetch\CASINOHOST.EXE-F76EE611.pf C:\Windows\Prefetch\CCLEANER64.EXE-1137D9AC.pf C:\Windows\Prefetch\CCSETUP406.EXE-8A8AFEF2.pf C:\Windows\Prefetch\CHROME.EXE-9812FE60.pf C:\Windows\Prefetch\CHROME.EXE-CCF9F3F4.pf C:\Windows\Prefetch\CHROME.EXE-CD725997.pf C:\Windows\Prefetch\CHROME_LOGIC.EXE-A2D5F3D3.pf C:\Windows\Prefetch\CLEARFIMEDIA.EXE-A3E741D8.pf C:\Windows\Prefetch\CLEARFIPHOTO.EXE-2A1AA70C.pf C:\Windows\Prefetch\CMD.EXE-2EB3E6E2.pf C:\Windows\Prefetch\CMD.EXE-CD245F9E.pf C:\Windows\Prefetch\CONHOST.EXE-F98A1078.pf C:\Windows\Prefetch\CONSENT.EXE-2D674CE4.pf C:\Windows\Prefetch\CREDENTIALUIBROKER.EXE-E9F92FD0.pf C:\Windows\Prefetch\CSC.EXE-4D47A477.pf C:\Windows\Prefetch\CSCRIPT.EXE-E9FF6526.pf C:\Windows\Prefetch\CSRSS.EXE-A7A2B218.pf C:\Windows\Prefetch\CVTRES.EXE-9077A165.pf C:\Windows\Prefetch\DEFRAG.EXE-22AD8A37.pf C:\Windows\Prefetch\DELEGATE_EXECUTE.EXE-8869DDC1.pf C:\Windows\Prefetch\DISPLAYSWITCH.EXE-4D432882.pf C:\Windows\Prefetch\DLLHOST.EXE-29741569.pf C:\Windows\Prefetch\DLLHOST.EXE-38926D07.pf C:\Windows\Prefetch\DLLHOST.EXE-50AF0BCC.pf C:\Windows\Prefetch\DLLHOST.EXE-6AA5D6C5.pf C:\Windows\Prefetch\DLLHOST.EXE-8329E055.pf C:\Windows\Prefetch\DLLHOST.EXE-8D368B00.pf C:\Windows\Prefetch\DM.EXE-F8223D18.pf C:\Windows\Prefetch\DM.TMP-273C4831.pf C:\Windows\Prefetch\DRVINST.EXE-26FFA444.pf C:\Windows\Prefetch\DWM.EXE-F29FE9E2.pf C:\Windows\Prefetch\dynreservedpri.db C:\Windows\Prefetch\EPFWUPD.EXE-F5A224DF.pf C:\Windows\Prefetch\EPOWERBUTTON.EXE-98D06F6A.pf C:\Windows\Prefetch\EPSDNAVI.EXE-8DC42140.pf C:\Windows\Prefetch\EPSDNEUL.EXE-66511C66.pf C:\Windows\Prefetch\EPSDNLMW32.EXE-883AC649.pf C:\Windows\Prefetch\EPSDNLMW64.EXE-DF3D8F0A.pf C:\Windows\Prefetch\EPSDNRUD.EXE-589D8DEF.pf C:\Windows\Prefetch\ERUNT.EXE-4FB63CC1.pf C:\Windows\Prefetch\ESCSVC64.EXE-852139C7.pf C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf C:\Windows\Prefetch\E_FBCSIKE.EXE-E9197C7E.pf C:\Windows\Prefetch\E_IARNIKE.EXE-385A9BEA.pf C:\Windows\Prefetch\E_IATIIKE.EXE-B5F51193.pf C:\Windows\Prefetch\E_IUCIKE.EXE-E59C94CD.pf C:\Windows\Prefetch\E_S50RPB.EXE-682182D5.pf C:\Windows\Prefetch\E_UPEULA.EXE-DA3FD22F.pf C:\Windows\Prefetch\FIRSTRUN.EXE-3834855C.pf C:\Windows\Prefetch\FLASHUTIL_ACTIVEX.EXE-4E6AE223.pf C:\Windows\Prefetch\GLCND.EXE-DD45F588.pf C:\Windows\Prefetch\GOOGLETOOLBARMANAGER_08875ABF-6CE8F09A.pf C:\Windows\Prefetch\GOOGLEUPDATE.EXE-1E258418.pf C:\Windows\Prefetch\GOOGLEUPDATE.EXE-62E5E10F.pf C:\Windows\Prefetch\GOOGLEUPDATE.EXE-E5BC710D.pf C:\Windows\Prefetch\GOOGLEUPDATERSERVICE.EXE-5B31194A.pf C:\Windows\Prefetch\GUSD628.TMP-267DE387.pf C:\Windows\Prefetch\HWUPDCHK.EXE-9AC16830.pf C:\Windows\Prefetch\IEXPLORE.EXE-6C28DB75.pf C:\Windows\Prefetch\IEXPLORE.EXE-6C28DB76.pf C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2D.pf C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf C:\Windows\Prefetch\IM.EXE-135FFAE3.pf C:\Windows\Prefetch\INS3505.EXE-95E26A3F.pf C:\Windows\Prefetch\INSTALL.EXE-29259016.pf C:\Windows\Prefetch\INSTALL.EXE-92ADCC61.pf C:\Windows\Prefetch\LADS.EXE-BC89FD22.pf C:\Windows\Prefetch\LANG.EXE-38F4F462.pf C:\Windows\Prefetch\Layout.ini C:\Windows\Prefetch\LCBELOTE.EXE-C2BB5F6D.pf C:\Windows\Prefetch\LCDIAG.EXE-54173065.pf C:\Windows\Prefetch\LCPLUGIN27 (1).EXE-641DB045.pf C:\Windows\Prefetch\LCPLUGIN27.EXE-1D69120A.pf C:\Windows\Prefetch\LCPLUGIN27.EXE-D073CFC3.pf C:\Windows\Prefetch\LCSOLITAIRE.EXE-4E0B3917.pf C:\Windows\Prefetch\LCTAROT.EXE-9F391393.pf C:\Windows\Prefetch\LOGONUI.EXE-E35F76FB.pf C:\Windows\Prefetch\LUDI.EXE-0B61340F.pf C:\Windows\Prefetch\MAJFSTFR.EXE-93B18083.pf C:\Windows\Prefetch\MAJFSTFR.TMP-BB03496E.pf C:\Windows\Prefetch\MBRCHECK.EXE-52282269.pf C:\Windows\Prefetch\MCAGENT.EXE-5C1A32B3.pf C:\Windows\Prefetch\MCAGENT.EXE-88404BE0.pf C:\Windows\Prefetch\MCHLP32.EXE-6171D8A8.pf C:\Windows\Prefetch\MCHLP32.EXE-C76241FD.pf C:\Windows\Prefetch\MCHOST.EXE-428069A1.pf C:\Windows\Prefetch\MCINFO.EXE-545FA787.pf C:\Windows\Prefetch\MCINFO.EXE-7515B06C.pf C:\Windows\Prefetch\MCINSTRU.EXE-F710CFF1.pf C:\Windows\Prefetch\MCMIGRATOR.EXE-B8880D01.pf C:\Windows\Prefetch\MCMIGR~1.EXE-564F8E99.pf C:\Windows\Prefetch\MCOCROLLBACK.EXE-48449529.pf C:\Windows\Prefetch\MCODS.EXE-B2C51095.pf C:\Windows\Prefetch\MCSMTFWK.EXE-C4692801.pf C:\Windows\Prefetch\MCSVHOST.EXE-57FFFCAE.pf C:\Windows\Prefetch\MCSVHOST.EXE-A6A2EB7B.pf C:\Windows\Prefetch\MCSVRCNT.EXE-3C30113B.pf C:\Windows\Prefetch\MCSYNC.EXE-8559D2BC.pf C:\Windows\Prefetch\MCSYNC.EXE-A60FDBA1.pf C:\Windows\Prefetch\MCUICNT.EXE-050F1A86.pf C:\Windows\Prefetch\MCUICNT.EXE-D0E68351.pf C:\Windows\Prefetch\MCUIHOST.EXE-AE5E0AD4.pf C:\Windows\Prefetch\MCUPDATE.EXE-C6EAC66C.pf C:\Windows\Prefetch\MCUPDMGR.EXE-73F1857E.pf C:\Windows\Prefetch\MCVSMAP.EXE-64B21786.pf C:\Windows\Prefetch\MCVSSHLD.EXE-F69E7D8B.pf C:\Windows\Prefetch\MINIREG.EXE-E64BE2B3.pf C:\Windows\Prefetch\MPCMDRUN.EXE-6520183E.pf C:\Windows\Prefetch\MPFALERT.EXE-073C8D87.pf C:\Windows\Prefetch\MSCORSVW.EXE-55FE3087.pf C:\Windows\Prefetch\MSCORSVW.EXE-D593A5D9.pf C:\Windows\Prefetch\MSDT.EXE-A16F1692.pf C:\Windows\Prefetch\MSIEXEC.EXE-7D20CFB0.pf C:\Windows\Prefetch\MSIEXEC.EXE-BAE57A74.pf C:\Windows\Prefetch\MSOOBE.EXE-AE41C2E0.pf C:\Windows\Prefetch\NARRATOR.EXE-6ADE25EF.pf C:\Windows\Prefetch\NGEN.EXE-383F81D5.pf C:\Windows\Prefetch\NGEN.EXE-A8DBB043.pf C:\Windows\Prefetch\NGENTASK.EXE-4DB88ADA.pf C:\Windows\Prefetch\NGENTASK.EXE-CD4E002C.pf C:\Windows\Prefetch\NOBUCLIENT.EXE-74C4A059.pf C:\Windows\Prefetch\NOTEPAD.EXE-F0516D55.pf C:\Windows\Prefetch\NOTIFICATION.EXE-DF0C3CF0.pf C:\Windows\Prefetch\NSLOOKUP.EXE-EB35EDAD.pf C:\Windows\Prefetch\NVCPLUI.EXE-B2F25190.pf C:\Windows\Prefetch\NVTRAY.EXE-981FA625.pf C:\Windows\Prefetch\NVVSVC.EXE-D5489D80.pf C:\Windows\Prefetch\NVXDSYNC.EXE-7855AED2.pf C:\Windows\Prefetch\Op-EXPLORER.EXE-03C49D11-000000F5.pf C:\Windows\Prefetch\OPENOFFICE (1).EXE-3B29EBF3.pf C:\Windows\Prefetch\OPENOFFICE.EXE-1078DF86.pf C:\Windows\Prefetch\OPENOFFICE.EXE-8048CF31.pf C:\Windows\Prefetch\OPENWITH.EXE-BA0DC300.pf C:\Windows\Prefetch\PACKAGE_WAJAM_INSTALLER_CH_16-26865FC7.pf C:\Windows\Prefetch\PACKAGE_WAJAM_INSTALLER_CH_16-97FD7753.pf C:\Windows\Prefetch\PfSvPerfStats.bin C:\Windows\Prefetch\PICKERHOST.EXE-03F09186.pf C:\Windows\Prefetch\PICKERHOST.EXE-103A256A.pf C:\Windows\Prefetch\POKERSTARS.EXE-8628E145.pf C:\Windows\Prefetch\POKERSTARSINSTALLFR.EXE-ADAFE9B9.pf C:\Windows\Prefetch\POKERSTARSUPDATE.EXE-0FBB664C.pf C:\Windows\Prefetch\PREDM.EXE-CEC1FEFA.pf C:\Windows\Prefetch\PREDM.TMP-D4C7932E.pf C:\Windows\Prefetch\PV.EXE-D9D90B9C.pf C:\Windows\Prefetch\QCSHM.EXE-706708ED.pf C:\Windows\Prefetch\QUICKSTART.EXE-98196C21.pf C:\Windows\Prefetch\RAVCPL64.EXE-C0BB540D.pf C:\Windows\Prefetch\ReadyBoot C:\Windows\Prefetch\REG.EXE-CC1AF0A4.pf C:\Windows\Prefetch\REGEDIT.EXE-FA6F6DA2.pf C:\Windows\Prefetch\REGSVR32.EXE-E1DBB6D8.pf C:\Windows\Prefetch\REMARKIT_UP.EXE-703396F6.pf C:\Windows\Prefetch\REVO-UNINSTALLER.EXE-96FBFD73.pf C:\Windows\Prefetch\REVOUNINSTALLER.EXE-3D1962E3.pf C:\Windows\Prefetch\RICONBOY.EXE-A045F34B.pf C:\Windows\Prefetch\RUNDLL32.EXE-16B8AFA3.pf C:\Windows\Prefetch\RUNDLL32.EXE-16C21C81.pf C:\Windows\Prefetch\RUNDLL32.EXE-210D3DBE.pf C:\Windows\Prefetch\RUNDLL32.EXE-3714B256.pf C:\Windows\Prefetch\RUNDLL32.EXE-615B0FDD.pf C:\Windows\Prefetch\RUNDLL32.EXE-676DE1C7.pf C:\Windows\Prefetch\RUNDLL32.EXE-92038889.pf C:\Windows\Prefetch\RUNDLL32.EXE-B865F023.pf C:\Windows\Prefetch\RUNDLL32.EXE-C8891C4B.pf C:\Windows\Prefetch\RUNDLL32.EXE-D21DCFE7.pf C:\Windows\Prefetch\RUNDLL32.EXE-E169B5E5.pf C:\Windows\Prefetch\RUNDLL32.EXE-EA0A52C8.pf C:\Windows\Prefetch\RUNDLL32.EXE-EE2FB4D9.pf C:\Windows\Prefetch\RUNDLL32.EXE-F30D6DDE.pf C:\Windows\Prefetch\RUNONCE.EXE-E874B0D0.pf C:\Windows\Prefetch\RUNTIMEBROKER.EXE-17E2786F.pf C:\Windows\Prefetch\SAUPD.EXE-C3B1E227.pf C:\Windows\Prefetch\SCALC.EXE-5046D548.pf C:\Windows\Prefetch\SCHTASKS.EXE-0AD36442.pf C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-10E4267C.pf C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-C6CFE2A8.pf C:\Windows\Prefetch\SETTINGSYNCHOST.EXE-DD400067.pf C:\Windows\Prefetch\SETUP.EXE-0D9B8E5A.pf C:\Windows\Prefetch\SETUP.EXE-11DF3670.pf C:\Windows\Prefetch\SETUP.EXE-5E268D1B.pf C:\Windows\Prefetch\SETUP.EXE-7B286221.pf C:\Windows\Prefetch\SETUP.EXE-9A689348.pf C:\Windows\Prefetch\SETUP.EXE-AADA2285.pf C:\Windows\Prefetch\SETUP.EXE-C00D5373.pf C:\Windows\Prefetch\SETUP.EXE-C50EEFDB.pf C:\Windows\Prefetch\SETUP.EXE-F818D81C.pf C:\Windows\Prefetch\SETUP64.EXE-0ED4364E.pf C:\Windows\Prefetch\SETUP_WM.EXE-5D2609E7.pf C:\Windows\Prefetch\SFTGC (2).EXE-848360DA.pf C:\Windows\Prefetch\SHAPECOLLECTOR.EXE-0B10816F.pf C:\Windows\Prefetch\SMSS.EXE-81AD91F0.pf C:\Windows\Prefetch\SNDVOL.EXE-276AC160.pf C:\Windows\Prefetch\SOFFICE.BIN-72E915F8.pf C:\Windows\Prefetch\SOFFICE.EXE-7F5AFD1D.pf C:\Windows\Prefetch\SPLWOW64.EXE-853292E2.pf C:\Windows\Prefetch\SPPSVC.EXE-7B160CA5.pf C:\Windows\Prefetch\SRTASKS.EXE-29C2E869.pf C:\Windows\Prefetch\SUBINACL.EXE-D08B2113.pf C:\Windows\Prefetch\SUMP.EXE-9DEFAA97.pf C:\Windows\Prefetch\SVCHOST.EXE-5511E724.pf C:\Windows\Prefetch\SVCHOST.EXE-574A519D.pf C:\Windows\Prefetch\SVCHOST.EXE-5B401A7E.pf C:\Windows\Prefetch\SWRITER.EXE-FDA9E68A.pf C:\Windows\Prefetch\SYSTEMRESET.EXE-3E7CD9FA.pf C:\Windows\Prefetch\SYSTEMSETTINGS.EXE-D8CC3B5E.pf C:\Windows\Prefetch\SYSTPL.EXE-DEAA3B41.pf C:\Windows\Prefetch\SYSTPLSERVICE.EXE-1B10FCEE.pf C:\Windows\Prefetch\TASKENG.EXE-23205583.pf C:\Windows\Prefetch\TASKHOST.EXE-05B3EDF6.pf C:\Windows\Prefetch\TASKHOST.EXE-29D61DAB.pf C:\Windows\Prefetch\TASKHOST.EXE-3C5D03F7.pf C:\Windows\Prefetch\TASKHOST.EXE-86081325.pf C:\Windows\Prefetch\TASKHOST.EXE-985C34E6.pf C:\Windows\Prefetch\TASKHOST.EXE-D687BE54.pf C:\Windows\Prefetch\TASKHOST.EXE-F2C7AEBC.pf C:\Windows\Prefetch\TASKHOSTEX.EXE-7356AAC0.pf C:\Windows\Prefetch\TASKKILL.EXE-3D8A2F61.pf C:\Windows\Prefetch\TASKMGR.EXE-39AABA37.pf C:\Windows\Prefetch\THUMBNAILEXTRACTIONHOST.EXE-C3FB8861.pf C:\Windows\Prefetch\TIWORKER.EXE-375F3D59.pf C:\Windows\Prefetch\TRACER.EXE-A64CDF9C.pf C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-B018CCBF.pf C:\Windows\Prefetch\UNINS000.EXE-8FFE38A7.pf C:\Windows\Prefetch\UNINS000.EXE-A75865BB.pf C:\Windows\Prefetch\UNINSTALL.EXE-EC431C69.pf C:\Windows\Prefetch\UPDATE.EXE-46733ABF.pf C:\Windows\Prefetch\UPDATER.EXE-A8FF2199.pf C:\Windows\Prefetch\UTILMAN.EXE-3520356C.pf C:\Windows\Prefetch\VCREDIST_X64.EXE-4BF2E3A9.pf C:\Windows\Prefetch\VCREDIST_X86.EXE-0841D743.pf C:\Windows\Prefetch\VIRUTALMACHINEDETECT.EXE-D0E4DFC6.pf C:\Windows\Prefetch\VSSVC.EXE-206E55B3.pf C:\Windows\Prefetch\VSTOR30.EXE-71785C53.pf C:\Windows\Prefetch\VSTOR30SP1-KB949258-X86.EXE-7CD949B9.pf C:\Windows\Prefetch\WAJAM.EXE-663FA9F5.pf C:\Windows\Prefetch\WAJAMUPDATERV3.EXE-0651FA7E.pf C:\Windows\Prefetch\WAJAM_DOWNLOAD.EXE-56B20D77.pf C:\Windows\Prefetch\WAJAM_INSTALL.EXE-42318239.pf C:\Windows\Prefetch\WEBCAM.EXE-0FC158C9.pf C:\Windows\Prefetch\WERFAULT.EXE-44194444.pf C:\Windows\Prefetch\WERFAULT.EXE-5FE780D4.pf C:\Windows\Prefetch\WERFAULT.EXE-94CE7668.pf C:\Windows\Prefetch\WERMGR.EXE-6E6280E6.pf C:\Windows\Prefetch\WERMGR.EXE-D948C216.pf C:\Windows\Prefetch\WGET.EXE-E6FAD44E.pf C:\Windows\Prefetch\WINLOGON.EXE-0D9AB72B.pf C:\Windows\Prefetch\WINSHOW.EXE-150E8349.pf C:\Windows\Prefetch\WMIADAP.EXE-7D63BB4C.pf C:\Windows\Prefetch\WMIPRVSE.EXE-0C8A533A.pf C:\Windows\Prefetch\WMIPRVSE.EXE-BB49B536.pf C:\Windows\Prefetch\WUDFHOST.EXE-0D78D366.pf C:\Windows\Prefetch\WWAHOST.EXE-08E78623.pf C:\Windows\Prefetch\WWAHOST.EXE-4C1933AC.pf C:\Windows\Prefetch\WWAHOST.EXE-6132DF3D.pf C:\Windows\Prefetch\WWAHOST.EXE-7761B151.pf C:\Windows\Prefetch\WWAHOST.EXE-7761B15A.pf C:\Windows\Prefetch\WWAHOST.EXE-9178D9A9.pf C:\Windows\Prefetch\WWAHOST.EXE-917C29EF.pf C:\Windows\Prefetch\WWAHOST.EXE-B0D35A7E.pf C:\Windows\Prefetch\WWAHOST.EXE-F7FB8768.pf C:\Windows\Prefetch\XPSRCHVW.EXE-5C2D99EB.pf C:\Windows\Prefetch\YCT.EXE-6FF63400.pf C:\Windows\Prefetch\ZHP 2013.TMP-FB47722B.pf C:\Windows\Prefetch\ZHP2.EXE-298CA9E4.pf C:\Windows\Prefetch\ZHPDIAG.EXE-C7289479.pf C:\Windows\Prefetch\ZHPDIAG2.EXE-4525BB3D.pf C:\Windows\Prefetch\ZHPDIAG2.TMP-2D77A9D8.pf C:\Windows\Prefetch\ZHPDIAG2.TMP-B8313A2A.pf C:\Windows\Prefetch\ZHPFIX.EXE-AFDB3DAC.pf C:\Windows\Prefetch\ZHPHEP.EXE-5F2753B1.pf C:\Windows\Prefetch\ZHPHEP.EXE-8162C2FA.pf C:\Windows\Prefetch\_IU14D2N.TMP-15217156.pf C:\Windows\Prefetch\ReadyBoot\rblayout.xin C:\Windows\Prefetch\ReadyBoot\Trace1.fx C:\Windows\Prefetch\ReadyBoot\Trace10.fx C:\Windows\Prefetch\ReadyBoot\Trace7.fx C:\Windows\Prefetch\ReadyBoot\Trace8.fx C:\Windows\Prefetch\ReadyBoot\Trace9.fx Corbeille vidée. Fin du rapport.
- le 23 novembre 2013
- 23 réponses
[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

zurlinden a répondu à un(e) sujet de zurlinden dans Analyses et éradication malwares

