Alakazamm
-
Compteur de contenus
26 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par Alakazamm
-
[Résolu] Infection carabinée
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
Tout à fait normalement, c'est nickel, comme avant l'infection, d'ailleurs ça fait depuis plusieurs étape! Enfin, je peux à nouveau jouir de mon ordinateur et faire mon travail, c'est fantastique merci beaucoup pour l'efficacité, la concision et le temps que vous m'avez accordé je ne sais pas comment vous remercier! -
[Résolu] Infection carabinée
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
~ ZHPCleaner v2016.1.28.17 by Nicolas Coolman (2016/01/28) ~ Run by Antonin (Administrator) (29/01/2016 20:05:40) ~ Site : http://www.nicolascoolman.fr ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Nettoyer ~ Report : C:\Users\Antonin\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Antonin\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 8.1, 64-bit (Build 9600) ---\\ Service. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Navigateur internet. (2) SUPPRIMÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [bad : Port=50683 <-Loopback>] =>Hijacker.Proxy SUPPRIMÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [bad : Port=50683 <-Loopback>] =>Hijacker.Proxy ---\\ Fichier hôte. (1) ~ Le fichier hôte est légitime. (36) ---\\ Tâche planifiée. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Explorateur ( Dossiers, Fichiers ). (22) DEPLACÉ dossier: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\CrashRpt =>.Superfluous.CrashReports DEPLACÉ dossier: C:\WINDOWS\Installer\MSI15F8.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI1794.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI191B.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI19F7.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI213B.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI25A1.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI2813.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI296C.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI3A5C.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI3C13.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI3D0E.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI3E18.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI3EF5.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI5EF0.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI626.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI6598.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI6664.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI6711.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSI684A.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSIA661.tmp- =>Empty DEPLACÉ dossier: C:\WINDOWS\Installer\MSIB5A4.tmp- =>Empty ---\\ Base de Registres ( Clés, Valeurs, Données ). (1) SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{320AF880-6646-11D3-ABEE-C5DBF3571F49} [savePass] =>PUP.Optional.CrossRider -
[Résolu] Infection carabinée
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
Rapport de ZHPFix 2015.10.19.9 par Nicolas Coolman, Update du 19/10/2015 Fichier d'export Registre : Run by Antonin at 29/01/2016 19:49:11 High Elevated Privileges : OK Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600) Corbeille vidée (00mn 02s) Dossier Prefetcher vidé Réparation des raccourcis navigateur ========== Clés du Registre ========== SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\14919ea49a8f3b4aa3cf1058d9a64cec Branche de Base de Registres IFEO non infectée ! ========== Valeurs du Registre ========== ProxyFix : Configuration proxy supprimée avec succès SUPPRIMÉ ProxyServer