Rapport de ZHPFix 2013.11.19.7 par Nicolas Coolman, Update du 19/11/2013 Fichier d'export Registre : Run by martial at 23/11/2013 19:43:07 High Elevated Privileges : OK Windows 8 Home Premium Edition, 64-bit (Build 9200) Corbeille vidée (00mn 13s) Réparation des raccourcis navigateur ========== Logiciels ========== ABSENT Uninstall Process: c:\program files (x86)\re-markit\uninstall.exe SUPPRIMÉ: fst_fr_17 SUPPRIMÉ: Google Toolbar for Internet Explorer SUPPRIMÉ: eBay Worldwide ========== Processus mémoire ========== SUPPRIMÉ: Memory Process: C:\Program Files (x86)\Re-markit\ReMarkit_up.exe SUPPRIMÉ: Memory Process: C:\Users\martial\AppData\Local\Temp\BoxoreInstaller.exe ========== Clés du Registre ========== SUPPRIMÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{49b4f70f-f101-435c-ac77-0d6be35fbb33}] SUPPRIMÉ: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}] SUPPRIMÉ: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{91589413-6675-4C27-8AFC-EFB9103B90A5}] SUPPRIMÉ: CLSID BHO: {4480ad00-e608-4d22-a592-751680df3262} SUPPRIMÉ: HKCU\Software\AppDataLow\Software\Re_markit SUPPRIMÉ: HKCU\Software\Tutorials SUPPRIMÉ: HKLM\Software\Wow6432Node\Tutorials SUPPRIMÉ: HKLM\Software\Wow6432Node\do-searchSoftware SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160 SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584 SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC SUPPRIMÉ: [HKLM\Software\Classes\Installer\Products\\31498519576672C4A8CFFE9B01B3095A] SUPPRIMÉ: [HKLM\Software\Classes\Installer\Features\31498519576672C4A8CFFE9B01B3095A] ========== Valeurs du Registre ========== SUPPRIMÉ RunValue: fst_fr_17 SUPPRIMÉ: Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} Aucune Valeur Standard Profile: FirewallRaz : Aucune Valeur Domain Profile: FirewallRaz : SUPPRIMÉ: FirewallRaz (Domain) : {808F1451-4108-46FD-ADBB-F17324B5F0BD} SUPPRIMÉ: FirewallRaz (Domain) : {E7985E1D-C36F-4787-80A8-6350D07E9266} ========== Eléments de donnée du Registre ========== SUPPRIMÉ: R0 - Main,Start Page = KLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page SUPPRIMÉ: R0 - Main,Start Page = KLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page SUPPRIMÉ: R1 Search Page = SUPPRIMÉ: StartMenuInternet: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://do-search.com SUPPRIMÉ: StartMenuInternet: C:\Program Files\Internet Explorer\iexplore.exe http://do-search.com ========== Préférences navigateur ========== SUPPRIMÉ Folder Chrome: C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel SUPPRIMÉ Folder Chrome: C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa ========== Dossiers ========== SUPPRIMÉ: C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel SUPPRIMÉ: C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa SUPPRIMÉ Redémarrage:** C:\Program Files (x86)\Re-markit SUPPRIMÉ: c:\program files (x86)\re-markit SUPPRIMÉS Temporaires Windows (70) ========== Fichiers ========== SUPPRIMÉ: c:\users\martial\appdata\local\google\chrome\user data\default\preferences SUPPRIMÉ Redémarrage: c:\program files (x86)\re-markit\135.dll SUPPRIMÉ: c:\users\public\desktop\google chrome.lnk (http://do-search.com) CRÉÉ: C:\Users\Public\Desktop\Google Chrome.lnk SUPPRIMÉ: c:\users\martial\appdata\roaming\microsoft\internet explorer\quick launch\google chrome.lnk (http://do-search.com) CRÉÉ: C:\Users\martial\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk SUPPRIMÉ: c:\users\martial\appdata\roaming\microsoft\internet explorer\quick launch\launch internet explorer browser.lnk (http://do-search.com) CRÉÉ: C:\Users\martial\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk SUPPRIMÉ: c:\users\martial\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\google chrome.lnk (http://do-search.com) CRÉÉ: C:\Users\martial\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk SUPPRIMÉ: c:\users\martial\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\internet explorer.lnk (http://do-search.com) CRÉÉ: C:\Users\martial\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk SUPPRIMÉ: c:\users\martial\appdata\roaming\microsoft\windows\start menu\programs\internet explorer.lnk (http://do-search.com) CRÉÉ: C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk SUPPRIMÉ: c:\windows\tasks\re-markit update.job SUPPRIMÉ: c:\windows\prefetch\iminentsetup_2810-7318364c.ex-ea0163e7.pf SUPPRIMÉ: c:\windows\prefetch\fst_fr_1411-2d39fe62.tmp-284611fc.pf SUPPRIMÉ: c:\windows\prefetch\iminentminibarie.exe-17deeee9.pf SUPPRIMÉ: c:\windows\prefetch\speedupmypc.tmp-298106d4.pf SUPPRIMÉ: c:\windows\prefetch\speedupmypc-standalone-setup.-83bb7324.pf SUPPRIMÉ: c:\windows\prefetch\bootstrapper.exe-a76488ef.pf SUPPRIMÉ: c:\windows\prefetch\lollipop.exe-45fc8545.pf SUPPRIMÉ: c:\windows\prefetch\fst_fr_17.exe-1679edb1.pf SUPPRIMÉ: c:\windows\prefetch\upfst_fr_17.exe-02f7c8d6.pf SUPPRIMÉ: c:\users\martial\appdata\local\google\chrome\user data\default\sync extension settings\dcpfhaghaadpjpgocojgnlhjcieeooel\000005.ldb SUPPRIMÉ: c:\users\martial\appdata\local\google\chrome\user data\default\sync extension settings\dcpfhaghaadpjpgocojgnlhjcieeooel\current SUPPRIMÉ: c:\users\martial\appdata\local\google\chrome\user data\default\sync extension settings\dcpfhaghaadpjpgocojgnlhjcieeooel\lock SUPPRIMÉ: c:\users\martial\appdata\local\google\chrome\user data\default\sync extension settings\dcpfhaghaadpjpgocojgnlhjcieeooel\log SUPPRIMÉ: c:\users\martial\appdata\local\google\chrome\user data\default\sync extension settings\dcpfhaghaadpjpgocojgnlhjcieeooel\log.old SUPPRIMÉ: c:\users\martial\appdata\local\google\chrome\user data\default\sync extension settings\dcpfhaghaadpjpgocojgnlhjcieeooel\manifest-000050 SUPPRIMÉ: c:\users\martial\appdata\local\temp\dm\bin.dmc SUPPRIMÉ: c:\users\martial\appdata\local\temp\dm\bin\aartemis\info.html SUPPRIMÉ: c:\users\martial\appdata\local\temp\dm\bin\qone8\info.html SUPPRIMÉ: c:\users\martial\appdata\local\temp\dm\bin\re-markit\info.html SUPPRIMÉ: c:\users\martial\appdata\local\temp\dm\bin\css\base.css SUPPRIMÉ: c:\users\martial\appdata\local\temp\dm\config.dmc SUPPRIMÉ: c:\users\martial\appdata\local\temp\dm\input.txt SUPPRIMÉ: c:\users\martial\appdata\local\temp\dm\parent.txt SUPPRIMÉ: c:\users\martial\appdata\local\temp\dm\setup.exe SUPPRIMÉ: c:\users\martial\appdata\local\temp\dm\software\re-markit_2040-2081.exe SUPPRIMÉ: c:\users\martial\appdata\local\temp\dm\temp\aartemisinfo.dfe SUPPRIMÉ: c:\users\martial\appdata\local\temp\dm\temp\dockings.dfe SUPPRIMÉ: c:\users\martial\appdata\local\temp\dm\temp\qone8info.dfe SUPPRIMÉ: c:\users\martial\appdata\local\temp\dm\temp\re-markitinfo.dfe SUPPRIMÉ: c:\users\martial\appdata\local\temp\dm\temp\speedupmypcinfo.dfe SUPPRIMÉ: c:\users\martial\appdata\local\temp\dm\temp\templatedisplays.dfe SUPPRIMÉ: c:\users\martial\appdata\local\temp\dm\temp\templatestyle.dfe SUPPRIMÉ: c:\users\martial\appdata\local\temp\dm\software\tugs_do-search_new.exe SUPPRIMÉ: c:\users\martial\appdata\local\temp\dm\software\speedupmypc.exe SUPPRIMÉ: C:\Windows\Installer\1c1285af.msi SUPPRIMÉ: c:\windows\prefetch\googletoolbarnotifier.exe-b25c45a8.pf SUPPRIMÉ: c:\users\public\desktop\acercloud.lnk SUPPRIMÉ: c:\program files (x86)\acer\acer cloud\acpanel_win.exe SUPPRIMÉ: c:\users\public\desktop\acheter en ligne.lnk SUPPRIMÉS Temporaires Windows (327) (100 747 320 octets) ========== Tache planifiée ========== SUPPRIMÉ: Re-markit Update SUPPRIMÉ: Re-markit Update ========== Restauration Système ========== Point de restauration du système créé avec succès ========== Récapitulatif ========== 2 : Processus mémoire 17 : Clés du Registre 6 : Valeurs du Registre 5 : Eléments de donnée du Registre 5 : Dossiers 55 : Fichiers 4 : Logiciels 2 : Préférences navigateur 2 : Tache planifiée 1 : Restauration Système End of clean in 02mn 20s ========== Chemin de fichier rapport ========== C:\Users\martial\AppData\Roaming\ZHP\ZHPFix[R1].txt - 23/11/2013 19:43:21 [9266]
- le 23 novembre 2013
- 23 réponses
[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

zurlinden a répondu à un(e) sujet de zurlinden dans Analyses et éradication malwares

re bjr à ts: voilà ce que j'ai obtenu; avec une anomalie concernant ebay ?? processus non terminé!(
- le 23 novembre 2013
- 23 réponses
[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

zurlinden a répondu à un(e) sujet de zurlinden dans Analyses et éradication malwares

désolé mais je n'arrive pas à copier le texte en question; qd je vais sur le lien http://cjoint.com/?CKxlQFvbRSj il y a déjà un texte d'écrit, et qd je lance ZHPFIX, et que je fais GO, une fenêtre s'ouvre avec un exemple et je ne peux rien coller ( je crois que c'est mort hein?? ;o(
- le 23 novembre 2013
- 23 réponses
[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

zurlinden a répondu à un(e) sujet de zurlinden dans Analyses et éradication malwares

re bjr mes amis: alors, qd vous aurez le temps, que pensez vous des anomalies figurant ci dessus? selon vous, est ce réparable?? merci de votre collaboration re bjr mes amis: alors, qd vous aurez le temps, que pensez vous des anomalies figurant ci dessus? selon vous, est ce réparable?? merci de votre collaboration j'ai dû me tromper de sujet , j'ai dû poster sur un autre sujet; désolé; suis paumé maintenant ;o(
- le 23 novembre 2013
- 23 réponses
[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

zurlinden a répondu à un(e) sujet de zurlinden dans Analyses et éradication malwares

re bjr les amis: si j'ai bien compris, mon PC est infecté par ttes les saletés qui figurent au dessus?, comment ai-je pu chopper tout ça en téléchargeant simplement un site de téléchargement de musique?? qu'a foutu Mac Affee??? cet anti virus expire bientôt; que me conseillez vous d'installer aprés? et depuis quel site?? avant , j'avais AVIRA ou ANTIVIR en gratuit, et je n'ai jamais eu de problème ( pffffffffffffffffffffff merci encore pour votre aide @+
- le 23 novembre 2013
- 23 réponses
[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

zurlinden a répondu à un(e) sujet de zurlinden dans Analyses et éradication malwares

bjr les amis; je poste ici le rapport ZHPDIAG que j'ai enfin pu installer: j'attends de vos nouvelles; et quoi qu'il se passe, je vous remercie du temps que vous avez bien voulu me consacrer: ~ Rapport de ZHPDiag v2013.11.22.46 - Nicolas Coolman (22/11/2013) ~ Lancé par martial (23/11/2013 10:17:29) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v10.0.9200.16736 GCIE: Google Chrome v31.0.1650.57 (Defaut) ---\\ Informations sur les produits Windows ~ Langage: Français Windows 8 Home Premium Edition, 64-bit (Build 9200) Windows Server License Manager Script : OK ~ ion : Windows® Operating System, OEM_DM channel Windows ID Activation : OK ~ Windows Partial Key : 4RDHT Windows License : OK ~ Windows Remaining Initializations Number : 999 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système McAfee Internet Security Suite v12.8.856 Windows Defender W8 ---\\ Logiciels d'optimisation du système CCleaner v4.06 =>Piriform Ltd ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 8144 MB (79% free) System Restore: Activé (Enable) System drive C: has 399 GB (87%) free of 458 GB ---\\ Mode de connexion au système ~ Computer Name: PC-BALOU ~ User Name: martial ~ All Users Names: martial, HomeGroupUser$, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\martial\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\martial\AppData\Roaming\ ~ %Desktop% : C:\Users\martial\Desktop\ ~ %Favorites% : C:\Users\martial\Favorites\ ~ %LocalAppData% : C:\Users\martial\AppData\Local\ ~ %StartMenu% : C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 399 Go of 458 Go) D: Hard drive, Flash drive, Thumb drive (Free 457 Go of 458 Go) E: CD-ROM drive (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 41 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280] [MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608] [MD5.9706C99DAEBE3FEAC811B239617E98C4] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.12/10/2013 - 09:45:20.) -- C:\Windows\System32\wininet.dll [2241536] [MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120] [MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408] [MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.04/09/2013 - 04:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512] [MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840] [MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544] [MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080] [MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784] [MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168] [MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640] [MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920] [MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688] [MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776] [MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544] [MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984] [MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928] [MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712] [MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248] [MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes Favoris (My Favorites) : 1/7 ~ Mes Documents (My Documents) : 1/5 ~ Mon Bureau (My Desktop) : 2/21 ~ Menu demarrer (Programs) : 1/32 ~ Hidden Files: Scanned in 00mn 00s ---\\ Processus lancés [MD5.A826BF0E7373632ADA7C2A55C92B1AEA] - (...) -- C:\Users\martial\AppData\Local\fst_fr_17\upfst_fr_17.exe [3154416] [PID.2524] =>PUA.FSTfr9 [MD5.280B64F6BFCEDE6D67D261EB808AA617] - (.Acer Incorporated - Hotkey Utility.) -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [524944] [PID.1108] [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.6172] =>Toolbar.Google [MD5.BEFFB2D021E7FA9E92249F3997930A68] - (.Acer - ArcServer.) -- C:\Program Files (x86)\Acer Remote\ArcServer.exe [522144] [PID.2784] [MD5.3E023F7852FEDDD5B938D054A84824AE] - (.Tlapia - sysTPL.) -- C:\Program Files (x86)\sysTPL\sysTPL.exe [875288] [PID.6316] [MD5.0CED501E811F5C4745415FCC000CE043] - (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe [164864] [PID.2580] [MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [10376704] [PID.4988] [MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [10368512] [PID.3720] [MD5.A78774AFAEC2CECFE8F61B40D8E0B940] - (...) -- C:\Program Files (x86)\fst_fr_17\fst_fr_17.exe [3993584] [PID.2524] =>PUA.FSTfr9 [MD5.E659E38D2D51DF5817C91D7386920C7E] - (.CyberLink - MediaEspresso DeviceDetector.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [995856] [PID.6888] [MD5.60A3399135BEFC6F4BADBD6C13A4AC24] - (.Microsoft Corporation - Hôte Microsoft WWA.) -- C:\Windows\syswow64\wwahost.exe [333824] [PID.6412] [MD5.636D97B3BAF854511FF3F4093E895FED] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863184] [PID.4820] [MD5.06BC146E6C2E881A7235A142BA877B82] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8262144] [PID.2236] ~ Processes Running: Scanned in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [user Data\Default] None G2 - GCE: Preference [user Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google\u00C2 Store v.0.2 (Activé) G2 - GCE: Preference [user Data\Default] [aohghmighlieiainnegkcijnfilokake] Documents Google v.0.5 (Activé) G2 - GCE: Preference [user Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google\u00C2 Drive v.6.3 (Activé) G2 - GCE: Preference [user Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé) G2 - GCE: Preference [user Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé) G2 - GCE: Preference [user Data\Default] [dcpfhaghaadpjpgocojgnlhjcieeooel] Re-markit v.1.135 (Désactivé) =>PUP.ReMarkIt G2 - GCE: Preference [user Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé) G2 - GCE: Preference [user Data\Default] [fheoggkfdfchfphceeifdbepaooicaho] SiteAdvisor v.3.6.3.1271 (Désactivé) G2 - GCE: Preference [user Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé) G2 - GCE: Preference [user Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google\u00C2 Wallet v.0.0.5.0 (Activé) G2 - GCE: Preference [user Data\Default] [pbpohikckhbcljgombipcdoinkaedlfa] Smart Display v.1.6 (Désactivé) =>Spyware.SmartDisplay G2 - GCE: Preference [user Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé) ~ Google Browser: 16 Scanned in 00mn 01s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\mcafee\msc\npMcSnFFPl64.dll ~ Firefox Browser: 1 Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com =>PUP.DoSearches R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com =>PUP.DoSearches R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com =>PUP.DoSearches R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll ~ IE Browser: 12 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8877;https=127.0.0.1:8877 =>Hijacker.Proxy R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Re-markit [64Bits] - {4480ad00-e608-4d22-a592-751680df3262} . (...) -- C:\Program Files (x86)\Re-markit\135.dll =>PUP.ReMarkIt O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google O2 - BHO: McAfee SiteAdvisor BHO [64Bits] - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll ~ BHO: 5 Scanned in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: McAfee SiteAdvisor Toolbar [64Bits] - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: 3D Vision Photo Viewer.lnk . (.NVIDIA Corporation - NVIDIA 3D Vision Photo Viewer.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe O4 - GS\Desktop [Public]: Acer Remote.lnk . (.Acer - ArcServer.) -- C:\Program Files (x86)\Acer Remote\ArcServer.exe O4 - GS\Desktop [Public]: AcerCloud.lnk . (.Acer Incorporated - AcerCloud.) -- C:\Program Files (x86)\Acer\Acer Cloud\acpanel_win.exe O4 - GS\Desktop [Public]: Acheter en ligne.lnk . (...) -- C:\Program Files (x86)\Accessory Store\StartUrl.exe (.not file.) O4 - GS\Desktop [Public]: Casino Classic.lnk . (.Microgaming Systems - Game Launcher.) -- C:\Microgaming\Casino\casinoclassic\casinogame.exe O4 - GS\Desktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>Piriform Ltd O4 - GS\Desktop [Public]: Demo Acer Remote.lnk . (...) -- C:\Program Files (x86)\Acer Remote Demo\Acer Remote_demo.mp4 O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://do-search.com =>PUP.DoSearches O4 - GS\Desktop [Public]: Help and Support.lnk - Clé orpheline O4 - GS\Desktop [Public]: McAfee Internet Security Suite.lnk . (.McAfee, Inc. - McAfee.) -- C:\Program Files (x86)\mcafee.com\agent\mcagent.exe O4 - GS\Desktop [Public]: Norton Online Backup.lnk . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - GS\Desktop [Public]: OpenOffice.org 3.4.1.lnk . (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe O4 - GS\Desktop [Public]: WildTangent Games App - acer.lnk . (.WildTangent - WildTangent Games App.) -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe O4 - GS\Desktop [Public]: ZHP.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZebHelpProcess\ZHPHep.exe =>.Nicolas Coolman O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline O4 - GS\Program [Public]: Microsoft Office.lnk . (.Microsoft Corporation - Microsoft Office.) -- C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.exe O4 - GS\Program [Public]: Spotify.lnk . (...) -- C:\Program Files (x86)\Spotify\SpotifyLauncher.exe O4 - GS\Program [Public]: WildTangent Games App - acer.lnk . (.WildTangent - WildTangent Games App.) -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe O4 - GS\Program [Public]: Windows Store.lnk . (...) -- C:\Windows\WinStore\WinStore.htm O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Math Input Panel.lnk . (...) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe (.not file.) O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\system32\mstsc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d’écran.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Enregistreur d’actions.) -- C:\Windows\system32\psr.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\system32\charmap.exe =>.Microsoft Corporation O4 - GS\QuickLaunch [martial]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://do-search.com =>PUP.DoSearches O4 - GS\QuickLaunch [martial]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://do-search.com =>PUP.DoSearches O4 - GS\TaskBar [martial]: Acer Docs.lnk . (...) -- C:\Program Files (x86)\Acer\AcerCloud Docs\AcerCloud Docs.exe O4 - GS\TaskBar [martial]: Acer Media.lnk . (.Acer Incorporated - Acer Media.) -- C:\Program Files (x86)\Acer\clear.fi Media\ClearfiMedia.exe O4 - GS\TaskBar [martial]: Acer Photo.lnk . (.Acer Incorporated - Acer Photo.) -- C:\Program Files (x86)\Acer\clear.fi Photo\ClearfiPhoto.exe O4 - GS\TaskBar [martial]: Acer Power Button.lnk . (...) -- C:\Program Files (x86)\Acer\Acer Power Management\ePowerButton.exe (.not file.) O4 - GS\TaskBar [martial]: File Explorer.lnk . (...) -- C:\Users\martial\AppData\Roaming\Microsoft\Windows\Libraries O4 - GS\TaskBar [martial]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://do-search.com =>PUP.DoSearches O4 - GS\TaskBar [martial]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://do-search.com =>PUP.DoSearches O4 - GS\Program [martial]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://do-search.com =>PUP.DoSearches O4 - GS\Accessories [martial]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation O4 - GS\Desktop [martial]: Ludi.lnk - Clé orpheline O4 - GS\Desktop [martial]: PokerStars.fr.lnk . (.PokerStars - PokerStars Update.) -- C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe O4 - GS\Desktop [martial]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) -- C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe O4 - GS\Desktop [martial]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman O4 - GS\Desktop [martial]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman ~ Global Startup: 50 Scanned in 00mn 01s ---\\ Applications lancées au démarrage du sytème (O4) O4 - GS\Startup [Public]: Acer Remote.lnk . (.Acer - ArcServer.) -- C:\Program Files (x86)\Acer Remote\ArcServer.exe O4 - GS\Startup [martial]: OpenOffice.org 3.4.1.lnk . (...) -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIKE.exe =>.Epson Seiko Corporation O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe O4 - HKLM\..\Wow6432Node\Run: [Norton Online Backup] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Wow6432Node\Run: [mcpltui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe O4 - HKLM\..\Wow6432Node\Run: [sysTPL] . (.Tlapia - sysTPL.) -- C:\Program Files (x86)\sysTPL\sysTPL.exe O4 - HKLM\..\Wow6432Node\Run: [fst_fr_17] . (...) -- C:\Program Files (x86)\fst_fr_17\fst_fr_17.exe =>PUA.FSTfr9 O4 - HKLM\..\Wow6432Node\RunOnce: [upfst_fr_17.exe] . (...) -- C:\Users\martial\AppData\Local\fst_fr_17\upfst_fr_17.exe =>PUA.FSTfr9 O4 - HKUS\S-1-5-21-3778166341-1465188008-936229986-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google O4 - HKUS\S-1-5-21-3778166341-1465188008-936229986-1001\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIKE.exe =>.Epson Seiko Corporation ~ Application: Scanned in 00mn 00s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ~ Winsock: 6 Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{3EAD6CDF-D505-4FFC-B3C8-31B02CB49FF0}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{3EAD6CDF-D505-4FFC-B3C8-31B02CB49FF0}: DhcpDomain = bouyguesbox.fr O17 - HKLM\System\CS1\Services\Tcpip\..\{3EAD6CDF-D505-4FFC-B3C8-31B02CB49FF0}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{3EAD6CDF-D505-4FFC-B3C8-31B02CB49FF0}: DhcpDomain = bouyguesbox.fr O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: CCDMonitorService (CCDMonitorService) . (.Acer Incorporated - CCD Monitor Service.) - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc O23 - Service: McAfee Home Network (HomeNetSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Patch Tool..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe O23 - Service: Intel® Capability Licensing Service Interface (Intel® Capability Licensing Service Interface) . (.Intel® Corporation - Intel® Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® PROSet Monitoring Service (Intel® PROSet Monitoring Service) . (.Intel Corporation - Intel® PROSet Monitoring Service.) - C:\Windows\system32\IProsetMonitor.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel® Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: Intel® Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee AP Service (McAPExe) . (.McAfee, Inc. - McAfee Access Protection.) - C:\Program Files\McAfee\MSC\McAPexe.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Platform Services (mcpltsvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Application Statistics Service (MfeASUM) . (.McAfee, Inc. - McAfee Application Statistics Service.) - C:\Program Files\McAfee\AppStats\MfeASUM.exe O23 - Service: McAfee Anti-Malware Core (mfecore) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) . (.McAfee, Inc. - McAfee Core Firewall Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\windows\system32\mfevtps.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: c:\Program Files (x86)\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG - NeroUpdate.) - c:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: Norton Online Backup (NOBU) . (.Symantec Corporation - Norton Online Backup Service.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.1.) - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: sysTPLMonitor (sysTPLMonitor.exe) . (.Tlapia - sysTPLMonitor.) - C:\Program Files (x86)\sysTPL\sysTPLMonitor.exe O23 - Service: sysTPLService (sysTPLService.exe) . (.Tlapia - sysTPLService.) - C:\Program Files (x86)\sysTPL\sysTPLService.exe O23 - Service: Intel® Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe ~ Services: 26 Scanned in 00mn 05s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1084] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1088] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Re-markit Update.job [406] =>PUP.ReMarkIt [MD5.F368AE5801EE103008BA34773F83ECCE] [APT] [ALU] (...) -- C:\Program Files (x86)\Acer\Live Updater\updater.exe [3368008] [MD5.B690DE3B3D28AD45112BE310780DBE8D] [APT] [ALUAgent] (...) -- C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [40008] [MD5.22621F4BC16C5C47E76E40F251F0CC79] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3905304] =>Piriform Ltd [MD5.E659E38D2D51DF5817C91D7386920C7E] [APT] [DeviceDetector] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [995856] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [MD5.280B64F6BFCEDE6D67D261EB808AA617] [APT] [Hotkey Utility] (.Acer Incorporated.) -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [524944] [MD5.7A69532E7D92A0B31E9A55DE1D1CF7E2] [APT] [Power Management] (.Acer Incorporated.) -- C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [5303368] [MD5.66218637966A5BC3AA056A7491418F65] [APT] [Re-markit Update] (...) -- C:\Program Files (x86)\Re-markit\ReMarkit_up.exe [236544] =>PUP.ReMarkIt [MD5.C6CAB8F629AE677E4B5AE0D9E28241E6] [APT] [Notification] (.Acer Incorporated.) -- C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [523848] ~ Scheduled Task: 15 Scanned in 00mn 02s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll ~ Active Setup: 9 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys O41 - Driver: (ccSet_NARA) . (.Symantec Corporation - Common Client Settings Driver.) - C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (MfeASKM) . (.McAfee, Inc. - McAfee Application Statistics Device Driver.) - C:\Program Files\McAfee\AppStats\MfeASKM.sys O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys ~ Drivers: 36 Scanned in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: Acer Docs - (.Acer Incorporated.) [HKLM][64Bits] -- {CA4FE8B0-298C-4E5D-A486-F33B126D6A0A} O42 - Logiciel: Acer Media - (.Acer Incorporated.) [HKLM][64Bits] -- {E9AF1707-3F3A-49E2-8345-4F2D629D0876} O42 - Logiciel: Acer Photo - (.Acer Incorporated.) [HKLM][64Bits] -- {B5AD89F2-03D3-4206-8487-018298007DD0} O42 - Logiciel: Acer Power Management - (.Acer Incorporated.) [HKLM][64Bits] -- {91F52DE4-B789-42B0-9311-A349F10E5479} O42 - Logiciel: Acer Recovery Management - (.Acer Incorporated.) [HKLM][64Bits] -- {07F2005A-8CAC-4A4B-83A2-DA98A722CA61} O42 - Logiciel: Acer Remote - (.Acer Inc..) [HKLM][64Bits] -- Acer Remote1.0 O42 - Logiciel: AcerCloud Portal - (.Acer Incorporated.) [HKLM][64Bits] -- {A5AD0B17-F34D-49BE-A157-C8B3D52ACD13} O42 - Logiciel: Bejeweled 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-ce66965d-5117-4f5b-ac76-2f79aa4dd782 O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>Piriform Ltd O42 - Logiciel: Casino Classic - (...) [HKLM][64Bits] -- casinoclassic O42 - Logiciel: CyberLink MediaEspresso 6.5 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384} O42 - Logiciel: CyberLink MediaEspresso 6.5 - (.CyberLink Corp..) [HKLM][64Bits] -- {E3739848-5329-48E3-8D28-5BBD6E8BE384} O42 - Logiciel: DMUninstaller - (...) [HKLM][64Bits] -- DMUninstaller O42 - Logiciel: Delicious: Emily's Childhood Memories Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-ddc1064d-2e22-4de1-a1b5-c35c89d3aeb7 O42 - Logiciel: EPSON XP-302 303 305 306 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM][64Bits] -- EPSON XP-302 303 305 306 Series O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>Toolbar.Google O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Governor of Poker 2 Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-a2d92771-6c0f-473f-a967-dc972ff0699f O42 - Logiciel: Hotkey Utility - (.Acer Incorporated.) [HKLM][64Bits] -- {A6DC88AD-501A-44BC-884D-57435F972E2C} O42 - Logiciel: Identity Card - (.Acer Incorporated.) [HKLM][64Bits] -- {3D9CB654-99AD-4301-89C6-0D12A790767C} O42 - Logiciel: Intel® Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} O42 - Logiciel: Intel® Network Connections 17.2.153.0 - (.Intel.) [HKLM][64Bits] -- PROSetDX O42 - Logiciel: Intel® Network Connections 17.2.153.0 - (.Intel.) [HKLM][64Bits] -- {858C1B33-C3D5-4377-B77B-1E2F338C7F66} O42 - Logiciel: Intel® Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC} O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B} O42 - Logiciel: Jewel Match 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-281dff9b-2df8-43e1-bd6a-622c9e1a96d1 O42 - Logiciel: John Deere Drive Green - (.WildTangent.) [HKLM][64Bits] -- WTA-5325c9f8-ab95-464d-9101-7f05ed6c99e5 O42 - Logiciel: Live Updater - (.Acer Incorporated.) [HKLM][64Bits] -- {EE26E302-876A-48D9-9058-3129E5B99999} O42 - Logiciel: Ludi - (...) [HKLM][64Bits] -- Ludi O42 - Logiciel: Magic Academy - (.WildTangent.) [HKLM][64Bits] -- WTA-8687c51b-2852-4c45-9339-47372bbba88c O42 - Logiciel: McAfee Internet Security Suite - (.McAfee, Inc..) [HKLM][64Bits] -- MSC O42 - Logiciel: NVIDIA Logiciel système PhysX 9.12.1031 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {8B922CF8-8A6C-41CE-A858-F1755D7F5D29} O42 - Logiciel: NVIDIA Pilote 3D Vision 311.15 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision O42 - Logiciel: NVIDIA Pilote audio HD : 1.3.18.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver O42 - Logiciel: NVIDIA Pilote du contrôleur 3D Vision 311.06 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB O42 - Logiciel: NVIDIA Pilote graphique 311.15 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIAStereo O42 - Logiciel: Nero BackItUp - (.Nero AG.) [HKLM][64Bits] -- {DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7} O42 - Logiciel: Nero BackItUp 12 Essentials OEM.a01 - (.Nero AG.) [HKLM][64Bits] -- {4CA8F973-6377-4ABF-9ED5-CC2323B3C000} O42 - Logiciel: Nero BackItUp Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {EF0D1292-8FC1-41BE-9740-DBC134F66415} O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {ABC88553-8770-4B97-B43E-5A90647A5B63} O42 - Logiciel: Nero ControlCenter Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {C994C746-C6D0-4EBA-B09E-DF7B18381B69} O42 - Logiciel: Nero Core Components - (.Nero AG.) [HKLM][64Bits] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263} O42 - Logiciel: Nero Launcher - (.Nero AG.) [HKLM][64Bits] -- {0E4630AF-0AB7-440E-A978-1A78FC4F43B9} O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM][64Bits] -- {A2D43081-CF7B-4637-A9F3-E2651AA5C4A8} O42 - Logiciel: Nero RescueAgent Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {0B311221-05A5-4766-8D03-7A6446794156} O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM][64Bits] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A} O42 - Logiciel: Norton Online Backup - (.Symantec Corporation.) [HKLM][64Bits] -- {40A66DF6-22D3-44B5-A7D3-83B118A2C0DC} O42 - Logiciel: Norton Online Backup ARA - (.Symantec Corporation.) [HKLM][64Bits] -- NARA O42 - Logiciel: Office Addin - (.Acer.) [HKLM][64Bits] -- {6D2BBE1D-E600-4695-BA37-0B0E605542CC} O42 - Logiciel: Office Addin 2003 - (.Acer.) [HKLM][64Bits] -- {1FCC073B-CC01-4443-AD20-E559F66E6E83} O42 - Logiciel: OpenOffice.org 3.4.1 - (.Apache Software Foundation.) [HKLM][64Bits] -- {9F1F2AEA-C72A-4DD6-991E-C5506A5625E4} O42 - Logiciel: Plants vs. Zombies - Game of the Year - (.WildTangent.) [HKLM][64Bits] -- WTA-9b007d41-5cf7-4ade-b4f6-8809e1108379 O42 - Logiciel: PokerStars.fr - (.PokerStars.fr.) [HKLM][64Bits] -- PokerStars.fr O42 - Logiciel: QuickEngine - (.Tlapia.) [HKLM][64Bits] -- QuickEngine 1.0.1 O42 - Logiciel: QuickEngine - (.Tlapia.) [HKLM][64Bits] -- {FE1FC5C3-6A09-4D3F-B084-6A5288AFE8F9} O42 - Logiciel: Re-markit - (.Re-markit Software.) [HKLM][64Bits] -- {49b4f70f-f101-435c-ac77-0d6be35fbb33} =>PUP.ReMarkIt O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054} O42 - Logiciel: Spotify - (.Spotify AB.) [HKLM][64Bits] -- Spotify O42 - Logiciel: Tales of Lagoona - (.WildTangent.) [HKLM][64Bits] -- WTA-21fca457-e155-422a-a7fb-c0522834482d O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App O42 - Logiciel: Visual Studio 2005 Tools pour Office Second Edition Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Visual Studio 2005 Tools for Office Runtime O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- Visual Studio Tools for the Office system 3.0 Runtime O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8FB53850-246A-3507-8ADE-0060093FFEA6} O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949 - (.Microsoft Corporation.) [HKLM][64Bits] -- {8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258 O42 - Logiciel: WildTangent Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent wildgames Master Uninstall O42 - Logiciel: WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer O42 - Logiciel: ZebHelpProcess 2013 - (.Nicolas Coolman.) [HKLM][64Bits] -- ZebHelpProcess_is1 O42 - Logiciel: clear.fi SDK - Video 2 - (.CyberLink Corp..) [HKLM][64Bits] -- {EBA33CAD-E071-48d5-A168-FBA4EEB42E93} O42 - Logiciel: clear.fi SDK- Movie 2 - (.CyberLink Corp..) [HKLM][64Bits] -- {35DA427D-BB23-49B8-9AFD-CFFCFE3B708D} O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM][64Bits] -- {91589413-6675-4C27-8AFC-EFB9103B90A5} =>Toolbar.eBay O42 - Logiciel: fst_fr_17 - (.FREESOFTTODAY.) [HKLM][64Bits] -- fst_fr_17_is1 =>Adware.FreeSoftToday O42 - Logiciel: sysTPL - (.Tlapia.) [HKLM][64Bits] -- {4B74BC31-B353-4B8F-8CBE-DAB4FF326FF1} ~ Logic: 136 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\AppDataLow\Software\Re_markit] =>PUP.ReMarkIt [HKCU\Software\AppDataLow] [HKCU\Software\Borland] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Cyberlink] [HKCU\Software\EPSON] [HKCU\Software\Google] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Ludi] [HKCU\Software\MGS] [HKCU\Software\Macromedia] [HKCU\Software\McAfee] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\OEM] [HKCU\Software\OpenOffice.org] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\RegisteredApplications] [HKCU\Software\SIEN SA] [HKCU\Software\Software] [HKCU\Software\Trolltech] [HKCU\Software\Tutorials] =>Spyware.AgenceExclusive [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VSRevoGroup] [HKCU\Software\Wow6432Node] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\sysTPL] [HKLM\Software\AGEIA Technologies] [HKLM\Software\ATI Technologies] [HKLM\Software\Borland] [HKLM\Software\Classes] [HKLM\Software\Clearfi] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\DTS] [HKLM\Software\Dolby] [HKLM\Software\EPSON] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Knowles] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\McAfee.com] [HKLM\Software\McAfee] [HKLM\Software\MozillaPlugins] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\SonicFocus] [HKLM\Software\Symantec] [HKLM\Software\Waves Audio] [HKLM\Software\Wow6432Node\AGEIA Technologies] [HKLM\Software\Wow6432Node\AdwCleaner] [HKLM\Software\Wow6432Node\Borland] [HKLM\Software\Wow6432Node\Caphyon] [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Clearfi] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\CyberLink] [HKLM\Software\Wow6432Node\EPSON] [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\Khronos] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\McAfee.com] [HKLM\Software\Wow6432Node\McAfee] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\NVIDIA Corporation] [HKLM\Software\Wow6432Node\Nero] [HKLM\Software\Wow6432Node\Norton] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\OEM] [HKLM\Software\Wow6432Node\OpenOffice.org] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.] [HKLM\Software\Wow6432Node\Realtek] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\SIEN SA] [HKLM\Software\Wow6432Node\SiteAdvisor] [HKLM\Software\Wow6432Node\Software] [HKLM\Software\Wow6432Node\Symantec] [HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive [HKLM\Software\Wow6432Node\WildTangent] [HKLM\Software\Wow6432Node\do-searchSoftware] =>PUP.DoSearches [HKLM\Software\Wow6432Node] ~ Key Software: 155 Scanned in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 09/10/2013 - 19:53:19 - [421,479] ----D C:\Program Files (x86)\Acer O43 - CFD: 04/07/2013 - 21:57:00 - [9,832] ----D C:\Program Files (x86)\Acer Remote O43 - CFD: 04/07/2013 - 21:57:02 - [157,893] ---AD C:\Program Files (x86)\Acer Remote Demo O43 - CFD: 04/07/2013 - 22:09:55 - [0] ----D C:\Program Files (x86)\AGEIA Technologies O43 - CFD: 22/11/2013 - 17:03:12 - [381,404] ----D C:\Program Files (x86)\Common Files O43 - CFD: 01/03/2013 - 07:20:02 - [159,468] ----D C:\Program Files (x86)\CyberLink O43 - CFD: 21/11/2013 - 19:28:53 - [0] ----D C:\Program Files (x86)\DsNET Corp O43 - CFD: 06/10/2013 - 10:35:37 - [3,221] ----D C:\Program Files (x86)\enginesysTPL O43 - CFD: 21/11/2013 - 19:04:06 - [8,184] ----D C:\Program Files (x86)\fst_fr_17 =>PUA.FSTfr9 O43 - CFD: 06/10/2013 - 10:56:08 - [484,771] ----D C:\Program Files (x86)\Google O43 - CFD: 04/07/2013 - 22:28:24 - [67,552] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 04/07/2013 - 22:12:43 - [17,936] ----D C:\Program Files (x86)\Intel O43 - CFD: 15/11/2013 - 22:04:36 - [4,622] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 22/11/2013 - 20:24:13 - [0,728] ----D C:\Program Files (x86)\Ludi O43 - CFD: 18/10/2013 - 07:43:29 - [29,419] ----D C:\Program Files (x86)\McAfee O43 - CFD: 01/03/2013 - 07:16:03 - [0,515] ----D C:\Program Files (x86)\mcafee.com O43 - CFD: 04/07/2013 - 22:23:33 - [2,168] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 26/07/2012 - 09:12:59 - [0,023] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 21/11/2013 - 19:04:15 - [0] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 01/03/2013 - 06:27:18 - [0,025] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 01/03/2013 - 07:18:53 - [150,860] ----D C:\Program Files (x86)\Nero O43 - CFD: 04/07/2013 - 22:24:06 - [20,119] ----D C:\Program Files (x86)\Norton Online Backup ARA O43 - CFD: 04/07/2013 - 22:23:59 - [24,843] ----D C:\Program Files (x86)\NortonInstaller O43 - CFD: 04/07/2013 - 22:09:59 - [96,921] ----D C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 05/10/2013 - 08:15:22 - [0,351] ----D C:\Program Files (x86)\OEM O43 - CFD: 06/10/2013 - 10:41:52 - [296,261] ----D C:\Program Files (x86)\OpenOffice.org 3 O43 - CFD: 17/11/2013 - 18:55:42 - [110,627] ----D C:\Program Files (x86)\PokerStars.FR O43 - CFD: 21/11/2013 - 19:27:30 - [1,105] ----D C:\Program Files (x86)\Re-markit =>PUP.ReMarkIt O43 - CFD: 04/07/2013 - 22:13:56 - [31,149] ----D C:\Program Files (x86)\Realtek O43 - CFD: 01/03/2013 - 06:27:18 - [36,536] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 04/07/2013 - 22:16:43 - [42,601] ----D C:\Program Files (x86)\Spotify O43 - CFD: 04/07/2013 - 22:24:39 - [8,374] ----D C:\Program Files (x86)\Symantec O43 - CFD: 21/11/2013 - 20:43:07 - [2,898] ----D C:\Program Files (x86)\sysTPL O43 - CFD: 04/07/2013 - 22:14:08 - [0] --H-D C:\Program Files (x86)\Temp O43 - CFD: 21/11/2013 - 19:27:57 - [6,523] ----D C:\Program Files (x86)\VS Revo Group O43 - CFD: 01/03/2013 - 07:15:46 - [387,206] ----D C:\Program Files (x86)\WildGames O43 - CFD: 01/03/2013 - 07:15:52 - [32,035] ----D C:\Program Files (x86)\WildTangent Games O43 - CFD: 06/10/2013 - 15:44:52 - [1,038] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 05/07/2013 - 07:49:08 - [5,466] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 05/07/2013 - 07:49:08 - [3,494] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 26/07/2012 - 09:12:59 - [7,243] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 06/10/2013 - 15:40:50 - [5,226] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 26/07/2012 - 09:12:59 - [0] -SH-D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 22/11/2013 - 17:03:38 - [138,557] ----D C:\Program Files (x86)\ZebHelpProcess O43 - CFD: 23/11/2013 - 10:16:31 - [17,182] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman O43 - CFD: 22/11/2013 - 17:03:12 - [7,320] ----D C:\Program Files (x86)\Common Files\Borland Shared O43 - CFD: 04/07/2013 - 22:13:54 - [2,009] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 06/10/2013 - 09:05:18 - [0,322] ----D C:\Program Files (x86)\Common Files\logishrd O43 - CFD: 05/10/2013 - 19:11:43 - [4,188] ----D C:\Program Files (x86)\Common Files\mcafee O43 - CFD: 06/10/2013 - 15:44:56 - [340,267] ----D C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 01/03/2013 - 07:18:36 - [17,704] ----D C:\Program Files (x86)\Common Files\Nero O43 - CFD: 04/07/2013 - 22:11:23 - [0,185] ----D C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 26/07/2012 - 09:13:01 - [0,003] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 05/07/2013 - 07:49:08 - [9,406] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 04/07/2013 - 22:35:23 - [0,059] ----D C:\ProgramData\Acer O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Application Data O43 - CFD: 22/11/2013 - 16:18:32 - [0,040] ----D C:\ProgramData\boost_interprocess O43 - CFD: 05/10/2013 - 08:02:58 - [0] -SH-D C:\ProgramData\Bureau O43 - CFD: 09/10/2013 - 19:49:15 - [0,114] ----D C:\ProgramData\clear.fi O43 - CFD: 04/07/2013 - 22:28:21 - [0] ----D C:\ProgramData\CLSK O43 - CFD: 13/10/2013 - 18:39:05 - [0,017] ----D C:\ProgramData\CyberLink O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Desktop O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Documents O43 - CFD: 22/11/2013 - 15:57:43 - [5,940] ----D C:\ProgramData\EPSON O43 - CFD: 06/10/2013 - 10:55:48 - [0,012] ----D C:\ProgramData\Google O43 - CFD: 04/07/2013 - 22:28:24 - [0,257] ----D C:\ProgramData\install_clap O43 - CFD: 04/07/2013 - 22:12:43 - [0,016] ----D C:\ProgramData\Intel O43 - CFD: 07/10/2013 - 07:08:48 - [206,941] ----D C:\ProgramData\McAfee O43 - CFD: 05/10/2013 - 08:02:58 - [0] -SH-D C:\ProgramData\Menu Démarrer O43 - CFD: 18/10/2013 - 17:03:20 - [-1224,440] ----D C:\ProgramData\MGS O43 - CFD: 06/10/2013 - 07:26:36 - [1322,541] -S--D C:\ProgramData\Microsoft O43 - CFD: 05/10/2013 - 08:02:58 - [0] -SH-D C:\ProgramData\Modèles O43 - CFD: 01/03/2013 - 07:18:36 - [0,867] ----D C:\ProgramData\Nero O43 - CFD: 04/07/2013 - 22:24:05 - [0,220] ----D C:\ProgramData\Norton O43 - CFD: 04/07/2013 - 22:23:59 - [0,864] ----D C:\ProgramData\NortonInstaller O43 - CFD: 22/11/2013 - 16:18:25 - [2,267] ----D C:\ProgramData\NVIDIA O43 - CFD: 04/07/2013 - 22:09:02 - [2,105] ----D C:\ProgramData\NVIDIA Corporation O43 - CFD: 05/10/2013 - 08:58:07 - [0,431] ----D C:\ProgramData\OEM O43 - CFD: 05/10/2013 - 08:15:08 - [0] ----D C:\ProgramData\OEM_YAHOO O43 - CFD: 06/10/2013 - 15:51:27 - [0,038] ----D C:\ProgramData\PRICache O43 - CFD: 04/07/2013 - 22:23:36 - [0,002] ----D C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Start Menu O43 - CFD: 04/07/2013 - 22:24:39 - [0,415] ----D C:\ProgramData\Symantec O43 - CFD: 04/07/2013 - 22:28:24 - [1,409] ----D C:\ProgramData\Temp O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Templates O43 - CFD: 01/03/2013 - 07:15:52 - [1081,423] ----D C:\ProgramData\WildTangent O43 - CFD: 09/10/2013 - 19:45:12 - [0] ----D C:\Users\martial\AppData\Roaming\acer O43 - CFD: 05/10/2013 - 08:15:16 - [0] ----D C:\Users\martial\AppData\Roaming\AcerRemote O43 - CFD: 05/10/2013 - 08:14:43 - [0] ----D C:\Users\martial\AppData\Roaming\Adobe O43 - CFD: 09/11/2013 - 13:04:04 - [0] ----D C:\Users\martial\AppData\Roaming\Google O43 - CFD: 05/10/2013 - 08:14:43 - [0,001] ----D C:\Users\martial\AppData\Roaming\Macromedia O43 - CFD: 09/10/2013 - 19:53:22 - [0,712] -S--D C:\Users\martial\AppData\Roaming\Microsoft O43 - CFD: 06/10/2013 - 10:43:24 - [30,915] ----D C:\Users\martial\AppData\Roaming\OpenOffice.org O43 - CFD: 23/11/2013 - 10:17:40 - [0,016] ----D C:\Users\martial\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 09/10/2013 - 19:53:48 - [0,005] ----D C:\Users\martial\AppData\Local\Acer O43 - CFD: 09/10/2013 - 19:51:58 - [84,627] ----D C:\Users\martial\AppData\Local\AcerCloud O43 - CFD: 05/10/2013 - 08:13:49 - [0] -SH-D C:\Users\martial\AppData\Local\Application Data O43 - CFD: 10/10/2013 - 17:58:46 - [6,926] ----D C:\Users\martial\AppData\Local\clear.fi O43 - CFD: 09/10/2013 - 19:48:40 - [248,290] ----D C:\Users\martial\AppData\Local\ClearfiMedia O43 - CFD: 09/10/2013 - 19:44:51 - [153,957] ----D C:\Users\martial\AppData\Local\ClearfiPhoto O43 - CFD: 21/11/2013 - 19:36:21 - [0] ----D C:\Users\martial\AppData\Local\CrashDumps O43 - CFD: 13/10/2013 - 18:38:58 - [0,103] ----D C:\Users\martial\AppData\Local\Cyberlink O43 - CFD: 09/10/2013 - 19:51:04 - [35,079] ----D C:\Users\martial\AppData\Local\Doc O43 - CFD: 23/11/2013 - 09:52:52 - [7,311] ----D C:\Users\martial\AppData\Local\fst_fr_17 =>PUA.FSTfr9 O43 - CFD: 08/10/2013 - 08:54:06 - [217,418] ----D C:\Users\martial\AppData\Local\Google O43 - CFD: 05/10/2013 - 08:13:49 - [0] -SH-D C:\Users\martial\AppData\Local\Historique O43 - CFD: 06/10/2013 - 09:35:52 - [20,968] ----D C:\Users\martial\AppData\Local\Ludi O43 - CFD: 09/10/2013 - 13:44:32 - [138,184] ----D C:\Users\martial\AppData\Local\Microsoft O43 - CFD: 06/10/2013 - 15:51:28 - [113,011] ----D C:\Users\martial\AppData\Local\Packages O43 - CFD: 22/11/2013 - 20:00:45 - [2,738] ----D C:\Users\martial\AppData\Local\PokerStars.FR O43 - CFD: 21/11/2013 - 19:04:00 - [0] ----D C:\Users\martial\AppData\Local\Programs O43 - CFD: 23/11/2013 - 10:16:06 - [32,815] ----D C:\Users\martial\AppData\Local\Temp O43 - CFD: 05/10/2013 - 08:13:49 - [0] -SH-D C:\Users\martial\AppData\Local\Temporary Internet Files O43 - CFD: 13/10/2013 - 18:38:53 - [0,494] ----D C:\Users\martial\AppData\Local\VirtualStore O43 - CFD: 26/07/2012 - 09:13:00 - [0,004] R---D C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 26/07/2012 - 09:13:00 - [0,001] R---D C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 15/10/2013 - 10:02:25 - [0] R---D C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 05/10/2013 - 08:25:36 - [0,003] ----D C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ludi O43 - CFD: 26/07/2012 - 09:13:00 - [0] ----D C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 05/10/2013 - 20:23:04 - [0,003] ----D C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.FR O43 - CFD: 21/11/2013 - 19:27:58 - [0,005] ----D C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller O43 - CFD: 15/10/2013 - 10:02:25 - [0,001] R---D C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 26/07/2012 - 09:13:00 - [0,005] R---D C:\Users\martial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools ~ Program Folder: 125 Scanned in 00mn 24s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.97F8694D6CDD8A3BBDF0A24D9B321C7B] - 14/11/2013 - 08:21:21 ---A- . (.Microsoft Corporation - Interface utilisateur d’authentification Wi.) -- C:\Windows\SysNative\authui.dll [2304512] O44 - LFC:[MD5.97F8694D6CDD8A3BBDF0A24D9B321C7B] - 14/11/2013 - 08:21:21 ---A- . (.Microsoft Corporation - Interface utilisateur d’authentification Wi.) -- C:\Windows\System32\authui.dll [2304512] O44 - LFC:[MD5.4F54EB37483A890F8C19478207FC5004] - 14/11/2013 - 08:21:28 ---A- . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\SysNative\schannel.dll [419328] O44 - LFC:[MD5.4F54EB37483A890F8C19478207FC5004] - 14/11/2013 - 08:21:28 ---A- . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll [419328] O44 - LFC:[MD5.BEB9FF627ACB97F10D0B65D404D62C7A] - 14/11/2013 - 08:21:30 ---A- . (.Microsoft Corporation - Direct3D 11 Runtime.) -- C:\Windows\SysNative\d3d11.dll [2062848] O44 - LFC:[MD5.BEB9FF627ACB97F10D0B65D404D62C7A] - 14/11/2013 - 08:21:30 ---A- . (.Microsoft Corporation - Direct3D 11 Runtime.) -- C:\Windows\System32\d3d11.dll [2062848] O44 - LFC:[MD5.EFB4937249C7E4D57F69CC4B1986BC4B] - 14/11/2013 - 08:21:33 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\SysNative\jscript.dll [855552] O44 - LFC:[MD5.EFB4937249C7E4D57F69CC4B1986BC4B] - 14/11/2013 - 08:21:33 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript.dll [855552] O44 - LFC:[MD5.3E86B4126D4CD0D9CA5B78DBE9F8D7CB] - 14/11/2013 - 08:21:33 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\SysNative\ie4uinit.exe [51712] O44 - LFC:[MD5.3E86B4126D4CD0D9CA5B78DBE9F8D7CB] - 14/11/2013 - 08:21:33 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe [51712] O44 - LFC:[MD5.1E47964351EA38C20A8E28B413769C80] - 14/11/2013 - 08:21:34 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\SysNative\msfeeds.dll [603136] O44 - LFC:[MD5.1E47964351EA38C20A8E28B413769C80] - 14/11/2013 - 08:21:34 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [603136] O44 - LFC:[MD5.A96B3E9D360DE75B09EE77698A54412B] - 14/11/2013 - 08:21:35 ---A- . (.Microsoft Corporation - Utilitaire à l’exécution pour Internet Expl.) -- C:\Windows\SysNative\iertutil.dll [2648576] O44 - LFC:[MD5.A96B3E9D360DE75B09EE77698A54412B] - 14/11/2013 - 08:21:35 ---A- . (.Microsoft Corporation - Utilitaire à l’exécution pour Internet Expl.) -- C:\Windows\System32\iertutil.dll [2648576] O44 - LFC:[MD5.9706C99DAEBE3FEAC811B239617E98C4] - 14/11/2013 - 08:21:36 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\SysNative\wininet.dll [2241536] O44 - LFC:[MD5.9706C99DAEBE3FEAC811B239617E98C4] - 14/11/2013 - 08:21:36 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2241536] O44 - LFC:[MD5.F13305A81317DDAEA3968D2D8EC0C0A4] - 14/11/2013 - 08:21:36 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysNative\urlmon.dll [1364992] O44 - LFC:[MD5.F13305A81317DDAEA3968D2D8EC0C0A4] - 14/11/2013 - 08:21:36 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1364992] O44 - LFC:[MD5.90868BDD4047BF951E03620961945149] - 14/11/2013 - 08:21:37 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\SysNative\jscript9.dll [3959808] O44 - LFC:[MD5.90868BDD4047BF951E03620961945149] - 14/11/2013 - 08:21:37 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript9.dll [3959808] O44 - LFC:[MD5.9991ABD246ED906CF420B2CA08BF685A] - 14/11/2013 - 08:21:37 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\SysNative\ieframe.dll [15404544] O44 - LFC:[MD5.9991ABD246ED906CF420B2CA08BF685A] - 14/11/2013 - 08:21:37 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [15404544] O44 - LFC:[MD5.25C356A79B7002E0A20AAF592ED59DE4] - 14/11/2013 - 08:21:42 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\SysNative\mshtml.dll [19269632] O44 - LFC:[MD5.25C356A79B7002E0A20AAF592ED59DE4] - 14/11/2013 - 08:21:42 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll [19269632] O44 - LFC:[MD5.E455C83E029121270BED73CDAC381F37] - 14/11/2013 - 08:21:56 ---A- . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\SysNative\IKEEXT.DLL [1160192] O44 - LFC:[MD5.E455C83E029121270BED73CDAC381F37] - 14/11/2013 - 08:21:56 ---A- . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\IKEEXT.DLL [1160192] O44 - LFC:[MD5.53AA55632B94622F2DC3695E86EF9363] - 14/11/2013 - 08:21:56 ---A- . (.Microsoft Corporation - Moteur de filtrage de base.) -- C:\Windows\SysNative\BFE.DLL [723968] O44 - LFC:[MD5.53AA55632B94622F2DC3695E86EF9363] - 14/11/2013 - 08:21:56 ---A- . (.Microsoft Corporation - Moteur de filtrage de base.) -- C:\Windows\System32\BFE.DLL [723968] O44 - LFC:[MD5.44BB9C31E6242C4BD1CE7C2B440C2533] - 14/11/2013 - 08:21:56 ---A- . (.Microsoft Corporation - WFP NDIS 6.30 Lightweight Filter Driver.) -- C:\Windows\System32\Drivers\wfplwfs.sys [96600] O44 - LFC:[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - 14/11/2013 - 08:21:57 ---A- . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\Windows\System32\Drivers\afd.sys [576512] O44 - LFC:[MD5.61EE56D354A5B425845F6A38CE401F92] - 14/11/2013 - 08:22:03 ---A- . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\SysNative\crypt32.dll [1890816] O44 - LFC:[MD5.61EE56D354A5B425845F6A38CE401F92] - 14/11/2013 - 08:22:03 ---A- . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll [1890816] O44 - LFC:[MD5.2299D30B0C3F41687127DDAC5B3CAC32] - 14/11/2013 - 08:22:05 ---A- . (.Microsoft Corporation - GDI Client DLL.) -- C:\Windows\SysNative\gdi32.dll [1300992] O44 - LFC:[MD5.2299D30B0C3F41687127DDAC5B3CAC32] - 14/11/2013 - 08:22:05 ---A- . (.Microsoft Corporation - GDI Client DLL.) -- C:\Windows\System32\gdi32.dll [1300992] O44 - LFC:[MD5.59A3F0EE45069600241CEF1A3A165000] - 14/11/2013 - 08:22:15 ---A- . (.Microsoft Corporation - Authentication Provider.) -- C:\Windows\SysNative\storewuauth.dll [175104] O44 - LFC:[MD5.59A3F0EE45069600241CEF1A3A165000] - 14/11/2013 - 08:22:15 ---A- . (.Microsoft Corporation - Authentication Provider.) -- C:\Windows\System32\storewuauth.dll [175104] O44 - LFC:[MD5.C85F997D1BC04C5D0C8193183C70D6E4] - 14/11/2013 - 08:22:15 ---A- . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\SysNative\wuapp.exe [40448] O44 - LFC:[MD5.C85F997D1BC04C5D0C8193183C70D6E4] - 14/11/2013 - 08:22:15 ---A- . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\System32\wuapp.exe [40448] O44 - LFC:[MD5.71966AEA65DCCE5A749B27D07DFA524E] - 14/11/2013 - 08:22:15 ---A- . (.Microsoft Corporation - Windows Update WUDriver Stub.) -- C:\Windows\SysNative\wudriver.dll [99328] O44 - LFC:[MD5.71966AEA65DCCE5A749B27D07DFA524E] - 14/11/2013 - 08:22:15 ---A- . (.Microsoft Corporation - Windows Update WUDriver Stub.) -- C:\Windows\System32\wudriver.dll [99328] O44 - LFC:[MD5.96486A251B78FFBD9C559C78054BAD59] - 14/11/2013 - 08:22:16 ---A- . (.Microsoft Corporation - DLL de l’API des services Web pour périphér.) -- C:\Windows\SysNative\WSDApi.dll [599040] O44 - LFC:[MD5.96486A251B78FFBD9C559C78054BAD59] - 14/11/2013 - 08:22:16 ---A- . (.Microsoft Corporation - DLL de l’API des services Web pour périphér.) -- C:\Windows\System32\WSDApi.dll [599040] O44 - LFC:[MD5.05238CE241F616ECFE061C3363FFD8F7] - 14/11/2013 - 08:22:16 ---A- . (.Microsoft Corporation - Windows Update Modern WuApp.) -- C:\Windows\SysNative\WUSettingsProvider.dll [252928] O44 - LFC:[MD5.05238CE241F616ECFE061C3363FFD8F7] - 14/11/2013 - 08:22:16 ---A- . (.Microsoft Corporation - Windows Update Modern WuApp.) -- C:\Windows\System32\WUSettingsProvider.dll [252928] O44 - LFC:[MD5.7F77886AC6F915075DC0C37264B02713] - 14/11/2013 - 08:22:16 ---A- . (.Microsoft Corporation - Windows Update Vista Web Control.) -- C:\Windows\SysNative\wuwebv.dll [142848] O44 - LFC:[MD5.7F77886AC6F915075DC0C37264B02713] - 14/11/2013 - 08:22:16 ---A- . (.Microsoft Corporation - Windows Update Vista Web Control.) -- C:\Windows\System32\wuwebv.dll [142848] O44 - LFC:[MD5.DA041324BA6417672F464BCCD7B4028F] - 14/11/2013 - 08:22:16 ---A- . (.Microsoft Corporation - Windows Update.) -- C:\Windows\SysNative\wuauclt.exe [59416] O44 - LFC:[MD5.DA041324BA6417672F464BCCD7B4028F] - 14/11/2013 - 08:22:16 ---A- . (.Microsoft Corporation - Windows Update.) -- C:\Windows\System32\wuauclt.exe [59416] O44 - LFC:[MD5.C1646A95EAC515F60CDB2A7A8A013C1E] - 14/11/2013 - 08:22:17 ---A- . (.Microsoft Corporation - BitLocker Drive Encryption Driver.) -- C:\Windows\System32\Drivers\fvevol.sys [465240] O44 - LFC:[MD5.07C872F13ACC81A5F10DEC6CF37BF9A8] - 14/11/2013 - 08:22:17 ---A- . (.Microsoft Corporation - Crash Dump Driver.) -- C:\Windows\System32\Drivers\crashdmp.sys [61784] O44 - LFC:[MD5.16C7029B1FBD1F80B2337933E66BF793] - 14/11/2013 - 08:22:17 ---A- . (.Microsoft Corporation - DLL du Gestionnaire de processus d’arrière-.) -- C:\Windows\SysNative\ubpm.dll [328192] O44 - LFC:[MD5.16C7029B1FBD1F80B2337933E66BF793] - 14/11/2013 - 08:22:17 ---A- . (.Microsoft Corporation - DLL du Gestionnaire de processus d’arrière-.) -- C:\Windows\System32\ubpm.dll [328192] O44 - LFC:[MD5.4AF9E996881DD382EF34C094FFF26670] - 14/11/2013 - 08:22:17 ---A- . (.Microsoft Corporation - Expérience utilisateur du client Windows Up.) -- C:\Windows\SysNative\wucltux.dll [1622016] O44 - LFC:[MD5.4AF9E996881DD382EF34C094FFF26670] - 14/11/2013 - 08:22:17 ---A- . (.Microsoft Corporation - Expérience utilisateur du client Windows Up.) -- C:\Windows\System32\wucltux.dll [1622016] O44 - LFC:[MD5.510A64BC84EA509337AAA67A888F101C] - 14/11/2013 - 08:22:17 ---A- . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\SysNative\kerberos.dll [817152] O44 - LFC:[MD5.510A64BC84EA509337AAA67A888F101C] - 14/11/2013 - 08:22:17 ---A- . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll [817152] O44 - LFC:[MD5.E94F7A7B48C7638D1F3F8089344C97B7] - 14/11/2013 - 08:22:17 ---A- . (.Microsoft Corporation - Pilote de périphérique TPM.) -- C:\Windows\System32\Drivers\tpm.sys [151896] O44 - LFC:[MD5.11F1BA1F5D9D63DA9332FB48E316CF20] - 14/11/2013 - 08:22:18 ---A- . (.Microsoft Corporation - API du client Windows Update.) -- C:\Windows\SysNative\wuapi.dll [773120] O44 - LFC:[MD5.11F1BA1F5D9D63DA9332FB48E316CF20] - 14/11/2013 - 08:22:18 ---A- . (.Microsoft Corporation - API du client Windows Update.) -- C:\Windows\System32\wuapi.dll [773120] O44 - LFC:[MD5.58FE249FBABBA09A98EBAF28B0E0C382] - 14/11/2013 - 08:22:18 ---A- . (.Microsoft Corporation - Programme principal d’automation de l’inter.) -- C:\Windows\SysNative\UIAutomationCore.dll [1173504] O44 - LFC:[MD5.58FE249FBABBA09A98EBAF28B0E0C382] - 14/11/2013 - 08:22:18 ---A- . (.Microsoft Corporation - Programme principal d’automation de l’inter.) -- C:\Windows\System32\UIAutomationCore.dll [1173504] O44 - LFC:[MD5.5EE919B9C3056B399E488A9B253E258A] - 14/11/2013 - 08:22:19 ---A- . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\SysNative\wuaueng.dll [3279360] O44 - LFC:[MD5.5EE919B9C3056B399E488A9B253E258A] - 14/11/2013 - 08:22:19 ---A- . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll [3279360] O44 - LFC:[MD5.B37AF4CB7C5BBE8ABF0CD7E796AB1EB3] - 14/11/2013 - 08:22:21 ---A- . (.Microsoft Corporation - Windows.UI.Xaml dll.) -- C:\Windows\SysNative\Windows.UI.Xaml.dll [13661696] O44 - LFC:[MD5.B37AF4CB7C5BBE8ABF0CD7E796AB1EB3] - 14/11/2013 - 08:22:21 ---A- . (.Microsoft Corporation - Windows.UI.Xaml dll.) -- C:\Windows\System32\Windows.UI.Xaml.dll [13661696] O44 - LFC:[MD5.971BCACC7310DB7B8373F6D6DD5B956F] - 14/11/2013 - 08:25:51 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\SysNative\MRT.exe [82896128] O44 - LFC:[MD5.971BCACC7310DB7B8373F6D6DD5B956F] - 14/11/2013 - 08:25:51 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [82896128] O44 - LFC:[MD5.CAC3C21BC3C76622ABD491774F03C914] - 21/11/2013 - 21:00:07 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [307832] O44 - LFC:[MD5.CAC3C21BC3C76622ABD491774F03C914] - 21/11/2013 - 21:00:07 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [307832] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/11/2013 - 15:56:50 ---A- . (...) -- C:\Windows\setuperr.log [0] O44 - LFC:[MD5.0761A20F62DDB60A0DBE3FB8EFEA909B] - 22/11/2013 - 15:56:52 ---A- . (...) -- C:\Windows\setupact.log [778] O44 - LFC:[MD5.8159960E8BA20F1C4A4EBCF0DAEC60E5] - 22/11/2013 - 15:57:33 ---A- . (.SEIKO EPSON CORPORATION - ECBTEGB AMD64.) -- C:\Windows\SysNative\E_ID4BIKE.DLL [83968] O44 - LFC:[MD5.8159960E8BA20F1C4A4EBCF0DAEC60E5] - 22/11/2013 - 15:57:33 ---A- . (.SEIKO EPSON CORPORATION - ECBTEGB AMD64.) -- C:\Windows\System32\E_ID4BIKE.DLL [83968] O44 - LFC:[MD5.9459134133FB09BA956A28AAFAE78186] - 22/11/2013 - 15:57:33 ---A- . (.SEIKO EPSON CORPORATION - EPSON Bi-directional Monitor AMD64.) -- C:\Windows\SysNative\E_ILMIKE.DLL [120320] O44 - LFC:[MD5.9459134133FB09BA956A28AAFAE78186] - 22/11/2013 - 15:57:33 ---A- . (.SEIKO EPSON CORPORATION - EPSON Bi-directional Monitor AMD64.) -- C:\Windows\System32\E_ILMIKE.DLL [120320] O44 - LFC:[MD5.BAC5074667751F72A9CE48CDC31BAC48] - 22/11/2013 - 15:57:34 ---A- . (.SEIKO EPSON CORP. - E_GCINST.) -- C:\Windows\SysNative\E_GCINST.DLL [10752] O44 - LFC:[MD5.BAC5074667751F72A9CE48CDC31BAC48] - 22/11/2013 - 15:57:34 ---A- . (.SEIKO EPSON CORP. - E_GCINST.) -- C:\Windows\System32\E_GCINST.DLL [10752] O44 - LFC:[MD5.75FCBFA584A33DB66C59DC5438332C88] - 22/11/2013 - 16:23:07 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1793362] O44 - LFC:[MD5.1A7FD75AC7B4441E71CFB850D73B3A35] - 22/11/2013 - 16:23:07 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [132416] O44 - LFC:[MD5.135E0B5BFD81B10DF44C5AA43307DFFE] - 22/11/2013 - 16:23:07 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [155444] O44 - LFC:[MD5.9FAE5AC327A1A9793D46D7543702B9D6] - 22/11/2013 - 16:23:07 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [710046] O44 - LFC:[MD5.CCC1B9ABDD545C149B70791EF1CBC330] - 22/11/2013 - 16:23:07 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [799736] O44 - LFC:[MD5.75FCBFA584A33DB66C59DC5438332C88] - 22/11/2013 - 16:23:07 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1793362] O44 - LFC:[MD5.1A7FD75AC7B4441E71CFB850D73B3A35] - 22/11/2013 - 16:23:07 ---A- . (...) -- C:\Windows\System32\perfc009.dat [132416] O44 - LFC:[MD5.135E0B5BFD81B10DF44C5AA43307DFFE] - 22/11/2013 - 16:23:07 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [155444] O44 - LFC:[MD5.9FAE5AC327A1A9793D46D7543702B9D6] - 22/11/2013 - 16:23:07 ---A- . (...) -- C:\Windows\System32\perfh009.dat [710046] O44 - LFC:[MD5.CCC1B9ABDD545C149B70791EF1CBC330] - 22/11/2013 - 16:23:07 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [799736] O44 - LFC:[MD5.0AE4FE7EEBFB622892D8E1BEEF696716] - 22/11/2013 - 21:48:46 ---A- . (...) -- C:\PDOXUSRS.NET [13030] O44 - LFC:[MD5.E00BA18D7F4D2F86C0F70442602D1407] - 23/11/2013 - 09:19:21 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.A5F35A66D32D586FD72FD73944636D98] - 23/11/2013 - 09:39:47 ---A- . (...) -- C:\Windows\WindowsUpdate.log [172612] ~ Files: 90 Scanned in 00mn 54s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.9EE1ACC6DC25136AE01CBC1C701CC778] - 02/11/2013 - 09:54:46 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-7761B15A.pf O45 - LFCP:[MD5.E7A2053C1E8989A02497BC30EA97B9D6] - 03/11/2013 - 20:59:06 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-39AABA37.pf O45 - LFCP:[MD5.58FA3F35C24CD832363DF458F92AC256] - 16/11/2013 - 08:19:09 ---A- - C:\Windows\Prefetch\AgCx_SC4.db O45 - LFCP:[MD5.CBC30147EA452836929BF996BC5D4C9B] - 16/11/2013 - 19:04:40 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-276AC160.pf O45 - LFCP:[MD5.F3F7C2AB8B17CF85693F93CD94798F50] - 19/11/2013 - 14:51:50 ---A- - C:\Windows\Prefetch\AgCx_SC2.db O45 - LFCP:[MD5.4D979D38DD1AB4EEEF689599E3E68162] - 19/11/2013 - 18:33:27 ---A- - C:\Windows\Prefetch\WEBCAM.EXE-0FC158C9.pf O45 - LFCP:[MD5.913B5303B6E1A5638B6A35D245452EBC] - 21/11/2013 - 08:18:31 ---A- - C:\Windows\Prefetch\ARA.EXE-A6FD5EAC.pf O45 - LFCP:[MD5.04BD4B31D37FA5657C0755C86DDE3228] - 21/11/2013 - 09:12:39 ---A- - C:\Windows\Prefetch\dynreservedpri.db O45 - LFCP:[MD5.39F25A5A9E9B5005CA171D4DEA1C56C1] - 21/11/2013 - 13:39:41 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-F7FB8768.pf O45 - LFCP:[MD5.881393E2006D5CB6B7331AF0BDAC2DCE] - 21/11/2013 - 13:47:36 ---A- - C:\Windows\Prefetch\SETUP_WM.EXE-5D2609E7.pf O45 - LFCP:[MD5.9DA269072ECE0E9DD90B6E759B0CE515] - 21/11/2013 - 13:48:00 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-08E78623.pf O45 - LFCP:[MD5.384CBB28162789619D67A460C17BA05F] - 21/11/2013 - 13:48:04 ---A- - C:\Windows\Prefetch\CREDENTIALUIBROKER.EXE-E9F92FD0.pf O45 - LFCP:[MD5.B0B1EAB91AC3FC0A0E673EDD19F41F8F] - 21/11/2013 - 13:51:35 ---A- - C:\Windows\Prefetch\CLEARFIPHOTO.EXE-2A1AA70C.pf O45 - LFCP:[MD5.8C0A083604B3CD7FBFD712D2F2B3E35F] - 21/11/2013 - 13:56:14 ---A- - C:\Windows\Prefetch\FIRSTRUN.EXE-3834855C.pf O45 - LFCP:[MD5.47006D8C25228CF49DF4A0B4050D39B6] - 21/11/2013 - 19:03:04 ---A- - C:\Windows\Prefetch\INS3505.EXE-95E26A3F.pf O45 - LFCP:[MD5.8854EC267423106D74D2EC2570A0CF91] - 21/11/2013 - 19:03:52 ---A- - C:\Windows\Prefetch\IMINENTSETUP_2810-7318364C.EX-EA0163E7.pf =>Adware.IMBooster O45 - LFCP:[MD5.A156B96252472CF748B48CAF3C28C1BD] - 21/11/2013 - 19:04:06 ---A- - C:\Windows\Prefetch\FST_FR_1411-2D39FE62.TMP-284611FC.pf =>PUA.FSTfr9 O45 - LFCP:[MD5.E22E3F68CA4779759AEC27BE77705AE7] - 21/11/2013 - 19:04:14 ---A- - C:\Windows\Prefetch\IMINENTMINIBARIE.EXE-17DEEEE9.pf =>Adware.IMBooster O45 - LFCP:[MD5.FA6D4621FD24E23BC8C5D361792B8CCC] - 21/11/2013 - 19:05:11 ---A- - C:\Windows\Prefetch\APN_ATU3_.EXE-87D19F27.pf O45 - LFCP:[MD5.63E91A1069EBCF295638D96B7D28D3BE] - 21/11/2013 - 19:07:24 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-3714B256.pf O45 - LFCP:[MD5.7A84B2FCAC71E33DB2AEDB7D9E548E96] - 21/11/2013 - 19:10:02 ---A- - C:\Windows\Prefetch\YCT.EXE-6FF63400.pf O45 - LFCP:[MD5.9425F3AB7526EBB6AECAFA9389048258] - 21/11/2013 - 19:16:07 ---A- - C:\Windows\Prefetch\MCUIHOST.EXE-AE5E0AD4.pf O45 - LFCP:[MD5.67C6A1C006253F0A3816DFB753A95B90] - 21/11/2013 - 19:27:04 ---A- - C:\Windows\Prefetch\SETUP.EXE-5E268D1B.pf O45 - LFCP:[MD5.950E29026B508DA2E58D9179BA6C20C5] - 21/11/2013 - 19:27:39 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC.TMP-298106D4.pf =>Rogue.SpeedUpMyPC O45 - LFCP:[MD5.C72F636D884646D3AC5345166E06AC42] - 21/11/2013 - 19:27:43 ---A- - C:\Windows\Prefetch\REVO-UNINSTALLER.EXE-96FBFD73.pf O45 - LFCP:[MD5.027D31BC3F74984E06F6A765C9E05573] - 21/11/2013 - 19:27:55 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC-STANDALONE-SETUP.-83BB7324.pf =>Rogue.SpeedUpMyPC O45 - LFCP:[MD5.C6D3F90C941EECA5967D486CD41E5633] - 21/11/2013 - 19:28:53 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-615B0FDD.pf O45 - LFCP:[MD5.62EDA25817BE88F4582626D9F00B4AE3] - 21/11/2013 - 19:29:52 ---A- - C:\Windows\Prefetch\ATUBE_CATCHER.EXE-68902735.pf O45 - LFCP:[MD5.F4081077976DF4D69DEC0EEAEFCD017F] - 21/11/2013 - 19:29:54 ---A- - C:\Windows\Prefetch\APN_ATU3_.EXE-F4D7F051.pf O45 - LFCP:[MD5.55410B6D4B2D6234239B6965391916C2] - 21/11/2013 - 19:31:02 ---A- - C:\Windows\Prefetch\BOOTSTRAPPER.EXE-A76488EF.pf O45 - LFCP:[MD5.6B64F98FD1341E5A7476850E72F4D028] - 21/11/2013 - 19:31:05 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-BAE57A74.pf O45 - LFCP:[MD5.3C49B51FF8B14A6171E365B9023F859D] - 21/11/2013 - 19:31:10 ---A- - C:\Windows\Prefetch\AU_.EXE-DE061371.pf O45 - LFCP:[MD5.01D4F9A8585F1B64BB967C32EDC650EC] - 21/11/2013 - 19:32:24 ---A- - C:\Windows\Prefetch\LOLLIPOP.EXE-45FC8545.pf =>Adware.Lollipop O45 - LFCP:[MD5.1DD01F4306B91DF7DF68D88B83F34C6B] - 21/11/2013 - 19:39:38 ---A- - C:\Windows\Prefetch\Op-EXPLORER.EXE-03C49D11-000000F5.pf O45 - LFCP:[MD5.48E7AB10DA05026ECE5049473B269473] - 21/11/2013 - 19:41:10 ---A- - C:\Windows\Prefetch\SUMP.EXE-9DEFAA97.pf O45 - LFCP:[MD5.03B670F3FB20046943933B82B1F63E4A] - 21/11/2013 - 21:02:09 ---A- - C:\Windows\Prefetch\UNINS000.EXE-8FFE38A7.pf O45 - LFCP:[MD5.EE745964BD2E1A36AA3347DB4769E35D] - 21/11/2013 - 21:02:11 ---A- - C:\Windows\Prefetch\_IU14D2N.TMP-15217156.pf O45 - LFCP:[MD5.66B5DDAC93D6CBD074069279C2CD0505] - 21/11/2013 - 21:09:02 ---A- - C:\Windows\Prefetch\SYSTEMSETTINGS.EXE-D8CC3B5E.pf O45 - LFCP:[MD5.EBD9B8BE66C01B040B8AD9D4E1C32431] - 21/11/2013 - 21:09:30 ---A- - C:\Windows\Prefetch\SYSTEMRESET.EXE-3E7CD9FA.pf O45 - LFCP:[MD5.36461A18B90E8D606E1CA2CA6E55AAD9] - 22/11/2013 - 09:20:08 ---A- - C:\Windows\Prefetch\CASINOHOST.EXE-F76EE611.pf O45 - LFCP:[MD5.5E2EA968460D7DA33BC81C01B2633B86] - 22/11/2013 - 09:22:56 ---A- - C:\Windows\Prefetch\CASINOGAME.EXE-901BA985.pf O45 - LFCP:[MD5.5D3131ED55EEFB919F447F35E98B8C61] - 22/11/2013 - 10:10:55 ---A- - C:\Windows\Prefetch\ACEREXPLORER.EXE-CFB053F7.pf O45 - LFCP:[MD5.B0994799DE2B2903B9E6ECDD32A220E1] - 22/11/2013 - 10:36:08 ---A- - C:\Windows\Prefetch\CCLEANER64.EXE-1137D9AC.pf =>Piriform Ltd O45 - LFCP:[MD5.C5BFB30DFD00480E00B4143DA15C5361] - 22/11/2013 - 11:49:41 ---A- - C:\Windows\Prefetch\TRACER.EXE-A64CDF9C.pf O45 - LFCP:[MD5.A240F5BD592E5EF1B4B16126AA664D15] - 22/11/2013 - 12:10:32 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf O45 - LFCP:[MD5.C8B98E015FE40063E549D70F2CCB5558] - 22/11/2013 - 12:10:33 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf O45 - LFCP:[MD5.3AAFA495B7814726213B647C333C5A10] - 22/11/2013 - 16:04:36 ---A- - C:\Windows\Prefetch\PICKERHOST.EXE-03F09186.pf O45 - LFCP:[MD5.B272747312BA791D2816720AE48156A9] - 22/11/2013 - 16:07:09 ---A- - C:\Windows\Prefetch\XPSRCHVW.EXE-5C2D99EB.pf O45 - LFCP:[MD5.F89836E0927B73D1CF219A9155550C64] - 22/11/2013 - 16:14:52 ---A- - C:\Windows\Prefetch\OPENWITH.EXE-BA0DC300.pf O45 - LFCP:[MD5.C8D1BF919C83A544AF298C4C5F3F3F55] - 22/11/2013 - 16:17:33 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin O45 - LFCP:[MD5.624BCF36722EF98C9C6F8A771E47CABB] - 22/11/2013 - 16:24:25 ---A- - C:\Windows\Prefetch\PICKERHOST.EXE-103A256A.pf O45 - LFCP:[MD5.6B1CD94CC926247359B5778DEFA9A20F] - 22/11/2013 - 16:27:00 ---A- - C:\Windows\Prefetch\GLCND.EXE-DD45F588.pf O45 - LFCP:[MD5.8148249BB648615448F4AA5BF6EAA85C] - 22/11/2013 - 16:32:44 ---A- - C:\Windows\Prefetch\ERUNT.EXE-4FB63CC1.pf O45 - LFCP:[MD5.FEFCD0B4226677DAB9D58B658FEBC534] - 22/11/2013 - 16:33:48 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf O45 - LFCP:[MD5.A1CE78C22F452BB9C075D44DF364CBF3] - 22/11/2013 - 16:36:17 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-F0516D55.pf O45 - LFCP:[MD5.3E7B4EB8D5D793A43E0A2B26934C0AEF] - 22/11/2013 - 17:02:50 ---A- - C:\Windows\Prefetch\ZHP 2013.TMP-FB47722B.pf O45 - LFCP:[MD5.2C38031CBECCDC4FB28826779E4311F6] - 22/11/2013 - 17:03:12 ---A- - C:\Windows\Prefetch\MINIREG.EXE-E64BE2B3.pf O45 - LFCP:[MD5.4FBE527C70413BA45643EAA7861EEB7C] - 22/11/2013 - 17:03:35 ---A- - C:\Windows\Prefetch\ZHP2.EXE-298CA9E4.pf O45 - LFCP:[MD5.7927D7EDBA61BD30B28AA27A48D7457E] - 22/11/2013 - 17:16:16 ---A- - C:\Windows\Prefetch\REVOUNINSTALLER.EXE-3D1962E3.pf O45 - LFCP:[MD5.0E62745B131AA3848771ED7A04E1F95F] - 22/11/2013 - 18:38:21 ---A- - C:\Windows\Prefetch\E_IARNIKE.EXE-385A9BEA.pf O45 - LFCP:[MD5.0953EF30E2EAB669FC65C47882558727] - 22/11/2013 - 18:43:59 ---A- - C:\Windows\Prefetch\MCAGENT.EXE-88404BE0.pf O45 - LFCP:[MD5.F7D6C564360507B9A5B9D39754527F0C] - 22/11/2013 - 18:44:08 ---A- - C:\Windows\Prefetch\MCSVHOST.EXE-A6A2EB7B.pf O45 - LFCP:[MD5.253E8D4C435A5590FACB0C50C0C1CCE3] - 22/11/2013 - 18:44:12 ---A- - C:\Windows\Prefetch\MCSVHOST.EXE-57FFFCAE.pf O45 - LFCP:[MD5.962231B5FC154618C5AD72D8D05FE8E1] - 22/11/2013 - 19:02:08 ---A- - C:\Windows\Prefetch\MCINFO.EXE-545FA787.pf O45 - LFCP:[MD5.E5C72DFAAB47ACDA7A482246BAB9ADCA] - 22/11/2013 - 19:02:10 ---A- - C:\Windows\Prefetch\MCMIGR~1.EXE-564F8E99.pf O45 - LFCP:[MD5.91EA3EC9DCA1000A8A0AEF6E38A1A006] - 22/11/2013 - 19:17:10 ---A- - C:\Windows\Prefetch\REMARKIT_UP.EXE-703396F6.pf O45 - LFCP:[MD5.555058B6AC3937A97423FAD83BC812C5] - 22/11/2013 - 19:22:33 ---A- - C:\Windows\Prefetch\MCHLP32.EXE-C76241FD.pf O45 - LFCP:[MD5.45D5C08B5973AC7014BFD6BAC1760F49] - 22/11/2013 - 19:22:33 ---A- - C:\Windows\Prefetch\MCSYNC.EXE-8559D2BC.pf O45 - LFCP:[MD5.F807E68DA1994B3B9B08E9DBE7E63CF4] - 22/11/2013 - 19:22:33 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-6520183E.pf O45 - LFCP:[MD5.626F66A240D6F1539D8C02FE5594EFA1] - 22/11/2013 - 20:00:02 ---A- - C:\Windows\Prefetch\MCODS.EXE-B2C51095.pf O45 - LFCP:[MD5.176A58155073FCA81E63630E91B39D71] - 22/11/2013 - 20:00:45 ---A- - C:\Windows\Prefetch\POKERSTARSUPDATE.EXE-0FBB664C.pf O45 - LFCP:[MD5.7D8268239302B86D6809D1C60D509E0A] - 22/11/2013 - 20:00:55 ---A- - C:\Windows\Prefetch\POKERSTARS.EXE-8628E145.pf O45 - LFCP:[MD5.E7CD24BD054B3F2DB572FDC6954C93D4] - 22/11/2013 - 20:23:27 ---A- - C:\Windows\Prefetch\LCPLUGIN27.EXE-D073CFC3.pf O45 - LFCP:[MD5.84E0A871B5DC35465F1A0B05ECE0C346] - 22/11/2013 - 20:23:35 ---A- - C:\Windows\Prefetch\LCPLUGIN27 (1).EXE-641DB045.pf O45 - LFCP:[MD5.B6B6AA0AF2B8F30DCB8B79B9BFA7A6C8] - 22/11/2013 - 20:24:27 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3F4.pf O45 - LFCP:[MD5.62145E78F5395099F95913B2C4735062] - 22/11/2013 - 20:26:06 ---A- - C:\Windows\Prefetch\LCBELOTE.EXE-C2BB5F6D.pf O45 - LFCP:[MD5.77246E5F2FEE68A101D95A3A4FD74E8E] - 22/11/2013 - 20:31:09 ---A- - C:\Windows\Prefetch\LUDI.EXE-0B61340F.pf O45 - LFCP:[MD5.E93AF314925331AE89A78C9CC8548809] - 22/11/2013 - 20:31:19 ---A- - C:\Windows\Prefetch\LCSOLITAIRE.EXE-4E0B3917.pf O45 - LFCP:[MD5.EFEC32233811ED9CD9C6AB3C389C89FE] - 22/11/2013 - 21:10:01 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx O45 - LFCP:[MD5.C1C246440FB5381993B73B64EAEE47C9] - 22/11/2013 - 21:11:01 ---A- - C:\Windows\Prefetch\AgCx_SC1.db O45 - LFCP:[MD5.CB1FA1A79A979F78DFA1BA82D534066A] - 22/11/2013 - 21:14:15 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-3778166341-1465188008-936229986-1001.db O45 - LFCP:[MD5.D2DCB171EB779510DC85F6D489AFD243] - 22/11/2013 - 21:14:15 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-3778166341-1465188008-936229986-1001.db O45 - LFCP:[MD5.D0EA54E94EDD5E1A35AEA8D66BCFD6A7] - 22/11/2013 - 21:30:21 ---A- - C:\Windows\Prefetch\FST_FR_17.EXE-1679EDB1.pf =>PUA.FSTfr9 O45 - LFCP:[MD5.D22169D3937C4730236F1909425F8FA3] - 22/11/2013 - 21:48:45 ---A- - C:\Windows\Prefetch\EPOWERBUTTON.EXE-98D06F6A.pf O45 - LFCP:[MD5.F45E4791A420C837476FA30208049434] - 22/11/2013 - 21:48:45 ---A- - C:\Windows\Prefetch\SMSS.EXE-81AD91F0.pf O45 - LFCP:[MD5.99F2D35F43D91F5941D83AF652A37EB0] - 22/11/2013 - 21:48:46 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-E35F76FB.pf O45 - LFCP:[MD5.E5C0EB07BDAC7A805F793EBED31FC924] - 23/11/2013 - 09:19:24 ---A- - C:\Windows\Prefetch\CSRSS.EXE-A7A2B218.pf O45 - LFCP:[MD5.CEDD580B89216149EB19F445DA2BD4BB] - 23/11/2013 - 09:19:24 ---A- - C:\Windows\Prefetch\DWM.EXE-F29FE9E2.pf O45 - LFCP:[MD5.1D13153490AFD908F9F6E75D2520857E] - 23/11/2013 - 09:19:24 ---A- - C:\Windows\Prefetch\NVVSVC.EXE-D5489D80.pf O45 - LFCP:[MD5.7245D9D0F987C85404216384D167B872] - 23/11/2013 - 09:19:24 ---A- - C:\Windows\Prefetch\NVXDSYNC.EXE-7855AED2.pf O45 - LFCP:[MD5.F77864F36C4D6E493DD4738FFB627982] - 23/11/2013 - 09:19:24 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-676DE1C7.pf O45 - LFCP:[MD5.B63A405DD7F80B08E00DFA97E776B28F] - 23/11/2013 - 09:19:24 ---A- - C:\Windows\Prefetch\WINLOGON.EXE-0D9AB72B.pf O45 - LFCP:[MD5.C804D86764AF3A52AFE7A74FF7622F5E] - 23/11/2013 - 09:19:26 ---A- - C:\Windows\Prefetch\SYSTPLSERVICE.EXE-1B10FCEE.pf O45 - LFCP:[MD5.FC83C9037B1FC44FBA214ED41C1743D4] - 23/11/2013 - 09:19:44 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-92038889.pf O45 - LFCP:[MD5.13FA819222A07632A57A002BAF42788D] - 23/11/2013 - 09:19:45 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-16B8AFA3.pf O45 - LFCP:[MD5.7AC537AF642E627AEAF5B96E3092BB5F] - 23/11/2013 - 09:19:52 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-BB49B536.pf O45 - LFCP:[MD5.F743B376991D27032A1B706377C0BF3A] - 23/11/2013 - 09:19:53 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B865F023.pf O45 - LFCP:[MD5.304082E7945E9E54BAAE3CD2AD8E818F] - 23/11/2013 - 09:20:06 ---A- - C:\Windows\Prefetch\MCAGENT.EXE-5C1A32B3.pf O45 - LFCP:[MD5.CEB3A4FF98D3ABDAB48F2FD6F22287E0] - 23/11/2013 - 09:20:06 ---A- - C:\Windows\Prefetch\NOBUCLIENT.EXE-74C4A059.pf O45 - LFCP:[MD5.E4FF23128E0DEC9E1AACAE609EB92ABC] - 23/11/2013 - 09:20:07 ---A- - C:\Windows\Prefetch\MCUICNT.EXE-D0E68351.pf O45 - LFCP:[MD5.41F37F516F27C5083529341BB271F028] - 23/11/2013 - 09:20:07 ---A- - C:\Windows\Prefetch\QUICKSTART.EXE-98196C21.pf O45 - LFCP:[MD5.5C537E94ABFC0CEB57EF80C87E9C3F6B] - 23/11/2013 - 09:20:09 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-E874B0D0.pf O45 - LFCP:[MD5.167EDA14014261DC1ECCF83C51F7DAF6] - 23/11/2013 - 09:20:13 ---A- - C:\Windows\Prefetch\RAVCPL64.EXE-C0BB540D.pf O45 - LFCP:[MD5.7247B954DEEB76AB6FED236292039DC2] - 23/11/2013 - 09:20:13 ---A- - C:\Windows\Prefetch\RUNTIMEBROKER.EXE-17E2786F.pf O45 - LFCP:[MD5.A088DC0AF7A365CA74AEF41D97F490FE] - 23/11/2013 - 09:20:14 ---A- - C:\Windows\Prefetch\GOOGLETOOLBARNOTIFIER.EXE-B25C45A8.pf =>Toolbar.Google O45 - LFCP:[MD5.F5F8ECE0FC4D353CAE5701A98A8E8D7E] - 23/11/2013 - 09:20:15 ---A- - C:\Windows\Prefetch\E_IATIIKE.EXE-B5F51193.pf O45 - LFCP:[MD5.7ABF45CAFB0CE55E93E32B6F43EA0220] - 23/11/2013 - 09:20:16 ---A- - C:\Windows\Prefetch\ARCSERVER.EXE-E9376B07.pf O45 - LFCP:[MD5.72DA2EA8ADC2E98083856ED9D51C1A2B] - 23/11/2013 - 09:20:17 ---A- - C:\Windows\Prefetch\SYSTPL.EXE-DEAA3B41.pf O45 - LFCP:[MD5.8D063A336FCFDA84BBF3F428E152569B] - 23/11/2013 - 09:20:19 ---A- - C:\Windows\Prefetch\SOFFICE.BIN-72E915F8.pf O45 - LFCP:[MD5.FBC2250CA22662911D64D7E60865DFE8] - 23/11/2013 - 09:20:28 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6AA5D6C5.pf O45 - LFCP:[MD5.1395CB714AF28218B1EBB501DDBB3A74] - 23/11/2013 - 09:20:46 ---A- - C:\Windows\Prefetch\CSC.EXE-4D47A477.pf O45 - LFCP:[MD5.B0FDB0DB6699823CE7C464D372F02D46] - 23/11/2013 - 09:20:46 ---A- - C:\Windows\Prefetch\CVTRES.EXE-9077A165.pf O45 - LFCP:[MD5.1B47C6EC1BA5A37B3E165B4208BF14D7] - 23/11/2013 - 09:20:50 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-8329E055.pf O45 - LFCP:[MD5.F7CB6BC1FF12E8689BDA2361496AF1BD] - 23/11/2013 - 09:20:58 ---A- - C:\Windows\Prefetch\AgCx_SC5.db O45 - LFCP:[MD5.96373FB44A7C176DBEE8670C5B3B79B0] - 23/11/2013 - 09:21:49 ---A- - C:\Windows\Prefetch\MCHOST.EXE-428069A1.pf O45 - LFCP:[MD5.76A3BC8F1DDA8FC0A25E87A3CAAB8D36] - 23/11/2013 - 09:22:58 ---A- - C:\Windows\Prefetch\UPFST_FR_17.EXE-02F7C8D6.pf =>PUA.FSTfr9 O45 - LFCP:[MD5.14AB4B76861D13C2ED82BB34854ABE59] - 23/11/2013 - 09:23:01 ---A- - C:\Windows\Prefetch\MAJFSTFR.EXE-93B18083.pf O45 - LFCP:[MD5.542D920CC16BEB7ECEB42CB2C6F872AB] - 23/11/2013 - 09:23:01 ---A- - C:\Windows\Prefetch\MAJFSTFR.TMP-BB03496E.pf O45 - LFCP:[MD5.A4956EF93DB9C5460A3497CB25660BD9] - 23/11/2013 - 09:24:21 ---A- - C:\Windows\Prefetch\MCINSTRU.EXE-F710CFF1.pf O45 - LFCP:[MD5.951FDDA4F7DB3B5BB9ABA2A000A86625] - 23/11/2013 - 09:24:22 ---A- - C:\Windows\Prefetch\MCSMTFWK.EXE-C4692801.pf O45 - LFCP:[MD5.48967669B91921F617D6E47775F566ED] - 23/11/2013 - 09:24:22 ---A- - C:\Windows\Prefetch\MCUICNT.EXE-050F1A86.pf O45 - LFCP:[MD5.331F10876462685D29FA078B425E7663] - 23/11/2013 - 09:24:24 ---A- - C:\Windows\Prefetch\MCOCROLLBACK.EXE-48449529.pf O45 - LFCP:[MD5.39D8497E6912F7A5CE20916C385BBD05] - 23/11/2013 - 09:29:55 ---A- - C:\Windows\Prefetch\NOTIFICATION.EXE-DF0C3CF0.pf O45 - LFCP:[MD5.BD60138906545FF097825EE809EE80E5] - 23/11/2013 - 09:31:40 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-6132DF3D.pf O45 - LFCP:[MD5.7491939046BB62BB30CAA8C43D7E98E6] - 23/11/2013 - 09:33:27 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-7761B151.pf O45 - LFCP:[MD5.F3F1968894FE119F25D706B3C3C4E7AB] - 23/11/2013 - 09:33:33 ---A- - C:\Windows\Prefetch\BACKGROUNDTRANSFERHOST.EXE-7DDF8CD2.pf O45 - LFCP:[MD5.C4661894FFE7057E2E7A4D7BB5C6414B] - 23/11/2013 - 09:36:34 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-5FE780D4.pf O45 - LFCP:[MD5.F44AE2E3386DF1339DC472EED3807F1F] - 23/11/2013 - 09:36:35 ---A- - C:\Windows\Prefetch\WERMGR.EXE-6E6280E6.pf O45 - LFCP:[MD5.FC2F1AD539ECC7A19F9C04F9B1EEEF7A] - 23/11/2013 - 09:39:56 ---A- - C:\Windows\Prefetch\TIWORKER.EXE-375F3D59.pf O45 - LFCP:[MD5.DBA87BEEDC5E9707F17B8C12431ED224] - 23/11/2013 - 09:39:56 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-B018CCBF.pf O45 - LFCP:[MD5.DDD180065DF209B8CA0A34A71A2D9962] - 23/11/2013 - 09:41:29 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EA0A52C8.pf O45 - LFCP:[MD5.5AD280E3BA7716E2CF3C5E318B42FA26] - 23/11/2013 - 09:41:38 ---A- - C:\Windows\Prefetch\SETTINGSYNCHOST.EXE-DD400067.pf O45 - LFCP:[MD5.E16D8CABCEE9DA23FF30D4578349EA9C] - 23/11/2013 - 09:41:38 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-3C5D03F7.pf O45 - LFCP:[MD5.68311D80BECBE626518E265D01695524] - 23/11/2013 - 09:41:38 ---A- - C:\Windows\Prefetch\TASKHOSTEX.EXE-7356AAC0.pf O45 - LFCP:[MD5.DF39563E4542FA7BBBCBC74D1A6FAADC] - 23/11/2013 - 09:41:39 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-7D20CFB0.pf O45 - LFCP:[MD5.091E06EAA98DDFCA1BF055808AA62C3A] - 23/11/2013 - 09:41:39 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-CD4E002C.pf O45 - LFCP:[MD5.3383025427D9A0A8E754A390EC52D9D1] - 23/11/2013 - 09:41:40 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-4DB88ADA.pf O45 - LFCP:[MD5.A1CB9029E3CDED0FC63734CD0413977B] - 23/11/2013 - 09:41:42 ---A- - C:\Windows\Prefetch\Layout.ini O45 - LFCP:[MD5.83490695676E4A0D60D14E3EC122E31C] - 23/11/2013 - 09:41:50 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-55FE3087.pf O45 - LFCP:[MD5.5294A35E42EEA5DAAEB735990321C81C] - 23/11/2013 - 09:41:50 ---A- - C:\Windows\Prefetch\NGEN.EXE-A8DBB043.pf O45 - LFCP:[MD5.7FBC2BDAC46B105CCE782A928084E2D1] - 23/11/2013 - 09:41:53 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-D593A5D9.pf O45 - LFCP:[MD5.3BCEE8C23AEECB170FB04B5D5044A5DA] - 23/11/2013 - 09:41:53 ---A- - C:\Windows\Prefetch\NGEN.EXE-383F81D5.pf O45 - LFCP:[MD5.0DA7B920D02A7D7AAE72B7AFDC9521EE] - 23/11/2013 - 09:51:33 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-29D61DAB.pf O45 - LFCP:[MD5.5ED42909BF23386A5824B4B8694ECCE2] - 23/11/2013 - 09:51:39 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-D687BE54.pf O45 - LFCP:[MD5.BFF102B5130CF19F9FC703CF9FDEEBF1] - 23/11/2013 - 09:52:47 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-985C34E6.pf O45 - LFCP:[MD5.092864623FAA77A83FE2D4461FF45CA0] - 23/11/2013 - 10:05:36 ---A- - C:\Windows\Prefetch\MCSVRCNT.EXE-3C30113B.pf O45 - LFCP:[MD5.5FEDDDA0AD8CE72608B20F95DC5EB509] - 23/11/2013 - 10:05:36 ---A- - C:\Windows\Prefetch\MCVSMAP.EXE-64B21786.pf O45 - LFCP:[MD5.065B869F244B8E57E44C25F8D5027496] - 23/11/2013 - 10:05:37 ---A- - C:\Windows\Prefetch\MCUPDATE.EXE-C6EAC66C.pf O45 - LFCP:[MD5.2D9520102B706D513D02B493C1715072] - 23/11/2013 - 10:05:38 ---A- - C:\Windows\Prefetch\HWUPDCHK.EXE-9AC16830.pf O45 - LFCP:[MD5.D93A4A45F4AF615AA5E97C3A5CDA2CD4] - 23/11/2013 - 10:05:42 ---A- - C:\Windows\Prefetch\MCUPDMGR.EXE-73F1857E.pf O45 - LFCP:[MD5.7CF350ED98374BE45E887BD9154D03B2] - 23/11/2013 - 10:05:42 ---A- - C:\Windows\Prefetch\SAUPD.EXE-C3B1E227.pf O45 - LFCP:[MD5.7C587D6518BCD37006D707A996ABA754] - 23/11/2013 - 10:05:44 ---A- - C:\Windows\Prefetch\QCSHM.EXE-706708ED.pf O45 - LFCP:[MD5.BBA059731F9CDAAA99C271DCE4D69CB6] - 23/11/2013 - 10:09:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-23205583.pf O45 - LFCP:[MD5.B9CA32E325EF6C1E937992D04E83C450] - 23/11/2013 - 10:10:34 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db O45 - LFCP:[MD5.1C74EF44B4F711B9B96B356723CA33E2] - 23/11/2013 - 10:10:34 ---A- - C:\Windows\Prefetch\AgRobust.db O45 - LFCP:[MD5.443CD90DEB3F0CFF0D6817D747F8A144] - 23/11/2013 - 10:10:35 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db O45 - LFCP:[MD5.2A01615F7F6480E0D6FE2BE190B080DF] - 23/11/2013 - 10:10:35 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db O45 - LFCP:[MD5.69E6004AE252D9FEE158141E6DD52661] - 23/11/2013 - 10:10:55 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-62E5E10F.pf O45 - LFCP:[MD5.A361E2DBC924EE0AAD83FA029FD5FEAE] - 23/11/2013 - 10:11:14 ---A- - C:\Windows\Prefetch\CHROME.EXE-9812FE60.pf O45 - LFCP:[MD5.A915D8498271E58E65C743E1933B1EDC] - 23/11/2013 - 10:13:06 ---A- - C:\Windows\Prefetch\DELEGATE_EXECUTE.EXE-8869DDC1.pf O45 - LFCP:[MD5.80827C6800074C5C75FCD34D72B5F1B0] - 23/11/2013 - 10:13:54 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-C6CFE2A8.pf O45 - LFCP:[MD5.20B7A383E63A561988D8DBCE154D5CCB] - 23/11/2013 - 10:13:58 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-9848A323.pf O45 - LFCP:[MD5.8B67C57F773580FA17F034D720CD2E37] - 23/11/2013 - 10:15:07 ---A- - C:\Windows\Prefetch\CONSENT.EXE-2D674CE4.pf O45 - LFCP:[MD5.8D468EF2A8B429B876836E6D4570623F] - 23/11/2013 - 10:15:08 ---A- - C:\Windows\Prefetch\NVTRAY.EXE-981FA625.pf O45 - LFCP:[MD5.5E79D93523B30A49B10422F5FDE0B3BE] - 23/11/2013 - 10:15:15 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-2D77A9D8.pf O45 - LFCP:[MD5.4863280CED399A5A779D4A13CF76C2AC] - 23/11/2013 - 10:15:17 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-4525BB3D.pf O45 - LFCP:[MD5.CFF0BCA48D9C72C009DDE797DC30280C] - 23/11/2013 - 10:15:18 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-B8313A2A.pf O45 - LFCP:[MD5.D5A2093386A14E1D1ABCC12949A95B6E] - 23/11/2013 - 10:16:00 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-38926D07.pf O45 - LFCP:[MD5.6A0651E208186D0EC34BEEC9621A9FCD] - 23/11/2013 - 10:16:05 ---A- - C:\Windows\Prefetch\THUMBNAILEXTRACTIONHOST.EXE-C3FB8861.pf O45 - LFCP:[MD5.221BD641B40DF1EDEA4D8EEBF77BC931] - 23/11/2013 - 10:16:07 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-10E4267C.pf O45 - LFCP:[MD5.88BAC570BBFC73BC323AD7CDB9CED9D1] - 23/11/2013 - 10:16:10 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-210D3DBE.pf O45 - LFCP:[MD5.E7784487459E16E19DB99A6BDEB64087] - 23/11/2013 - 10:16:30 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-5F2753B1.pf O45 - LFCP:[MD5.8674375393B1C2B7985D5C6BEA7C4757] - 23/11/2013 - 10:16:35 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50AF0BCC.pf O45 - LFCP:[MD5.A574261267D46BB5D171C7DFE5EB3CD9] - 23/11/2013 - 10:16:40 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-C7289479.pf O45 - LFCP:[MD5.F7B9D2F580EBDEB8717B9B8397A798AA] - 23/11/2013 - 10:17:31 ---A- - C:\Windows\Prefetch\CMD.EXE-2EB3E6E2.pf O45 - LFCP:[MD5.284CD0E6B96C79C0D17A6A42EFFEA80B] - 23/11/2013 - 10:17:31 ---A- - C:\Windows\Prefetch\CONHOST.EXE-F98A1078.pf O45 - LFCP:[MD5.4CB8EFCD20FD01894AB2996FF681B0A2] - 23/11/2013 - 10:17:31 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-E9FF6526.pf O45 - LFCP:[MD5.5D98D19F209E7B648DF42375277F1AFF] - 23/11/2013 - 10:17:32 ---A- - C:\Windows\Prefetch\PV.EXE-D9D90B9C.pf O45 - LFCP:[MD5.F3AAF222990C8D24C162BD43CF076C71] - 23/11/2013 - 10:17:36 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-D08B2113.pf O45 - LFCP:[MD5.9485BD2B3C958AED88AE8E8553F01577] - 23/11/2013 - 10:17:39 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-0C8A533A.pf O45 - LFCP:[MD5.FF0DB7F03AC7D084FDC9EE2A832F153D] - 23/11/2013 - 10:17:40 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-7B160CA5.pf O45 - LFCP:[MD5.5D148FB7C1145DB1A95E9EF8C52A3BA8] - 23/11/2013 - 10:17:42 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-0AD36442.pf O45 - LFCP:[MD5.ADFE65BF375DFE81540AEE8D7AC1E448] - 23/11/2013 - 10:17:57 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5B401A7E.pf O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 23/11/2149 - 17:02:12 ----D - C:\Windows\Prefetch\ReadyBoot O45 - LFCP:[MD5.5A9D723A399F9C0E4165727BC0109432] - 26/10/2013 - 09:22:49 ---A- - C:\Windows\Prefetch\DISPLAYSWITCH.EXE-4D432882.pf O45 - LFCP:[MD5.5B33FF2764D26CE8E997A9A50B6DB684] - 28/10/2013 - 20:27:51 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-94CE7668.pf O45 - LFCP:[MD5.6DA2B8D087E299DCFB2B10491187D064] - 30/10/2013 - 20:58:20 ---A- - C:\Windows\Prefetch\LCTAROT.EXE-9F391393.pf ~ Prefetcher: 187 Scanned in 00mn 00s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll ~ LSA: 9 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfefirek.sys . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\Windows\System32\Drivers\mfefirek.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfehidk.sys . (.McAfee, Inc. - McAfee Link Driver.) -- C:\Windows\System32\Drivers\mfehidk.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 19 Scanned in 00mn 00s ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51) O51 - MPSK:{d76a96c1-3c02-11e3-be78-7427ea4db901}\AutoRun\command. (...) -- F:\Startme.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.i420"="lvcod64.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcod64.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 3 Scanned in 00mn 00s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1 O55 - MWPS:[HKLM\...\Policies\System] - "DisableTaskMgr"=0 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 ~ MWPS: 20 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRun"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoControlPanel"=0 ~ MWPE Keys: 5 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.4F18D4C7EA14F11A7211F60D553C03DB] - 26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [106736] ~ Drivers: 20 Scanned in 00mn 00s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 20/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001420_341369d2936823.eml [20108] =>.Microsoft Corporation O61 - LFC: 20/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001421_13b559cd3d94e3.eml [21031] =>.Microsoft Corporation O61 - LFC: 20/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001422_53365499af462a.eml [81297] =>.Microsoft Corporation O61 - LFC: 20/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001423_a46bcbfc92973.eml [109611] =>.Microsoft Corporation O61 - LFC: 20/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001424_3b228e41b1e44c.eml [40832] =>.Microsoft Corporation O61 - LFC: 20/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001436_8d31d05b984b8.eml [127799] =>.Microsoft Corporation O61 - LFC: 20/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001442_c8e2178d78021a.eml [22299] =>.Microsoft Corporation O61 - LFC: 20/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001448_441de1e745f16.eml [10194] =>.Microsoft Corporation O61 - LFC: 20/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\2000144c_6d2428cd376a5.eml [90636] =>.Microsoft Corporation O61 - LFC: 20/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\2000142b_a951b5d4b5ee20.eml [20108] =>.Microsoft Corporation O61 - LFC: 20/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\2000142c_af10912ca64470.eml [21031] =>.Microsoft Corporation O61 - LFC: 20/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\2000142f_5d0faecf60684e.eml [81297] =>.Microsoft Corporation O61 - LFC: 20/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001430_b3543a50efa994.eml [109611] =>.Microsoft Corporation O61 - LFC: 20/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001432_988813ce81d387.eml [40832] =>.Microsoft Corporation O61 - LFC: 20/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001437_6a053603fce9ba.eml [127799] =>.Microsoft Corporation O61 - LFC: 20/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001446_4239bc1aed41ba.eml [22299] =>.Microsoft Corporation O61 - LFC: 20/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\2000144a_d6597520fdb7b7.eml [10194] =>.Microsoft Corporation O61 - LFC: 20/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\2000144d_b1895e181771e0.eml [90636] =>.Microsoft Corporation O61 - LFC: 20/11/2013 - 10:19:23 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\0A909B921390EB7C9AC029CAE42A4A01.psi [4369] O61 - LFC: 20/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\4A43750AEF491D6948FF17CC33B1AF30.psi [5087] O61 - LFC: 20/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\5C221A2BDEEFB41D7256379C02D0557E.psi [3312] O61 - LFC: 20/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\7B64D8D77476B34C219A82D1FDDF92F4.psi [16359] O61 - LFC: 20/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\ABABDC1B0FE273C61AE9D663EE5BDEC6.psi [3237] O61 - LFC: 20/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\AE196692F3A1E3C89AB8B66DB6871722.psi [6557] O61 - LFC: 20/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\E9E10612593EFEECBBD043F280E1B464.psi [5285] O61 - LFC: 21/11/2013 - 10:19:07 ---A- . (...) -- C:\Users\martial\AppData\Local\clear.fi\MediaSharingSetting.xml [99] O61 - LFC: 21/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies [6144] O61 - LFC: 21/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000988.ldb [320] O61 - LFC: 21/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\fst_fr_17\user_profil.cyp [1676] =>PUA.FSTfr9 O61 - LFC: 21/11/2013 - 10:19:11 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel\1.135_1\b.html [91] O61 - LFC: 21/11/2013 - 10:19:11 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel\1.135_1\b.js [1081] O61 - LFC: 21/11/2013 - 10:19:11 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel\1.135_1\c.js [3261] O61 - LFC: 21/11/2013 - 10:19:11 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel\1.135_1\icon128.png [2873] O61 - LFC: 21/11/2013 - 10:19:11 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel\1.135_1\icon16.png [739] O61 - LFC: 21/11/2013 - 10:19:11 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel\1.135_1\icon48.png [2462] O61 - LFC: 21/11/2013 - 10:19:11 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel\1.135_1\manifest.json [800] O61 - LFC: 21/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fnopmpmeehlabkfhidnechiihgpfoaif_0.localstorage [3072] O61 - LFC: 21/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dcpfhaghaadpjpgocojgnlhjcieeooel\000005.ldb [132] O61 - LFC: 21/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dcpfhaghaadpjpgocojgnlhjcieeooel\CURRENT [16] O61 - LFC: 21/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dcpfhaghaadpjpgocojgnlhjcieeooel\LOCK [0] O61 - LFC: 21/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dcpfhaghaadpjpgocojgnlhjcieeooel\LOG [145] O61 - LFC: 21/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dcpfhaghaadpjpgocojgnlhjcieeooel\LOG.old [145] O61 - LFC: 21/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dcpfhaghaadpjpgocojgnlhjcieeooel\MANIFEST-000050 [77] O61 - LFC: 21/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\data_0 [8192] O61 - LFC: 21/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\data_1 [270336] O61 - LFC: 21/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\data_2 [8192] O61 - LFC: 21/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\data_3 [8192] O61 - LFC: 21/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\index [524656] O61 - LFC: 21/11/2013 - 10:19:17 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\BrowserChoice_cw5n1h2txyewy\Settings\settings.dat [8192] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:17 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\E97CB0A1.LogitechCameraController_wd885nsp30hay\Settings\settings.dat [8192] O61 - LFC: 21/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\INetCookies\R2S4SPHS.txt [193] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001485_58b1ba105dd2e8.eml [108480] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001486_84c4f0d8cdf093.eml [105557] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\2000148b_4a7802fc71e63.eml [9810] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\2000148c_b785256dfaf0b7.eml [21514] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\2000148d_86f674b07e837d.eml [1387] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\944E5B697BC46FE14AB888AE8A1EBB99_2269679B991E7B74D029ADC1DCE94782 [1480] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\AFA2A5744430E65F42D3175FABFBE3E8 [31710] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\944E5B697BC46FE14AB888AE8A1EBB99_2269679B991E7B74D029ADC1DCE94782 [482] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\AC9005F5466BD463DF06D711B370595F [316] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\AFA2A5744430E65F42D3175FABFBE3E8 [222] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001488_8bdc6b994fdf54.eml [108480] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001489_69d6fd88df87a8.eml [105557] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001491_87c40349e5ff19.eml [9810] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001493_7cc21749afbef.eml [21514] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001494_95558eff5bba43.eml [1387] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001496_93a63a632c619.eml [136899] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001499_e4cbe60d22e2d.eml [52572] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\2000149a_6d5332a590ae9f.eml [51251] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\2000149c_92179ea98e1b8c.eml [124506] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014a0_ee43aa951ab9b2.eml [52691] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014a1_613437ffdd8f6c.eml [9819] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014a2_6fa0b8a59cea2c.eml [11930] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014a4_20e2920d5d4ce.eml [85560] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\20001495_8fefd45fea4a90.eml [136899] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\20001497_9a49a47efe72f7.eml [52572] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\20001498_4ad93e0326118.eml [51251] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\2000149b_e7858104de685.eml [124506] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\2000149d_697170f2718c5.eml [52691] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\2000149e_c9eb89cbc0bf3b.eml [9819] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\2000149f_a1f36e1d36cbb8.eml [11930] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200014a3_89466cdc423021.eml [85560] =>.Microsoft Corporation O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\BackgroundTransferApi\1976fdf4-56ba-4ba5-81f5-9389a98bf689.down_data [0] O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\BackgroundTransferApi\1976fdf4-56ba-4ba5-81f5-9389a98bf689.up_meta [89] O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\BackgroundTransferApi\79514b7c-1d1e-46c8-9ee5-0e8c15ab9ae8.down_data [0] O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\BackgroundTransferApi\79514b7c-1d1e-46c8-9ee5-0e8c15ab9ae8.up_meta [89] O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\BackgroundTransferApi\865bf016-9f06-4047-a9c4-c24f028ad074.down_data [0] O61 - LFC: 21/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\BackgroundTransferApi\865bf016-9f06-4047-a9c4-c24f028ad074.up_meta [348] O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\AppState.xml [0] O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\Database\EntClientDb.edb [3686400] O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\Database\edb.chk [8192] O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\LiveComm.etl [131072] O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\LiveComm\913fdca7ce516122\120712-0049\DBStore\edb.chk [8192] O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\LiveComm\913fdca7ce516122\120712-0049\DBStore\livecomm.edb [6307840] O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\Microsoft.WindowsLive.ModernPhotos.etl [917504] O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\ModernPhoto.edb [4227072] O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\bici\bi000006.sqm [1540] O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\bici\bi001000.sqm [1364] O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\LocalState\edb.chk [8192] O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\Settings\settings.dat [262144] O61 - LFC: 21/11/2013 - 10:19:22 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\TempState\config\config.xml [0] O61 - LFC: 21/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\400340A4467CE2119AC6B298F15E3FFC.psi [4587] O61 - LFC: 21/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\4DB4043BFBEBAB51AE27866009BCFB06.psi [6287] O61 - LFC: 21/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\7815E34C52353598FADA658008AD5DFA.psi [5078] O61 - LFC: 21/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\C2A901395CCCAC0E6FAEF7411E955C4B.psi [4728] O61 - LFC: 21/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\FEA27CE387E040743919AAD4D7C03E98.psi [6195] O61 - LFC: 21/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\PokerStars.log.1 [264622] O61 - LFC: 21/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\PokerStarsUpdate.log.1 [2507] O61 - LFC: 21/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\3788_2262\crl-set [1071] O61 - LFC: 21/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\3788_2262\manifest.fingerprint [12] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\3788_2262\manifest.json [34] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\bin.dmc [8128] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\bin\Aartemis\info.html [5460] =>PUP.AArtemis O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\bin\Qone8\info.html [5432] =>Hijacker.Qone8 O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\bin\Re-Markit\info.html [15556] =>PUP.ReMarkIt O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\bin\css\base.css [370] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\config.dmc [1048] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\input.txt [246800] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\parent.txt [460776] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\setup.exe [8192] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\setup.exe.config [767] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\software\Re-markit_2040-2081.exe [969702] =>PUP.ReMarkIt O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\temp\Aartemisinfo.dfe [979] =>PUP.AArtemis O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\temp\Dockings.dfe [4374] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\temp\Qone8info.dfe [961] =>Hijacker.Qone8 O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\temp\Re-Markitinfo.dfe [737] =>PUP.ReMarkIt O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\temp\SpeedUpMyPcinfo.dfe [45456] =>Rogue.SpeedUpMyPC O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\temp\templateDisplays.dfe [7389] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\DM\temp\templateStyle.dfe [218388] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\atcMRUList.idx [0] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\atc_DownloadsBackupMain.lst [6] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\atc_DownloadsBackupVST.lst [6] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\comtypes_cache\sump-27\Accessibility.py [181] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\comtypes_cache\sump-27\Accessibility.pyo [367] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\comtypes_cache\sump-27\_00020430_0000_0000_C000_000000000046_0_2_0.py [14153] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\comtypes_cache\sump-27\_00020430_0000_0000_C000_000000000046_0_2_0.pyo [8898] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\comtypes_cache\sump-27\_1EA4DBF0_3C3B_11CF_810C_00AA00389B71_0_1_1.py [18791] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\comtypes_cache\sump-27\_1EA4DBF0_3C3B_11CF_810C_00AA00389B71_0_1_1.pyo [9832] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\comtypes_cache\sump-27\stdole.py [174] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\comtypes_cache\sump-27\stdole.pyo [353] O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (.Skytech Co., Ltd..) -- C:\Users\martial\AppData\Local\Temp\DM\software\tugs_do-search_new.exe [564376] =>PUP.DoSearches O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (.Uniblue Systems Ltd.) -- C:\Users\martial\AppData\Local\Temp\DM\software\speedupmypc.exe [1336912] =>Rogue.SpeedUpMyPC O61 - LFC: 21/11/2013 - 10:19:25 ---A- . (.VS Revo Group Ltd..) -- C:\Users\martial\AppData\Local\Temp\DM\software\revo-uninstaller.exe [2623656] O61 - LFC: 21/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\MSI367c4.LOG [394] O61 - LFC: 21/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\Setup Log 2013-11-21 #001.txt [1366] O61 - LFC: 21/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\Setup Log 2013-11-21 #002.txt [24826] O61 - LFC: 21/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\tmp97578.WMC\eula.txt [12402] O61 - LFC: 21/11/2013 - 10:19:30 ---A- . (...) -- C:\Users\martial\Downloads\revo-uninstaller.exe [460776] O61 - LFC: 21/11/2013 - 10:19:30 ---A- . (.F¡rser¡a sl.) -- C:\Users\martial\Downloads\aTube Catcher.exe [180024] O61 - LFC: 22/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Archived History [57344] O61 - LFC: 22/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Archived History-journal [512] O61 - LFC: 22/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Bookmarks [5462] O61 - LFC: 22/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak [5462] O61 - LFC: 22/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000995.ldb [194] O61 - LFC: 22/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db [7168] O61 - LFC: 22/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db-journal [5672] O61 - LFC: 22/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\databases\http_fr.aion.gameforge.com_0\4 [5120] O61 - LFC: 22/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\databases\http_www.cougars-avenue.com_0\5 [4096] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000054.ldb [142] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT [16] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG [145] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG.old [145] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000058 [195] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage [74752] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal [3608] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fr.aion.gameforge.com_0.localstorage [3072] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fr.aion.gameforge.com_0.localstorage-journal [3608] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.commentcamarche.net_0.localstorage [3072] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.commentcamarche.net_0.localstorage-journal [3608] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.meetic.fr_0.localstorage [3072] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.meetic.fr_0.localstorage-journal [3608] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.royalgames.com_0.localstorage [50176] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.royalgames.com_0.localstorage-journal [16384] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.twoo.com_0.localstorage [3072] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.twoo.com_0.localstorage-journal [3608] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage [19456] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal [16384] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.betclic.fr_0.localstorage [489472] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.betclic.fr_0.localstorage-journal [3608] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage [4096] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage-journal [4640] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Login Data [12288] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Login Data-journal [4624] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_3 [4202496] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000001 [40094] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000002 [76925] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000003 [235227] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Media Cache\index [524656] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor [51200] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal [16384] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs [26624] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs-journal [4640] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\adventori.com\cookie.sol [94] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\macromedia.com\support\flashplayer\sys\#adventori.com\settings.sol [83] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\macromedia.com\support\flashplayer\sys\#mpsnare.iesnare.com\settings.sol [89] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\macromedia.com\support\flashplayer\sys\#player.onescreen.net\settings.sol [90] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\macromedia.com\support\flashplayer\sys\#s.ytimg.com\settings.sol [81] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\macromedia.com\support\flashplayer\sys\#static.audienceinsights.net\settings.sol [97] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\macromedia.com\support\flashplayer\sys\#static.greentube.com\settings.sol [90] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\macromedia.com\support\flashplayer\sys\settings.sol [527] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\mpsnare.iesnare.com\stm.sol [79] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\player.onescreen.net\1.9\s\MediaPlayer.swf\OsMediaPlayerId.sol [66] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\static.audienceinsights.net\pus.sol [68] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\2BXPNZG6\static.greentube.com\js\Manager.swf\storage.sol [69] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\QuotaManager [13312] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal [6704] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Shortcuts [12288] O61 - LFC: 22/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal [12824] O61 - LFC: 22/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Toolbar Cache\7.5.4601.54\fr\translate_languages.json.content [1861] O61 - LFC: 22/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Toolbar\broker_metrics.xml [6685] O61 - LFC: 22/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Ludi\LCDecks\english_1.dat [187528] O61 - LFC: 22/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Ludi\LCDecks\large_1.dat [211504] O61 - LFC: 22/11/2013 - 10:19:13 --HA- . (...) -- C:\Users\martial\AppData\Local\IconCache.db [253388] O61 - LFC: 22/11/2013 - 10:19:17 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\AcerIncorporated.AcerExplorer_48frkmn4z8aw4\Settings\settings.dat [8192] =>.Acer Inc O61 - LFC: 22/11/2013 - 10:19:17 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\LocalState\MRU\{9DF99F24-AD1B-4A40-8304-F998ABDFAD17}\Thumbnail [14768] O61 - LFC: 22/11/2013 - 10:19:17 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\LocalState\MRU\{A0A84B14-F3EB-4B25-AADD-E4CD43824019}\Thumbnail [14768] O61 - LFC: 22/11/2013 - 10:19:17 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\Settings\settings.dat [262144] O61 - LFC: 22/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\7D1F03728133589A90656A87E482B21F [49691] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 [340] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\7D1F03728133589A90656A87E482B21F [256] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\200014ea_6ab0813c6eb7a.eml [61649] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\200014eb_c8388927a63597.eml [36513] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\200014ec_1c117a9f200bdd.eml [19544] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\200014f4_3a40df5bcc0010.eml [80804] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\200014f5_208784c893bf3a.eml [112606] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\200014f6_e7b64b8dd76eda.eml [41814] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\200014fe_668a83d2684d98.eml [26660] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\20001502_2188e4a5a16228.eml [103784] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014ef_7af8ad2cfa777f.eml [61649] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014f0_610511d12e23e.eml [36513] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014f1_e61301ba23656b.eml [47353] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014f2_403eb72440e21b.eml [97382] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014f3_895df8ccb92b9d.eml [19544] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014f9_714973484592cd.eml [93886] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014fa_d2ea9c7dc2cd9e.eml [80804] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014fb_22e2b42023d415.eml [112606] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014fc_3f86b6418f0c76.eml [41814] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014fd_9439d4b9e063a3.eml [54648] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200014ff_b2587aae724d68.eml [26660] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001501_1ccde0c431c916.eml [51454] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001503_a5c2cd88288416.eml [103784] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001507_55c67915819d1.eml [136957] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001508_cc6af6d3931cc7.eml [51555] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001509_5ee00790882453.eml [52163] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\2000150b_d3f7f8ca643221.eml [40045] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\20001550_648c265f6a666a.eml [11933] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200014ed_80a1679a800e89.eml [47353] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200014ee_c328131d119f4a.eml [97382] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200014f7_d5b93623c477cd.eml [93886] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200014f8_4ea05aef6a5564.eml [54648] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\20001500_89adba7179e518.eml [51454] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\20001504_8e305e1f0c5d8.eml [136957] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\20001505_6886e59ca4eecd.eml [51555] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\20001506_534ffc7dbaa8dd.eml [52163] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\2000150a_2e6c6a0ee391b1.eml [40045] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\2000154f_55a7c8aa45cdc9.eml [11933] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveCommLast.etl [1835008] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:23 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\AntiPhishing\7A7E08C8-3FF5-45F2-873D-A84D669DC82F.dat [151000] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:23 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\AntiPhishing\D7DB4501-61B9-4432-99BB-1413522F74DC.dat [151000] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:23 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\MSIMGSIZ.DAT [49120] =>.Microsoft Corporation O61 - LFC: 22/11/2013 - 10:19:23 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\0A9722AB4C534A7FDFDB4286816F3F26.psi [3725] O61 - LFC: 22/11/2013 - 10:19:23 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\2952CBD784390203DF357601DCF607CF.psi [44809] O61 - LFC: 22/11/2013 - 10:19:23 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\38FEE2EC0973FB9E3A3F79A2F65AFD02.psi [5852] O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\3F6150F3B9B0071D38922C422181064E.psi [5931] O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\4EF2C05747F8B25308BBF64B901E375E.psi [14758] O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\51624ADFCDA5B1550A978F07F8C349E9.psi [11977] O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\800A4C32BDADF5EDF78D95512D41BCF5.psi [29758] O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\8E2E54EAFD0A1001445006E23E34459E.psi [3806] O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\94EE73E941A1E1BD4543E53134541E3B.psi [4574] O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\A4546C4FC2593250C5F80783DC8F91FB.psi [5385] O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\B4261EF72275E9B57A6E091114640FC5.psi [5316] O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\B65191DEADA3701B11F4A972D6ACF671.psi [4350] O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\BD374F395D59A072EFA181851A936A18.psi [47056] O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\C36BDEB2FAE347F5D7C6660F429BF0DD.psi [5734] O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\C5DD0BCB7EDB7FBB5F0F917C1D460F10.psi [4349] O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\E1B9DA1F4133B860026A16EB21839CF7.psi [2875] O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\image.store [158] O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\ImgCache\img.idx [2484] O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\PokerStars.log.0 [1094174] O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\PokerStarsUpdate.log.0 [5014] O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\_update2.dat [4630] O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\_updcache.dat [209600] O61 - LFC: 22/11/2013 - 10:19:24 ---A- . (...) -- C:\Users\martial\AppData\Local\PokerStars.FR\notes.plebania.xml [652] O61 - LFC: 22/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\7524_22630\crl-set [1774] O61 - LFC: 22/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\7524_22630\manifest.fingerprint [12] O61 - LFC: 22/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\7524_22630\manifest.json [34] O61 - LFC: 22/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\FXSAPIDebugLogFile.txt [0] O61 - LFC: 22/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\FXSTIFFDebugLogFile.txt [0] O61 - LFC: 22/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\INMEM000.REM [0] O61 - LFC: 22/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\JRT.txt [2154] O61 - LFC: 22/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\gentee01\gentee.dll [98304] O61 - LFC: 22/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\gentee01\guig.dll [20480] O61 - LFC: 22/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\jrt\temp\null.txt [0] O61 - LFC: 22/11/2013 - 10:19:26 ---A- . (.Microsoft Corporation.) -- C:\Users\martial\AppData\Local\Temp\is-GD3V0.tmp\_isetup\_shfoldr.dll [23312] O61 - LFC: 22/11/2013 - 10:19:26 -SHA- . (...) -- C:\Users\martial\AppData\Roaming\Microsoft\Protect\S-1-5-21-3778166341-1465188008-936229986-1001\bebfe852-9b40-431a-b4e8-d49813d25e9b [468] O61 - LFC: 22/11/2013 - 10:19:29 ---A- . (...) -- C:\Users\martial\Documents\AdwCleaner[R0].txt [4747] O61 - LFC: 22/11/2013 - 10:19:30 ---A- . (...) -- C:\Users\martial\Documents\virus.oxps [897612] O61 - LFC: 22/11/2013 - 10:19:30 ---A- . (...) -- C:\Users\martial\Downloads\adwcleaner.exe [1085542] O61 - LFC: 22/11/2013 - 10:19:30 ---A- . (...) -- C:\Users\martial\Downloads\lcplugin27 (1).exe [1381456] O61 - LFC: 22/11/2013 - 10:19:30 ---A- . (...) -- C:\Users\martial\Downloads\lcplugin27 (2).exe [1381456] O61 - LFC: 22/11/2013 - 10:19:30 ---A- . (...) -- C:\Users\martial\Downloads\lcplugin27.exe [1381456] O61 - LFC: 22/11/2013 - 10:19:30 ---A- . (.Nicolas Coolman.) -- C:\Users\martial\Downloads\ZHP 2013.exe [16636048] =>.Nicolas Coolman O61 - LFC: 22/11/2013 - 10:19:30 ---A- . (.Nicolas Coolman.) -- C:\Users\martial\Downloads\ZHPDiag2.exe [6855328] =>.Nicolas Coolman O61 - LFC: 22/11/2013 - 10:19:30 ---A- . (.Thisisu.) -- C:\Users\martial\Downloads\JRT.exe [1034531] O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [266212] O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Cookies [253952] O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal [16384] O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT [16] O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG [0] O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old [151] O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-001147 [899] O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension State\CURRENT [16] O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG [0] O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old [142] O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000006 [50] O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\fst_fr_17\fst_fr_17\1.10\cnf.cyl [131] =>PUA.FSTfr9 O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\fst_fr_17\fst_fr_17\1.10\eorezo.cyl [69] =>PUA.FSTfr9 O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (...) -- C:\Users\martial\AppData\Local\fst_fr_17\upfst_fr_17.cyp [768] =>PUA.FSTfr9 O61 - LFC: 23/11/2013 - 10:19:09 ---A- . (.FreeSoftToday.) -- C:\Users\martial\AppData\Local\fst_fr_17\Download\majfstfr.exe [4509472] =>Adware.FreeSoftToday O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Favicons [1673216] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal [16384] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\History [2002944] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache [204916] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\History-journal [16384] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Last Session [13419] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Last Tabs [12487] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_googleads.g.doubleclick.net_0.localstorage [3072] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_googleads.g.doubleclick.net_0.localstorage-journal [512] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage [3072] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage-journal [3608] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage [3072] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage-journal [3608] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_0 [45056] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_1 [270336] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_2 [1056768] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Preferences [64230] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Session Storage\001842.ldb [5668] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Session Storage\001844.ldb [5767] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Session Storage\001847.ldb [11497] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Session Storage\001850.ldb [11306] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT [16] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG [176] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old [271] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-001849 [252] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Top Sites [163840] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal [16384] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity [960] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Visited Links [131072] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Web Data [81920] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal [12848] O61 - LFC: 23/11/2013 - 10:19:12 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Local State [46649] O61 - LFC: 23/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom [7797744] O61 - LFC: 23/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [1367344] O61 - LFC: 23/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies [6144] O61 - LFC: 23/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal [2576] O61 - LFC: 23/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist [135388] O61 - LFC: 23/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Safe Browsing Download [1490980] O61 - LFC: 23/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist [19548] O61 - LFC: 23/11/2013 - 10:19:13 ---A- . (...) -- C:\Users\martial\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist [6828] O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DbTemp\temp-AuPq4Prmb3avq3GnuPSSJ0tW [512] O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\DbTemp\temp-cfx0g7MkofDgXlI9pU1Xcf9z [20480] O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\_sessionState.json [43] O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\imcache [58] O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\martial.besuchet\bistats.db [61440] O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\martial.besuchet\bistats.db-journal [33344] O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\martial.besuchet\chatsync\58\58dbbbeeb9e3ea71.dat [1939] O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\martial.besuchet\config.xml [5463] O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\martial.besuchet\eas.db [61440] O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\martial.besuchet\eas.db-journal [45656] O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\martial.besuchet\main.db [643072] O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\martial.besuchet\main.db-journal [242648] O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\shared.xml [81739] O61 - LFC: 23/11/2013 - 10:19:18 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\stats.json [2] O61 - LFC: 23/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\bici\bi000000.sqm [4752] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:19 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\bici\bi001000.sqm [838] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\8A574ED5927B3CEC9626151D220C7448 [748] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\4309200C3DBAD0F6F0DFACE9165FD092 [262] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 [290] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:19 -S-A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\8A574ED5927B3CEC9626151D220C7448 [180] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\200015b4_1d586665dd786a.eml [118227] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\200015b5_76da45b8b5cc29.eml [103654] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:20 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000025\200015b6_db8dbb32283126.eml [83458] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ----- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm.etl [0] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ----- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Microsoft.WindowsLive.Chat.etl [0] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015bf_90541154ecb853.eml [97574] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015c0_9ed2cad4bc1b32.eml [39570] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015c1_53039567ce1577.eml [17129] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015c2_929d677a324f8f.eml [37467] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015c3_f406507be065f5.eml [118227] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015c4_99618cb5d07f7b.eml [65760] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015c5_2b6e86c9436071.eml [103654] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015c6_9f5a7d9d19ffdf.eml [83458] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015c7_43626144a23ae7.eml [81722] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015c8_78df61ecf88bf2.eml [15345] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000036\200015c9_c83d5ed644edea.eml [50845] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200015b7_a1d1ca831296fc.eml [50845] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200015b8_82a5a6e1866270.eml [97574] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200015b9_7f5ae5a9ae2d31.eml [39570] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200015ba_86ec6ef6a10577.eml [17129] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200015bb_3e80c35e92445d.eml [37467] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200015bc_acd53f1cc64037.eml [65760] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200015bd_a0a83a841272be.eml [81722] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Indexed\LiveComm\913fdca7ce516122\120712-0049\Mail\7e\1d000037\200015be_1d93604338b2fb.eml [15345] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:21 ---A- . (...) -- C:\Users\martial\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\913fdca7ce516122\120712-0049\DBStore\edb.chk [8192] =>.Microsoft Corporation O61 - LFC: 23/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\5456_31192\crl-set [610] O61 - LFC: 23/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\5456_31192\manifest.fingerprint [12] O61 - LFC: 23/11/2013 - 10:19:25 ---A- . (...) -- C:\Users\martial\AppData\Local\Temp\5456_31192\manifest.json [34] O61 - LFC: 23/11/2013 - 10:19:26 ---A- . (...) -- C:\Users\martial\AppData\Roaming\OpenOffice.org\3\.lock [139] O61 - LFC: 23/11/2013 - 10:19:26 ---A- . (.Microsoft Corporation.) -- C:\Users\martial\AppData\Local\Temp\is-NO28L.tmp\_isetup\_shfoldr.dll [23312] O61 - LFC: 23/11/2013 - 10:19:29 ---A- . (...) -- C:\Users\martial\AppData\Roaming\OpenOffice.org\3\user\registrymodifications.xcu [48021] O61 - LFC: 23/11/2013 - 10:19:29 ---A- . (...) -- C:\Users\martial\AppData\Roaming\ZHP\Log.txt [16997] =>.Nicolas Coolman O61 - LFC: 23/11/2013 - 10:19:29 ---A- . (...) -- C:\Users\martial\AppData\Roaming\ZHP\TestsZHPDiag.txt [2899] =>.Nicolas Coolman ~ 54 Fichiers temporaires (Temporary files) ~ Files: 413 Scanned in 00mn 23s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.) ~ FASS Keys: 11 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://do-search.com =>PUP.DoSearches O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://do-search.com =>PUP.DoSearches ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com ~ Keys: Scanned in 00mn 00s ---\\ Enumère les fichiers Crack & Keygen (CKF) (O82) C:\Microgaming\Casino\casinoclassic\local\fr\clariondescriptions\txt_desc_crackerjack1.dat C:\Microgaming\Casino\casinoclassic\local\fr\clariondescriptions\txt_desc_crackerjack1.dat ~ Files: Scanned in 00mn 30s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [190976] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [309248] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1366016] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1160192] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99840] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll [358400] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [107520] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [62976] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [438784] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [305664] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [3279360] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [826368] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [565760] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [894464] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [151552] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [105472] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1285632] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [219648] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [80896] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [134144] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [291328] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84992] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [97792] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [190976] O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1964544] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [47104] O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [207872] O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll [161792] O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [180224] ~ Services: 34 Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.32DCED18FFFEA0035E4FA975CA0AE8BE] [sPRF][22/04/2013] (.The Software Group - Software Update Setup.) -- C:\Users\martial\AppData\Local\Temp\BoxoreInstaller.exe [620656] =>Adware.Boxore [MD5.378189889438568FEF3D98588283B3A5] [sPRF][11/11/2013] (...) -- C:\Users\martial\AppData\Local\Temp\Quarantine.exe [350377] ~ Files: 2 Scanned in 00mn 00s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "vm-monitoring-rpc" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "vm-monitoring-dcom" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Netlogon-TCP-RPC-In" | In - None - P6 - FALSE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "ProximityUxHost-Sharing-In-TCP-NoScope" | In - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe O87 - FAEL: "ProximityUxHost-Sharing-Out-TCP-NoScope" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-DAS-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnPHost-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-DAS-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PlayTo-In-UDP-NoScope" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-In-UDP-LocalSubnetScope" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-Out-UDP-NoScope" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-Out-UDP-LocalSubnetScope" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-In-RTSP-NoScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-In-RTSP-LocalSubnetScope" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-In-RTSP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-SSDP-Discovery-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PlayTo-QWave-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PlayTo-QWave-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PlayTo-QWave-In-TCP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PlayTo-QWave-Out-TCP-PlayToScope" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "TPMVSCMGR-Server-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe O87 - FAEL: "TPMVSCMGR-Server-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "TPMVSCMGR-Server-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe O87 - FAEL: "TPMVSCMGR-Server-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-TERMSRV-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{00DF69F0-4CC7-4091-892A-6A9F77BB8439}" | In - Public - P6 - TRUE | .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe O87 - FAEL: "{D5348174-7650-43ED-9C84-D035021B6A55}" | In - Public - P17 - TRUE | .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe O87 - FAEL: "{D788FE3B-1CFC-4C1C-B95C-7F502AA5C218}" | In - Public - P6 - TRUE | .(.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe O87 - FAEL: "{A04D9678-AA86-466B-9E6F-B969C467652A}" | In - Public - P17 - TRUE | .(.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe O87 - FAEL: "{BD7B2D21-5BE0-4D19-978A-E9C46C104F0A}" | In - Public - P6 - TRUE | .(.Acer - ArcServer.) -- C:\Program Files (x86)\Acer Remote\ArcServer.exe O87 - FAEL: "{598944B2-A2E9-4FEF-A58B-15FF587EB018}" | In - Public - P17 - TRUE | .(.Acer - ArcServer.) -- C:\Program Files (x86)\Acer Remote\ArcServer.exe O87 - FAEL: "{01ADA90C-DF4F-48BA-9F11-4FA9D3003D6C}" | In - Public - P6 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\Program Files (x86)\Spotify\spotify.exe O87 - FAEL: "{B9451D30-3353-4CBD-830A-44659119464E}" | In - Public - P17 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\Program Files (x86)\Spotify\spotify.exe O87 - FAEL: "{B8896FB6-932C-4DA4-AEB8-BDDD54D1FDEB}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe O87 - FAEL: "{3C4535F5-93DD-45A7-8941-37A8215FA670}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe O87 - FAEL: "{E0AB66A5-51DE-4FCB-86A1-43EBB1300292}" | In - None - P6 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe O87 - FAEL: "{A4F018DB-D33F-44CC-B9DE-7A08CF6CA865}" | In - None - P17 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe O87 - FAEL: "{54E18379-3127-45F0-BDE4-A1176A3E951A}" | In - None - P6 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe O87 - FAEL: "{CBA2B7F9-6447-4000-8293-97E540A7DE26}" | In - None - P17 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe O87 - FAEL: "{364533BA-4AE8-49FA-91A4-C1402083B386}" | In - None - P6 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe O87 - FAEL: "{7D15C35D-DB6A-43ED-97B8-D54DD487320B}" | In - None - P17 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe O87 - FAEL: "{8BA69924-96AE-4E7F-BB48-F7C99B2B248C}" | In - None - P6 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe O87 - FAEL: "{56A17E25-CBB0-4F44-94DC-55151721DC3A}" | In - None - P17 - TRUE | .(.acer - DLNA Stack App.) -- C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe O87 - FAEL: "{583D9084-F64A-4530-B602-37714C707DD3}" | In - None - P6 - TRUE | .(.Acer Cloud Technology - AcerCloud Client.) -- C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe O87 - FAEL: "{70E76A58-FCC9-4986-B241-ED336C3DDF5B}" | In - None - P17 - TRUE | .(.Acer Cloud Technology - AcerCloud Client.) -- C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe O87 - FAEL: "{E0BB916C-2396-4026-BE39-49304566BFB4}" | In - None - P6 - TRUE | .(.Acer Incorporated - SDD for AcerCloud.) -- C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe O87 - FAEL: "{977B496F-1E05-4B94-A339-B7CFDC81B491}" | In - None - P17 - TRUE | .(.Acer Incorporated - SDD for AcerCloud.) -- C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe O87 - FAEL: "{EBFDF356-C8B5-4854-B485-F4CC1FE3B01F}" | In - None - P6 - TRUE | .(.Acer Incorporated - Virtual Drive for Acer Orbe.) -- C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe O87 - FAEL: "{3B899388-2F19-43E0-B182-C1DF02B9FD9E}" | In - None - P17 - TRUE | .(.Acer Incorporated - Virtual Drive for Acer Orbe.) -- C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe O87 - FAEL: "{CCA7770B-2F12-4DFA-871C-12FA269091BF}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{92B40F3E-2161-4BE9-AA1A-757F1EFEDAD7}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{8FC2C1C6-386D-4ACD-8453-8FC16ADCD290}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "{D1C88BBC-0A00-426A-8FD3-6A27EBBC6F77}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{E6880DB6-BB3A-4248-9740-2261850D7155}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{653CA8D5-57EF-44BF-A5F6-BD15D2E9C8AB}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{4004BB77-B506-4936-A362-3DA99EFF343A}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{680EF6FC-C350-4E38-8159-2EE580AA0F6B}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{ADE99E9B-DE6B-4F1B-A2D4-61F508293CD6}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{C3859AB9-D5B1-4C98-A21D-69950357A6DC}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{A23C87FB-06E0-4F9C-978C-FAA3B0F14723}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{7B099CB7-DBAB-4FD9-BCD2-59E8BE471037}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{D421B80F-D877-4FC2-82FA-A0D5909B9241}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{373005E1-5293-4FC8-81FE-2BAD7236A5A9}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{C8C8433C-2DB7-4263-82D9-FF6C9AAFD9DA}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{D85B4767-D395-4529-BA04-782F77A0809E}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{3E6A8A38-8097-4A2E-824B-CFFC274F33B4}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{0864CA6C-0D6B-45DF-8C20-72A0CDF18CA0}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{36F92841-F181-4878-96B5-2E27B6DC2E69}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{80BCBFA9-3658-4D4E-9136-CAE4D5E96B03}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{D2C065B2-B01A-40C5-B42E-9D158D56E110}" | In - Private - P6 - TRUE | .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O87 - FAEL: "{34BC40A0-C93F-406A-BAA2-CAAED0697D22}" | In - Private - P17 - TRUE | .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O87 - FAEL: "{5CE62C1C-C432-441C-82E5-8D0CC534CD35}" | In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe ~ Firewall: 235 Scanned in 00mn 01s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "00005109831090400000000000F01FEC" . (.Microsoft Office.) -- C:\Windows\Installer\{90150000-0138-0409-0000-0000000FF1CE}\firstrun.exe O90 - PUC: "0B8EF4ACC892D5E44A683FB321D6A6A0" . (.Acer Docs.) -- C:\Windows\Installer\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}\icon.ico O90 - PUC: "122113B05A506674D830A74664971465" . (.Nero RescueAgent Help (CHM).) -- c:\windows\Installer\{0B311221-05A5-4766-8D03-7A6446794156}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945 O90 - PUC: "13CB47B4353BF8B4C8EBAD4BFF23F61F" . (.sysTPL.) -- C:\Windows\Installer\{4B74BC31-B353-4B8F-8CBE-DAB4FF326FF1}\default_1.exe O90 - PUC: "18034D2AB7FC73649A3F2E56A15A4C8A" . (.Nero RescueAgent.) -- c:\windows\Installer\{A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}\ARPPRODUCTICON.exe O90 - PUC: "203E62EEA6789D84098513925E9B9999" . (.Live Updater.) -- C:\windows\Installer\{EE26E302-876A-48D9-9058-3129E5B99999}\icon.ico O90 - PUC: "2921D0FE1CF8EB147904BD1C436F4651" . (.Nero BackItUp Help (CHM).) -- c:\windows\Installer\{EF0D1292-8FC1-41BE-9740-DBC134F66415}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945 O90 - PUC: "2F98DA5B3D306024487810288900D70D" . (.Acer Photo.) -- C:\Windows\Installer\{B5AD89F2-03D3-4206-8487-018298007DD0}\icon.ico O90 - PUC: "31498519576672C4A8CFFE9B01B3095A" . (.eBay Worldwide.) -- c:\Windows\Installer\{91589413-6675-4C27-8AFC-EFB9103B90A5}\_853F67D554F05449430E7E.exe =>Toolbar.eBay O90 - PUC: "33B1C8585D3C77347BB7E1F233C8F766" . (..) -- C:\Windows\Installer\{858C1B33-C3D5-4377-B77B-1E2F338C7F66}\ARPPRODUCTICON.exe O90 - PUC: "35588CBA077879B44BE3A50946A7B536" . (.Nero ControlCenter.) -- c:\windows\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ARPPRODUCTICON.exe O90 - PUC: "379F8AC47736FBA4E95DCC32323B0C00" . (.Nero BackItUp 12 Essentials OEM.a01.) -- c:\windows\Installer\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}\ARPPRODUCTICON.exe O90 - PUC: "3A80BAA3921F5DB44B90EA76F43957D9" . (.Prerequisite installer.) -- c:\windows\Installer\{3AAB08A3-F129-4BD5-B409-AE674F93759D}\ARPPRODUCTICON.exe O90 - PUC: "3C5CF1EF90A6F3D40B48A62588FA8E9F" . (.QuickEngine.) -- C:\Windows\Installer\{FE1FC5C3-6A09-4D3F-B084-6A5288AFE8F9}\softwareinstaller.exe O90 - PUC: "456BC9D3DA991034986CD0217A0967C7" . (.Identity Card.) -- C:\windows\Installer\{3D9CB654-99AD-4301-89C6-0D12A790767C}\icon.ico O90 - PUC: "647C499C0D6CABE40BE9FDB78183B196" . (.Nero ControlCenter Help (CHM).) -- c:\windows\Installer\{C994C746-C6D0-4EBA-B09E-DF7B18381B69}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D O90 - PUC: "6FD66A043D225B447A3D381B812A0CCD" . (.Norton Online Backup.) -- C:\Windows\Installer\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}\MainIcon.ico O90 - PUC: "7040BB568CC47CD459E2E3FEFD5006A2" . (.Nero Update.) -- c:\windows\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe O90 - PUC: "7071FA9EA3F32E943854F4D226D98067" . (.Acer Media.) -- C:\Windows\Installer\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}\icon.ico O90 - PUC: "71B0DA5AD43FEB941A758C3B5DA2DC31" . (.AcerCloud Portal.) -- C:\Windows\Installer\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}\icon.ico O90 - PUC: "8489373E92353E84D882B5DBE6B83E48" . (.MediaEspresso.) -- C:\windows\Installer\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\ARPPRODUCTICON.exe O90 - PUC: "8703D2ADC85A8E54E80E818BEBB6437F" . (.Nero BackItUp.) -- c:\windows\Installer\{DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}\ARPPRODUCTICON.exe O90 - PUC: "8FC229B8C6A8EC148A851F57D5F7D592" . (.NVIDIA PhysX.) -- C:\Windows\Installer\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}\icon.ico O90 - PUC: "90B53772EFE9F9143A7701AA18113CA0" . (.VC90_CRT_x64.) -- C:\Windows\Installer\{27735B09-9EFE-419F-A377-10AA8111C30A}\ARPPRODUCTICON.exe O90 - PUC: "A5002F70CAC8B4A4382AAD897A22AC16" . (.Recovery Management.) -- C:\Windows\Installer\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}\.\Bitmaps\eRecoveryicon.ico O90 - PUC: "AEA2F1F9A27C6DD499E15C05A665524E" . (.OpenOffice.org 3.4.1.) -- C:\Windows\Installer\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}\soffice.ico O90 - PUC: "D724AD5332BB8B94A9DFFCCFEFB307D8" . (.clear.fi SDK- Movie.) -- C:\Windows\Installer\{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}\ARPPRODUCTICON.exe O90 - PUC: "DAC33ABE170E5d841A86BF4AEE4BE239" . (.clear.fi SDK - Video.) -- C:\Windows\Installer\{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}\ARPPRODUCTICON.exe O90 - PUC: "FA0364E07BA0E0449A87A187CFF4349B" . (.Nero Launcher.) -- c:\windows\Installer\{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}\ARPPRODUCTICON.exe ~ Update Products: 47 Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.E32A1A1B9CC600CF062E0E429925841A] [WIS][21/11/2013] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\1c1285af.msi [1974272] =>Adware.Boxore [MD5.A7A4DB0BD34B5B482EF199F6E1A17A1A] [WIS][06/10/2013] (.Tlapia - sysTPL.) -- C:\Windows\Installer\34b733b.msi [1860608] [MD5.016CC520157498D9E547A3331943CDE8] [WIS][30/09/2013] (.Tlapia - QuickEngine.) -- C:\Windows\Installer\34b733f.msi [962560] [MD5.B30273F8BC9043B004778D133ADC7655] [WIS][06/10/2013] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\34b7352.msi [28672] =>Toolbar.Google [MD5.8ABAB9BE3C2F306511BBAAFC7DF5C10C] [WIS][12/07/2012] (.Intel - Intel® Network Connections.) -- C:\Windows\Installer\5f38e.msi [13215232] ~ WIS: 49 Scanned in 00mn 04s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 10/07/2013 2650696 | (CCDMonitorService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe SR - | Demand 18/01/2013 660040 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe SS - | Auto 06/10/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 06/10/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 06/10/2013 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Auto 30/07/2013 328928 | (HomeNetSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe SR - | Auto 13/07/2012 2451456 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe SR - | Auto 20/04/2012 635104 | (Intel® Capability Licensing Service Interface) . (.Intel® Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe SR - | Auto 05/06/2012 190824 | (Intel® PROSet Monitoring Service) . (.Intel Corporation.) - C:\Windows\system32\IProsetMonitor.exe SR - | Auto 17/07/2012 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe SR - | Auto 17/07/2012 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe SR - | Auto 11/05/2012 200728 | (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe SR - | Auto 24/09/2013 178048 | (McAPExe) . (.McAfee, Inc..) - C:\Program Files\McAfee\MSC\McAPexe.exe SS - | Demand 26/01/2012 332080 | (McAWFwk) . (.McAfee, Inc..) - C:\Program Files\mcafee\msc\McAWFwk.exe SR - | Auto 30/07/2013 328928 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe SR - | Auto 30/07/2013 328928 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe SS - | Demand 02/08/2013 602944 | (McODS) . (.McAfee, Inc..) - C:\Program Files\mcafee\VirusScan\mcods.exe SS - | Disabled 11/05/2012 200728 | (McOobeSv) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe SR - | Auto 30/07/2013 328928 | (mcpltsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe SR - | Auto 30/07/2013 328928 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe SR - | Auto 06/10/2013 335216 | (MfeASUM) . (.McAfee, Inc..) - C:\Program Files\McAfee\AppStats\MfeASUM.exe SR - | Auto 20/09/2013 1017016 | (mfecore) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe SR - | Auto 24/09/2013 219272 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe SR - | Auto 24/09/2013 182752 | (mfevtp) . (.McAfee, Inc..) - C:\windows\system32\mfevtps.exe SR - | Auto 30/07/2013 328928 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe SR - | Auto 14/07/2012 769432 | (NAUpdate) . (.Nero AG.) - c:\Program Files (x86)\Nero\Update\NASvc.exe SR - | Auto 15/08/2012 3943104 | (NOBU) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SR - | Auto 30/01/2013 884512 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 30/01/2013 383264 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe SR - | Auto 29/09/2013 399128 | (sysTPLMonitor.exe) . (.Tlapia.) - C:\Program Files (x86)\sysTPL\sysTPLMonitor.exe SR - | Auto 29/09/2013 397080 | (sysTPLService.exe) . (.Tlapia.) - C:\Program Files (x86)\sysTPL\sysTPLService.exe SR - | Auto 17/07/2012 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 06s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Run by martial at 23/11/2013 10:20:54 ~ OS 64 not supported by MBR tool ~ MBR: 0 Scanned in 00mn 00s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by martial at 23/11/2013 10:20:56 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 12996 - (22/11/2013) Clés trouvées (Keys found) : 18 Valeurs trouvées (Values found) : 4 Dossiers trouvés (Folders found) : 5 Fichiers trouvés (Files found) : 10 [HKLM\Software\Google\Chrome\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel] =>PUP.ReMarkIt^ [HKLM\Software\Google\Chrome\Extensions\pbpohikckhbcljgombipcdoinkaedlfa] =>Spyware.SmartDisplay^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4480AD00-E608-4D22-A592-751680DF3262}] =>PUP.ReMarkIt^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4D91-8333-CF10577473F7}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{49b4f70f-f101-435c-ac77-0d6be35fbb33}] =>PUP.ReMarkIt^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{91589413-6675-4C27-8AFC-EFB9103B90A5}] =>Toolbar.eBay^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\fst_fr_17_is1] =>Adware.FreeSoftToday^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd [HKCU\Software\Tutorials] =>Spyware.AgenceExclusive [HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^ [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:fst_fr_17 =>PUA.FSTfr9^ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]:upfst_fr_17.exe =>PUA.FSTfr9^ C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel =>PUP.ReMarkIt^ C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa =>Spyware.SmartDisplay^ C:\Program Files (x86)\fst_fr_17 =>PUA.FSTfr9^ C:\Program Files (x86)\Re-markit =>PUP.ReMarkIt^ C:\Users\martial\AppData\Local\fst_fr_17 =>PUA.FSTfr9^ C:\Users\martial\AppData\Local\fst_fr_17\upfst_fr_17.exe =>PUA.FSTfr9^ C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google^ C:\Program Files (x86)\fst_fr_17\fst_fr_17.exe =>PUA.FSTfr9^ C:\Windows\Tasks\Re-markit Update.job =>PUP.ReMarkIt^ C:\Program Files (x86)\Re-markit\ReMarkit_up.exe =>PUP.ReMarkIt^ [HKCU\Software\AppDataLow\Software\Re_markit] =>PUP.ReMarkIt^ [HKLM\Software\Wow6432Node\do-searchSoftware] =>PUP.DoSearches^ C:\Users\martial\AppData\Local\Temp\BoxoreInstaller.exe =>Adware.Boxore^ C:\Windows\Installer\1c1285af.msi =>Adware.Boxore^ C:\Windows\Installer\34b7352.msi =>Toolbar.Google^ ~ Additionnel Scan: 188458 Items scanned in 00mn 15s ---\\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/34014358-pua-fstfr9 =>PUA.FSTfr9 ~ http://nicolascoolman.webs.com/apps/blog/show/36657231-pup-remarki =>PUP.ReMarkIt ~ http://nicolascoolman.webs.com/apps/blog/show/32662245-spyware-smartdisplay =>Spyware.SmartDisplay ~ http://nicolascoolman.webs.com/apps/blog/show/33477786-pup-dosearches =>PUP.DoSearches ~ http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy =>Hijacker.Proxy ~ http://nicolascoolman.webs.com/apps/blog/show/33340107-adware-freesofttoday =>Adware.FreeSoftToday ~ http://nicolascoolman.webs.com/apps/blog/show/26627641-spyware-agenceexclusive =>Spyware.AgenceExclusive ~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster ~ http://nicolascoolman.webs.com/apps/blog/show/33047509-rogue-speedupmypc =>Rogue.SpeedUpMyPC ~ http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop =>Adware.Lollipop ~ http://nicolascoolman.webs.com/apps/blog/show/35393224-pup-aartemis =>PUP.AArtemis ~ http://nicolascoolman.webs.com/apps/blog/show/33262880-hijacker-qone8 =>Hijacker.Qone8 ~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore ~ http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd ~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma ~ MSI: 15 link(s) detected in 00mn 15s End of the scan (2055 lines in 03mn 45s)(2)
- le 23 novembre 2013
- 23 réponses
[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

zurlinden a répondu à un(e) sujet de zurlinden dans Analyses et éradication malwares

merci les amis; je fais ça dés demain car là..................le moral ds les godasses et trop de strs ) je vous tiens au courant. cordialement
- le 22 novembre 2013
- 23 réponses
[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

zurlinden a répondu à un(e) sujet de zurlinden dans Analyses et éradication malwares

impossible de telecharger ZHPDIAG ;o( jle lien indiqué ne semble pas fonctionner: je ne trouve , en chercahnt sur telecharger .com que ZEB HELP PROCESS: CELA CONVIENT IL, MERCI
- le 22 novembre 2013
- 23 réponses
[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

zurlinden a répondu à un(e) sujet de zurlinden dans Analyses et éradication malwares

voilà le rapport de Junkware Removal Tool ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.8 (11.05.2013:1) OS: Windows 8 x64 Ran by martial on 22/11/2013 at 16:32:44,24 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL ~~~ Registry Keys Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\1c875dde39636004ca8cdaec335b4160 Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} ~~~ Files ~~~ Folders Failed to delete: [Folder] "C:\ProgramData\boost_interprocess" Successfully deleted: [Folder] "C:\Users\martial\appdata\local\software" Failed to delete: [Folder] "C:\Windows\syswow64\ai_recyclebin" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 22/11/2013 at 16:36:06,80 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ je passe à la suite:o)
- le 22 novembre 2013
- 23 réponses
[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

zurlinden a répondu à un(e) sujet de zurlinden dans Analyses et éradication malwares

je poste ici le ra# AdwCleaner v3.012 - Rapport créé le 22/11/2013 à 16:16:44 # Mis à jour le 11/11/2013 par Xplode # Système d'exploitation : Windows 8 (64 bits) # Nom d'utilisateur : martial - PC-BALOU # Exécuté depuis : C:\Users\martial\Downloads\adwcleaner.exe # Option : Nettoyer ***** [ Services ] ***** [#] Service Supprimé : Software_update [#] Service Supprimé : Software_update_m ***** [ Fichiers / Dossiers ] ***** Dossier Supprimé : C:\ProgramData\boost_interprocess Dossier Supprimé : C:\ProgramData\BoxUpdChk Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freesofttoday Dossier Supprimé : C:\Program Files (x86)\Boxore Dossier Supprimé : C:\Program Files (x86)\IminentToolbar Dossier Supprimé : C:\Users\martial\AppData\Roaming\Tlapia Dossier Supprimé : C:\Program Files (x86)\Software Dossier Supprimé : C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml Dossier Supprimé : C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo Dossier Supprimé : C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa Fichier Supprimé : C:\Users\Public\Desktop\eBay.lnk Fichier Supprimé : C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage Fichier Supprimé : C:\Windows\System32\Tasks\BoxSoftwareUpdate Fichier Supprimé : C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job Fichier Supprimé : C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore Fichier Supprimé : C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job Fichier Supprimé : C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA ***** [ Raccourcis ] ***** ***** [ Registre ] ***** Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass.1 Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine.1.0 Clé Supprimée : HKLM\SOFTWARE\Classes\speedupmypc Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [boxore Client] Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@tools.Software.com/Software Update;version=3 Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@tools.Software.com/Software Update;version=9 Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Clé Supprimée : HKCU\Software\Boxore Clé Supprimée : HKCU\Software\Tutorials Clé Supprimée : HKCU\Software\TutoTag Clé Supprimée : HKLM\Software\Boxore Clé Supprimée : HKLM\Software\FreeSoftToday Clé Supprimée : HKLM\Software\Tutorials Clé Supprimée : HKLM\Software\Uniblue Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA2B24FD-EE10-42B9-B049-AA80268E7E21} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Clé Supprimée : HKLM\Software\Classes\Installer\Features\DF42B2AC01EE9B240B94AA0862E8E712 Clé Supprimée : HKLM\Software\Classes\Installer\Products\DF42B2AC01EE9B240B94AA0862E8E712 ***** [ Navigateurs ] ***** -\\ Internet Explorer v10.0.9200.16537 -\\ Google Chrome v31.0.1650.57 [ Fichier : C:\Users\martial\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [4747 octets] - [22/11/2013 16:14:20] AdwCleaner[s0].txt - [4482 octets] - [22/11/2013 16:16:44] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4542 octets] ##########pport AdwCleaner car je ne sais pas si j'ai fait la bonne manip sur le lien indiqué plus haut ) je passe maintenant à Junkware removal tool )
- le 22 novembre 2013
- 23 réponses
[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

zurlinden a répondu à un(e) sujet de zurlinden dans Analyses et éradication malwares

merci je vais faire ça; j'espère que j'y arriverai: pour info la page blanche qui s'ouvre parfois qd j'ouvre Google s'intitule SU600.COM :O5 MERCI ENCORE POUR TON AIDE
- le 22 novembre 2013
- 23 réponses
[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

zurlinden a posté un sujet dans Analyses et éradication malwares

bonjour: depuis hier, gros problème ( j'ai voulu télécharger un logiciel de téléchargement de vidéos, musique etc: le nom est A TUBE CATCHER: Depuis, je n'arrête pas d'avoir des fenêtres de pub qui s'ouvrent de manière aléatoire, et mon moteur de recherche par défaut (google) a été changé (: Que me conseillez vous de faire? mon ordi est un ACER, (neuf);sous Windows 8 (auquel je ne comprends rien d'ailleurs) mon antivirus est Mac Affee, (fourni avec l'ordi et dont la période de validité expire ds quelques jours); il avait décelé des fichiers "douteux" qu'il avait mis en quarantaine, mais comme je n'y connais rien en micro, j'ai continué l'installation de A TUBE CATCHER, et maintenant, j'ai ce problème de pub à répétition:o( j'ai effectué un scan avec Macaffee et................il ne détecte rien ............( depuis, j'ai supprimé ce logiciel A TUBE CATCHER avec REVO INSINTALLER, mais le problème persiste. En outre, qd je clique sur google, sur le bureau, parfois, j'ai une page blanche qui s'affiche ( merci pour votre aide et bonne journée à vous cordialement ZURLINDEN
- le 22 novembre 2013
- 23 réponses
[Résolu] Ralentissement affichage pages Internet

zurlinden a répondu à un(e) sujet de zurlinden dans Internet & Réseaux

amélioration très nette! j'ai presque l'impression de piloter une F1 ) je pense que grâce à toi, j'ai fait l"économie de l'achat d'un nouvel ordi!! merci encore; sincérement ZURLINDEN
- le 26 septembre 2013
- 10 réponses
[Résolu] Ralentissement affichage pages Internet

zurlinden a répondu à un(e) sujet de zurlinden dans Internet & Réseaux

re salut tonton: j'ai fait tout ce que tu m'as indiqué mises à jour et suppression suppressions de code util (petit logiciel ou appli, je ne sais pas comment on appelleça, permettant d'avoir les codes postaux et les noms dees villes etc...) Hopa; jeux de "grattage" que j'avais complétement oublié lol lame V3 993 (outil de compression de fichiers) j'ai conservé King .com et Ludi, qui sont 2 sites de jeux en ligne où je joue souvent Mise à jour de Adobe reader x10 et java 7 merci pour tout et bonne soirée à toi
- le 24 septembre 2013
- 10 réponses
[Résolu] Ralentissement affichage pages Internet

zurlinden a répondu à un(e) sujet de zurlinden dans Internet & Réseaux

Salut Tonton: Je m'attaque à tout ça dés demain et te tiens au courant; merci encore pôur ton aide: au fait, ordi va déjà mieux: bcp moins de déconnexions! au fait, j'ai vu que le fil de ma web cam était dénudé à un endroit; je l'ai donc enlevé et cela a l'air d'aller mieux aussi; mes déconnexions pouvaient elles venir de ce fil dénudé?? Merci encore Cordialement ZUR
- le 24 septembre 2013
- 10 réponses
Achat ordi neuf

zurlinden a posté un sujet dans Conseils matériel - Achats & Ventes

Bjr; j'ai des soucis avec mon ordi( e machines qui a plus de 6 ans).Tonton (de Zebulon) est sur le coup, donc j'ai bon espoir ) mais, ds l'hypothèse où je devrais changer d'ordi, que me conseillez vous, niveau marque, processeur, puissance, etc... j'utilise surtt l'ordi pour consult internet, bureautique, et jeux en ligne, genre belotte, tarots etc............... donc, je pense que je n'ai pas besoin d'une formule1 ) mon budget; environ 450€ et, C Discount, est ce sérieux comme vendeur en ligne???? j'ai regardé un peu hier, et leurs prix ont l'air corrects; et enfin, Asuss, est ce une bonne marque??? Merci à ts et bonne journée Zurlinden
- le 24 septembre 2013
- 5 réponses
[Résolu] Ralentissement affichage pages Internet

zurlinden a répondu à un(e) sujet de zurlinden dans Internet & Réseaux

salut tonton: voilà les fichiers demandés: il me semble qu'il y a un léger mieux, mais tjrs mes problèmes de déconnexion sur mes sites de jeux favoris ( Fichier1 ABBYY FineReader 9.0 Sprint ABBYY 10/07/2011 174 Mo 9.01.513.58212 Adobe AIR Adobe Systems Incorporated 26/10/2012 30,0 Mo 3.4.0.2710 Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 20/09/2013 11.8.800.175 Adobe Flash Player 11 Plugin Adobe Systems Incorporated 11/09/2013 11.8.800.168 Adobe Reader X (10.1. - Français Adobe Systems Incorporated 13/09/2013 10.1.8 Adobe Shockwave Player 11.5 Adobe Systems, Inc. 28/04/2011 8,19 Mo 11.5.9.620 Agere Systems PCI-SV92EX Soft Modem Agere Systems 14/12/2008 Apple Software Update Apple Inc. 28/11/2011 2,38 Mo 2.1.3.127 Archiveur WinRAR 04/07/2009 2,92 Mo audioGnome 26/05/2012 4,59 Mo audioGnome Active Installer 26/05/2012 Avira Free Antivirus Avira 10/09/2013 69,2 Mo 13.0.0.4042 CCleaner Piriform 21/08/2013 2,53 Mo 4.05 Codutil 10/04/2011 DC-Bass Source 1.3.0 14/07/2013 740 Ko DirectVobSub 2.40.4209 MPC-HC Team 14/07/2013 1,96 Mo 2.40.4209 eMachines Recovery Management Acer Incorporated 10/10/2007 43,5 Mo 3.1.3003 Epson Connect Printer Setup SEIKO EPSON CORPORATION 03/02/2013 8,32 Mo 1.1.1 Epson Easy Photo Print 2 SEIKO EPSON CORPORATION 22/01/2013 63,2 Mo 2.3.2.0 Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) SEIKO EPSON CORPORATION2 22/01/2013 372 Ko 1.00.0000 Epson Event Manager Seiko Epson Corporation 22/01/2013 42,4 Mo 3.01.0000 EPSON Scan Seiko Epson Corporation 22/01/2013 8,02 Mo EPSON XP-302 303 305 306 Series Printer Uninstall SEIKO EPSON Corporation 03/02/2013 EpsonNet Print SEIKO EPSON CORPORATION 22/01/2013 4,60 Mo 2.5.00 ffdshow v1.1.4399 [2012-03-22] 14/07/2013 13,4 Mo 1.1.4399.0 FilesFrog Update Checker 01/06/2013 264 Ko Glary Utilities 3.9.1 Glarysoft Ltd 10/09/2013 37,6 Mo 3.9.1.138 Glarysoft Toolbar Glarysoft Ltd 12/01/2013 3,60 Mo 1.3.0 Google Chrome Google Inc. 17/04/2011 77,6 Mo 28.0.1500.72 Google Talk Plugin Google 10/07/2013 20,6 Mo 4.2.1.14031 Google Toolbar for Internet Explorer Google Inc. 17/08/2013 7,14 Mo 7.5.4413.1752 Guide d'utilisation EPSON SX130 Series 10/07/2011 6,82 Mo Guide réseau EPSON XP-302 303 305 306 Series 22/01/2013 9,72 Mo Hopa 10/10/2007 Java 7 Update 25 Oracle 27/07/2013 129 Mo 7.0.250 Java 6 Update 31 Oracle 21/02/2012 95,1 Mo 6.0.310 Java 6 Update 5 Sun Microsystems, Inc. 14/12/2008 163 Mo 1.6.0.50 JavaFX 2.1.1 Oracle Corporation 22/06/2012 20,8 Mo 2.1.1 king.com (remove only) Midasplayer Ltd (king.com) 01/05/2013 Lagarith Lossless Codec (1.3.27) 14/07/2013 LAME v3.99.3 (for Windows) 14/07/2013 1,55 Mo Logitech Vid HD Logitech Inc.. 28/05/2012 99,6 Mo 7.2 (7259) Logitech Webcam Software Logitech Inc. 15/04/2012 2.0 Ludi 22/09/2013 728 Ko Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 21/05/2009 27,8 Mo Microsoft .NET Framework 4 Client Profile Microsoft Corporation 01/08/2011 120 Mo 4.0.30320 Microsoft Office File Validation Add-In Microsoft Corporation 15/09/2011 14.0.5130.5003 Microsoft Office Home and Student 2007 Microsoft Corporation 30/10/2011 332 Mo 12.0.6612.1000 Microsoft Office Live Add-in 1.5 Microsoft Corporation 26/05/2010 506 Ko 2.0.4024.1 Microsoft Office Outlook Connector Microsoft Corporation 21/10/2010 3,35 Mo 14.0.5118.5000 Microsoft Office PowerPoint Viewer 2007 (French) Microsoft Corporation 17/09/2013 12.0.6612.1000 Microsoft Office Professional Plus 2007 Microsoft Corporation 30/10/2011 622 Mo 12.0.6612.1000 Microsoft Office Suite Activation Assistant Microsoft Corporation 14/12/2008 8,36 Mo 2.9 Microsoft Silverlight Microsoft Corporation 13/07/2013 5.1.20513.0 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 05/11/2009 1,74 Mo 3.1.0000 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 29/07/2009 251 Ko 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 23/06/2011 294 Ko 8.0.59193 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 29/07/2009 199 Ko 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 15/04/2011 592 Ko 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 21/07/2009 590 Ko 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 02/11/2010 587 Ko 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 23/06/2011 594 Ko 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 18/12/2011 10.0.40219 Microsoft Works Microsoft Corporation 12/10/2012 9.7.0621 Mises à jour NVIDIA 1.10.8 NVIDIA Corporation 09/11/2012 6,37 Mo 1.10.8 Module de compatibilité pour Microsoft Office System 2007 Microsoft Corporation 17/09/2013 12.0.6612.1000 Module linguistique Microsoft .NET Framework 3.5 SP1- fra Microsoft Corporation 21/05/2009 36,9 Mo Module linguistique Microsoft .NET Framework 4 Client Profile FRA Microsoft Corporation 01/08/2011 19,1 Mo 4.0.30320 MSXML 4.0 SP2 (KB927978) Microsoft Corporation 05/08/2009 34,0 Ko 4.20.9841.0 MSXML 4.0 SP2 (KB954430) Microsoft Corporation 05/08/2009 1,27 Mo 4.20.9870.0 MSXML 4.0 SP2 (KB973688) Microsoft Corporation 24/11/2009 1,33 Mo 4.20.9876.0 MyDefrag v4.3.1 J.C. Kessels 25/10/2010 3,28 Mo 4.0.0.0 NVIDIA Display Control Panel NVIDIA Corporation 28/08/2010 19,7 Mo 6.14.12.5896 NVIDIA Drivers NVIDIA Corporation 09/11/2010 1.10.62.40 NVIDIA Pilote du contrôleur 3D Vision 280.19 NVIDIA Corporation 18/04/2012 416 Ko 280.19 NVIDIA Pilote graphique 307.83 NVIDIA Corporation 16/03/2013 187 Mo 307.83 OpenSource Flash Video Splitter 1.0.0.5 14/07/2013 444 Ko 1.0.0.5 PokerStars.fr PokerStars.fr 04/01/2013 54,3 Mo PowerDVD CyberLink Corporation 10/10/2007 79,1 Mo 7.0.3409.a Qtrax Player 10/10/2007 Realtek High Definition Audio Driver Realtek Semiconductor Corp. 14/12/2008 21,7 Mo 6.0.1.5628 Revo Uninstaller 1.92 VS Revo Group 02/08/2011 6,60 Mo 1.92 SAMSUNG USB Driver for Mobile Phones SAMSUNG Electronics Co., Ltd. 01/08/2011 38,1 Mo 1.4.2.2 Skype™ 6.6 Skype Technologies S.A. 24/07/2013 21,1 Mo 6.6.106 Software Updater SEIKO EPSON CORPORATION 22/06/2013 7,97 Mo 4.1.1 Sony Ericsson Update Engine Sony Ericsson Communications AB 31/08/2013 148 Mo 2.13.9.201308081522 Sony PC Companion 2.10.174 Sony 19/09/2013 116 Mo 2.10.174 Spelling Dictionaries Support For Adobe Reader 9 Adobe Systems Incorporated 22/05/2009 29,6 Mo 9.0.0 Unity Web Player Unity Technologies ApS 20/04/2013 216 Ko USB Video Camera Driver v1.40 Generic 08/05/2011 5,67 Mo 1.4.00 VLC media player 2.0.2 VideoLAN 01/06/2013 72,4 Mo 2.0.2 vShare Plugin 19/01/2011 1,39 Mo Windows Live Microsoft Corporation 21/10/2010 15.4.3502.0922 Windows Live FolderShare Microsoft Corporation 05/11/2009 2,79 Mo 14.0.8089.726 Windows Media Player Firefox Plugin Microsoft Corp 27/05/2011 296 Ko 1.0.0.8 Fichier2 Oui HKCU:Run Adobe Reader Synchronizer Adobe Systems Incorporated "C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe" Oui HKCU:Run swg Google Inc. "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" Oui HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" Oui HKLM:Run avgnt Avira Operations GmbH & Co. KG "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min Oui HKLM:Run EEventManager SEIKO EPSON CORPORATION "C:\Program Files\Epson Software\Event Manager\EEventManager.exe" Oui HKLM:Run LanguageShortcut CyberLink "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" Oui HKLM:Run LWS Logitech Inc. C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide Oui HKLM:Run Skytel Realtek Semiconductor Corp. "Skytel.exe" Oui HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files\Common Files\Java\Java Update\jusched.exe" merci encore de ce que tu voudras bien faire pour moi: à demain
- le 23 septembre 2013
- 10 réponses
[Résolu] Ralentissement affichage pages Internet

zurlinden a répondu à un(e) sujet de zurlinden dans Internet & Réseaux

salut Tonton: Je fais ce que tu m'as indiqué au plus vite et poste les fichiers demandés: merci pour ton aide cordialement Zurlinden
- le 23 septembre 2013
- 10 réponses
[Résolu] Ralentissement affichage pages Internet

zurlinden a posté un sujet dans Internet & Réseaux

Bonjour; peut être en relation avec mon post sur "déconnections fréquentes sur site de jeux ludiclub": également depuis qq jours, je remarque sur mon ordi un ralentissement lorsque je consulte internet: pour passer d'une page à l'autre, souvent apparait un petit disque, comme un CD et l'ordi cherche, cherche, et la page nouvelle apparaît enfin, ou pire, google m'indique "oops, petit probl, la page n'a pas pu être trouvée"; actualiser pour ré essayer; ce que je fais, et en général ça fonctionne; mais pas normal, n'st ce pas?? merci de votre aide
- le 22 septembre 2013
- 10 réponses
Déconnexions fréquentes sur sites LudiClub et Skill 07

zurlinden a posté un sujet dans Internet & Réseaux

bonjour: depuis quelques jours, sur des sites de jeux (belote tarots), je fais l'objet de déconnexions fréquentes, et je ralentis le jeu de mes partenaires; de quoi cela peut il venir??, j'ai appelé le service d'assistance Bouygues, qui a fait les vérifs et tout semble ok: cela peut il venir de mon ordi?? il a déjà 5 ans ;o( j'ai une connexion haut débit avec B Box. les test de "ping" ont été faits et sont ok: merci de votre aide bonne journée ps/ j'ai fait un scan et tt est ok aussi
- le 22 septembre 2013
RESOLU.PC vers TV – câble VGA – son

zurlinden a répondu à un(e) sujet de zurlinden dans Internet & Réseaux

OK, j'ai compris. Merci beaucoup pour ton aide. Bon week-end.
- le 3 septembre 2011
- 6 réponses
RESOLU.PC vers TV – câble VGA – son

zurlinden a répondu à un(e) sujet de zurlinden dans Internet & Réseaux

Ok merci bcp. si j'ai bien compris j'achète un cable jack/jack et je branche depuis la tour du PC sur la TV??? y a t il une couleur de trous ? derriere TV il y a des trous 1 noir intitule PC HDMI/AUDIO IN, et en dessous, 2 trous : 1 blanc et un rouge intitulés/ r/l (droit et gauche je suppose. donc avec l'image du cable que tu m'as fournie je pense que ça va ds le trou noir ???? merci encore.
- le 3 septembre 2011
- 6 réponses
RESOLU.PC vers TV – câble VGA – son

zurlinden a posté un sujet dans Internet & Réseaux

Bonjour, Un ami m'a donné un câble VGA pour pouvoir regarder les films contenus dans mon ordi sur ma TV (Sony Bravia). Tout est OK. Seul petit problème, le son. Quand je regarde les films, je n'ai que le son des HP de mon ordi. Mon écran de PC (LG Flatron E2240) n'a pas de HP, j'ai donc installé 2 HP Hercules. Question : est-il possible d'avoir le son de la TV sans passer par les HP ? Autrement dit, est-il possible de regarder les films en pouvant régler le son depuis la TV. Je suis sous Darty box, dégroupage total. Merci pour votre aide. Euhhhhhhhhh, conseils simples si possible, car je n'y connais pas grand-chose en micro et info :0) Bonne journée et bon week-end.
- le 3 septembre 2011
- 6 réponses
Windows Internet Explorer 9 pour Windows Vista

zurlinden a répondu à un(e) sujet de zurlinden dans Mises à jour utilitaires

Un grand merci pour ton aide précieuse: tout est OK maintenant. bonne journée et encore merci cordialememt
- le 21 avril 2011
- 2 réponses

Connexion

zurlinden

Compteur de contenus

Inscription

Dernière visite

Jours gagnés

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par zurlinden

[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

[Résolu] Fenêtres de pub qui s'ouvrent de manière intempestive

[Résolu] Ralentissement affichage pages Internet

[Résolu] Ralentissement affichage pages Internet

[Résolu] Ralentissement affichage pages Internet

Achat ordi neuf

[Résolu] Ralentissement affichage pages Internet

[Résolu] Ralentissement affichage pages Internet

[Résolu] Ralentissement affichage pages Internet

Déconnexions fréquentes sur sites LudiClub et Skill 07

RESOLU.PC vers TV – câble VGA – son

RESOLU.PC vers TV – câble VGA – son

RESOLU.PC vers TV – câble VGA – son

Windows Internet Explorer 9 pour Windows Vista

Zebulon

Outils en ligne

Naviguer