Value SUPPRIMÉ ProxyEnable Value SUPPRIMÉ EnableHttp1_1 Value SUPPRIMÉ ProxyHttp1.1 Value SUPPRIMÉ ProxyOverride Value Aucune Valeur Standard Profile: FirewallRaz : Aucune Valeur Domain Profile: FirewallRaz : SUPPRIMÉ: FirewallRaz (None) : {A45EB862-D54C-460A-B00D-10A2A9C005F5} SUPPRIMÉ: FirewallRaz (Public) : {FBBD39EB-2444-4BCE-8C35-CFB77B5F06D2} SUPPRIMÉ: FirewallRaz (Public) : {E9EF5EFB-F796-4CD9-8710-2BEEF4EBB8A5} ========== Dossiers ========== Aucun dossiers CLSID Local utilisateur vide SUPPRIMÉS Temporaires Windows (13) SUPPRIMÉS Flash Cookies (0) ========== Fichiers ========== SUPPRIMÉS Temporaires Windows (50) (44 732 616 octets) SUPPRIMÉS Flash Cookies (0) (0 octets) ========== Récapitulatif ========== 2 : Clés du Registre 11 : Valeurs du Registre 3 : Dossiers 2 : Fichiers End of clean in 00mn 06s ========== Chemin de fichier rapport ========== C:\Users\Antonin\AppData\Roaming\ZHP\ZHPFix[R1].txt - 29/01/2016 15:49:35 [7383] C:\Users\Antonin\AppData\Roaming\ZHP\ZHPFix[R2].txt - 29/01/2016 19:49:14 [1600] -
[Résolu] Infection carabinée
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
L'exception pare feu windows pour chromium me fait peur, c'est un des trucs qui s'est installé aujourd'hui avec mon virus... -
[Résolu] Infection carabinée
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
Et voila!! http://www.cjoint.com/c/FADsQJkTxJA -
[Résolu] Infection carabinée
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
Pardon mais c'est quoi KMS? -
[Résolu] Infection carabinée
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
Et voila le rapport MBAM http://www.cjoint.com/c/FADqVQJzVCA -
[Résolu] Infection carabinée
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
Rapport SFTGC : http://www.cjoint.com/c/FADpGst05yA Marrant que tu parles de rootkit, avast m'en a fait supprimer au redémarrage post adwcleaner! -
[Résolu] Infection carabinée
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
# AdwCleaner v5.031 - Logfile created 29/01/2016 at 16:11:10 # Updated 25/01/2016 by Xplode # Database : 2016-01-25.3 [server] # Operating system : Windows 8.1 (x64) # Username : Antonin - SHAKA_ZULOU # Running from : C:\Users\Antonin\Desktop\adwcleaner_5.031.exe # Option : Cleaning # Support : http://toolslib.net/forum ***** [ Services ] ***** [-] Service Deleted : ihpmServer ***** [ Folders ] ***** [-] Folder Deleted : C:\Program Files\SpaceSoundPro [-] Folder Deleted : C:\Program Files (x86)\SpaceSondPro_v53.12501 ***** [ Files ] ***** [-] File Deleted : C:\task.vbs [-] File Deleted : C:\Users\Antonin\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_search.internetquickaccess.com_0.localstorage [-] File Deleted : C:\Users\Antonin\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_search.internetquickaccess.com_0.localstorage-journal [-] File Deleted : C:\Users\Antonin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Quick Access.lnk ***** [ DLLs ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** [-] Task Deleted : IQA ***** [ Registry ] ***** [-] Key Deleted : HKCU\Software\Mozilla\Extends [-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zcwfp [-] Key Deleted : HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{85198F55-85AC-498A-BFE4-BBC33840F4AB} [-] Key Deleted : HKCU\Software\Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3323765B-5B83-4406-841E-473DBA4B8F29} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{389562C4-59D9-40C4-966E-28DA91725FFE} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F8D3B31-AEB8-4ED7-8B05-5556068D6B54} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6ED1EF08-DFF4-4252-8986-691D06C54131} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{83E07061-02D1-41EC-8751-BB176B823C38} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9F0948E7-227A-4F1B-9849-2D8912F185A7} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A471A4AA-5C18-429F-81BF-6C760941DB74} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C0A7C2B3-86D6-42AF-8221-79C9E4AD50BA} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F2FB003D-07C7-4E4D-80E3-00B49468A6F4} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F7971E81-FC71-4659-8CCE-C903576E0924} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{00E3D575-A24C-4BBC-A708-BCDB8BBCA6C7} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{024BF4C8-B53D-45B9-957F-D3BA9655FF39} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{074DCA49-F6A1-417F-B79E-D5E3ADC30330} [-] Key Deleted : HKCU\Software\Microsoft\Tinstalls [!] Key Not Deleted : HKCU\Software\Mozilla\Extends [-] Key Deleted : HKCU\Software\OB [-] Key Deleted : HKCU\Software\TeleCharger [-] Key Deleted : [x64] HKLM\SOFTWARE\downchecker [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1 [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\chatango.com [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\inboxace.dl.tb.ask.com [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\oursafesearch.com [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\safesidesearch.com [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.oursafesearch.com [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.safesidesearch.com [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.searchinsocial.com [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\searchinsocial.com [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\st.chatango.com ***** [ Web browsers ] ***** ************************* :: "Tracing" keys removed :: Winsock settings cleared ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4818 bytes] ########## -
[Résolu] Infection carabinée
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
C'est bon il s'est réveillé, j'ai le rapport je poursuis! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.2 (01.06.2016) Operating System: Windows 8.1 x64 Ran by Antonin (Administrator) on 29/01/2016 at 15:55:12,44 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 6 Failed to delete: C:\Program Files (x86)\SpaceSondPro_v53.12501 (Folder) Successfully deleted: C:\end (File) Successfully deleted: C:\Users\Antonin\AppData\Local\32444335-1454075967-3036-464B-8434977DF056 (Folder) Successfully deleted: C:\Users\Antonin\AppData\Local\crashrpt (Folder) Successfully deleted: C:\Users\Antonin\AppData\Roaming\Mozilla\Firefox\Profiles\w7yu3q9v.default\Invalidprefs.js (File) Successfully deleted: C:\Users\Antonin\AppData\Roaming\Mozilla\Firefox\Profiles\w7yu3q9v.default\user.js (File) Registry: 8 Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fi_005010221 (Registry Value) Successfully deleted: HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\deskcutv2@gmail.com (Registry Value) Successfully deleted: HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\searchffv2@gmail.com (Registry Value) Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\{15b38a02-7a0f-4a33-8739-ecaf7ea3f55a}Gw64 (Registry Key) Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} (Registry Key) Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E6AE7BD3-51DE-4A17-AE79-74E3520DCBBD} (Registry Key) Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} (Registry Key) Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{E6AE7BD3-51DE-4A17-AE79-74E3520DCBBD} (Registry Key) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 29/01/2016 at 16:06:15,67 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -
[Résolu] Infection carabinée
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
A l'étape browsers le message suivant est apparu: fc.exe - Erreur d'application L'application n'a pas réussi à démarrer correctement (0xc0000018) Cliquez sur OK pour fermer l'application. Quelques secondes après, rebelote avec reg.exe Depuis junkware semble au point mort -
[Résolu] Infection carabinée
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
Je suis les consignes! -
[Résolu] Infection carabinée
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
Rapport de ZHPFix 2015.10.19.9 par Nicolas Coolman, Update du 19/10/2015 Fichier d'export Registre : Run by Antonin at 29/01/2016 15:49:31 High Elevated Privileges : OK Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600) Corbeille vidée (00mn 03s) Dossier Prefetcher vidé Réparation des raccourcis navigateur ========== Logiciels ========== ABSENT Uninstall Process: c:\users\antonin\appdata\local\chromium\application\45.0.2433.0\installer\setup.exe ABSENT Uninstall Process: c:\users\antonin\appdata\roaming\vopackage\uninstall.exe ========== Processus mémoire ========== SUPPRIMÉ: Memory Process: C:\Program Files\REACHit\REACHit.exe SUPPRIMÉ Redémarrage: Memory Process: C:\Users\Antonin\AppData\Local\Temp\XXAEO04RPNVP\newversion.exe SUPPRIMÉ: Memory Process: C:\Program Files (x86)\RayDld\ihpmServer.exe SUPPRIMÉ: Memory Process: C:\Users\Antonin\AppData\Local\Chromium\Application\45.0.2433.0\Installer\updater\updater.exe ========== Clés du Registre ========== SUPPRIMÉ Logiciel Key: [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InternetQuickAccess] SUPPRIMÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage] SUPPRIMÉ: Service: bymeluwuzbt SUPPRIMÉ: Service: ihpmServer SUPPRIMÉ: Service: REACHit SUPPRIMÉ: Service: wucotusy SUPPRIMÉ: Service: zutuzuni SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\downchecker SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\ihpmserver SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\mysites123Software SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\QuickSearch SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\RayDld SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\SpaceSondPro SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Tutorials SUPPRIMÉ: HKCU\SOFTWARE\DailyPcClean SUPPRIMÉ: HKCU\SOFTWARE\ICSW1.17 SUPPRIMÉ: HKCU\SOFTWARE\ProductSetup SUPPRIMÉ: HKCU\SOFTWARE\tstamptoken SUPPRIMÉ: HKCU\SOFTWARE\TutoTag SUPPRIMÉ:* HKLM\SOFTWARE\Microsoft\Tracing\REACHit_RASAPI32 SUPPRIMÉ:* HKLM\SOFTWARE\Microsoft\Tracing\REACHit_RASMANCS Branche de Base de Registres IFEO non infectée ! ========== Valeurs du Registre ========== SUPPRIMÉ RunValue: SpaceSoundPro SUPPRIMÉ RunValue: ospd_us_013010221 SUPPRIMÉ RunValue: IOPROTECT ProxyFix : Configuration proxy supprimée avec succès SUPPRIMÉ ProxyServer Value SUPPRIMÉ ProxyEnable Value SUPPRIMÉ EnableHttp1_1 Value SUPPRIMÉ ProxyHttp1.1 Value SUPPRIMÉ ProxyOverride Value Aucune Valeur Standard Profile: FirewallRaz : Aucune Valeur Domain Profile: FirewallRaz : SUPPRIMÉ: FirewallRaz (Domain) : {9E3D57FC-7C37-4424-9352-4831E97D029D} SUPPRIMÉ: FirewallRaz (Domain) : {548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6} SUPPRIMÉ: FirewallRaz (Domain) : NetPres-In-TCP-NoScope SUPPRIMÉ: FirewallRaz (Domain) : NetPres-Out-TCP-NoScope SUPPRIMÉ: FirewallRaz (None) : NetPres-WSD-In-UDP SUPPRIMÉ: FirewallRaz (None) : NetPres-WSD-Out-UDP SUPPRIMÉ: FirewallRaz (Public) : NetPres-In-TCP SUPPRIMÉ: FirewallRaz (Public) : NetPres-Out-TCP SUPPRIMÉ: FirewallRaz (None) : MCX-Prov-Out-TCP SUPPRIMÉ: FirewallRaz (None) : MCX-McrMgr-Out-TCP SUPPRIMÉ: FirewallRaz (Domain) : {E7985E1D-C36F-4787-80A8-6350D07E9266} SUPPRIMÉ: FirewallRaz (None) : {808F1451-4108-46FD-ADBB-F17324B5F0BD} SUPPRIMÉ: FirewallRaz (Private) : {AAE47C34-D5C4-464C-BEA1-5EC8AB097B06} SUPPRIMÉ: FirewallRaz (Private) : {2EA32298-A578-496C-9ED8-D500C064987D} SUPPRIMÉ: FirewallRaz (Private) : {75E95C8D-731C-44AC-B505-C9086DE9CA45} SUPPRIMÉ: FirewallRaz (Private) : {55BCD1A6-E0F3-4A54-A4EB-60A941070666} SUPPRIMÉ: FirewallRaz (Private) : {CA7CE1E1-9545-4621-B3E4-376B3FF5D1E0} SUPPRIMÉ: FirewallRaz (Private) : {7316939A-24FA-48CB-B7C9-1BDBAD450BF8} SUPPRIMÉ: FirewallRaz (Private) : {1CE2D4BE-6D77-4DB7-A8FF-9C244D7FF909} SUPPRIMÉ: FirewallRaz (Private) : {B7A41C83-38BF-4A80-8E7D-A17C8EEAEF63} SUPPRIMÉ: FirewallRaz (None) : {9F93E6DB-F2C4-4FA3-A600-CBC7D21B4C6F} SUPPRIMÉ: FirewallRaz (Public) : {11E7AB56-485C-4E1D-A23D-1D2EAB1F3F26} SUPPRIMÉ: FirewallRaz (Public) : {3B839622-52BD-4ABC-B5C3-945DF05ACA67} ========== Eléments de donnée du Registre ========== SUPPRIMÉ: R1 Search Page = <-loopback> ========== Préférences navigateur ========== ABSENT Mozilla Pref: user_pref("browser.newtab.url", "http://www.mysites12...fz8w4z0efmeo4g7[...] ========== Dossiers ========== Aucun dossiers CLSID Local utilisateur vide SUPPRIMÉS Temporaires Windows (654) SUPPRIMÉS Flash Cookies (0) ========== Fichiers ========== SUPPRIMÉ: c:\program files (x86)\32444335-1454072206-3036-464b-8434977df056\knsc65ba.tmpfs SUPPRIMÉ: c:\program files\reachit\reachit.exe SUPPRIMÉ:* c:\program files\reachit\reachit.exe SUPPRIMÉ: c:\windows\prefetch\amt_mysites123.exe-17ea084f.pf SUPPRIMÉ: c:\windows\prefetch\ospd_us_013010221 - uninstall-00a0dc32.pf SUPPRIMÉ: c:\windows\prefetch\ospd_us_013010221.exe-e1c667bf.pf SUPPRIMÉ: c:\windows\prefetch\package_wajam_installer_multi-4be36265.pf SUPPRIMÉ: c:\windows\prefetch\package_wajam_installer_multi-baf6a2fb.pf SUPPRIMÉ: c:\windows\prefetch\predm.exe-141e544a.pf SUPPRIMÉ: c:\windows\prefetch\predm.exe-c51367c9.pf SUPPRIMÉ: c:\windows\prefetch\predm.tmp-3982fbfe.pf SUPPRIMÉ: c:\windows\prefetch\predm.tmp-3a3a6e4c.pf SUPPRIMÉ: c:\windows\prefetch\predm.tmp-72ae01b8.pf SUPPRIMÉ: c:\windows\prefetch\reachit.exe-f8fbc2d0.pf SUPPRIMÉ: c:\windows\prefetch\upospd_us_013010221.exe-75c147b5.pf SUPPRIMÉ: c:\windows\prefetch\wajam_install.exe-90051b6e.pf SUPPRIMÉ: c:\windows\prefetch\zcengine.exe-bbcbaa89.pf SUPPRIMÉ: c:\users\antonin\appdata\local\microsoft\windows\inetcache\ie\is0gb0yw\bundle_flowsurfcb[2].exe SUPPRIMÉ: c:\users\antonin\appdata\local\microsoft\windows\inetcache\ie\ciqdjkiw\setup_ospd_us[1].exe SUPPRIMÉ: c:\users\antonin\appdata\local\microsoft\windows\inetcache\ie\ciqdjkiw\vuupc_vo2_8907[1].exe SUPPRIMÉ: c:\users\antonin\appdata\local\microsoft\windows\inetcache\ie\8yva1u8d\vopackage[1].exe SUPPRIMÉ: C:\Users\Antonin\AppData\Roaming\Mozilla\Firefox\Profiles\w7yu3q9v.default\searchplugins\search-provided-by-yahoo.xml SUPPRIMÉ: C:\WINDOWS\System32\drivers\{15b38a02-7a0f-4a33-8739-ecaf7ea3f55a}Gw64.sys SUPPRIMÉS Temporaires Windows (559) (1 225 487 945 octets) SUPPRIMÉS Flash Cookies (0) (0 octets) ========== Tache planifiée ========== SUPPRIMÉ: Internet Quick Access Updater SUPPRIMÉ: zyh3018 ========== Autre ========== NON TRAITÉ 3 - CFD: 29/01/2016 - [] D -- C:\Program Files (x86)\32444335-1454072206-3036-464B-8434977DF056 NON TRAITÉ 3 - CFD: 29/01/2016 - [] D -- C:\Program Files (x86)\QuickSearch NON TRAITÉ 3 - CFD: 29/01/2016 - [] D -- C:\Program Files (x86)\RayDld {15BE65185D88F5DE7A3448CCA2ADF5A7} NON TRAITÉ 3 - CFD: 29/01/2016 - [0] D -- C:\Program Files (x86)\SpaceSondPro_v53.12501 NON TRAITÉ 3 - CFD: 29/01/2016 - [] D -- C:\Users\Antonin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage NON TRAITÉ [HKLM64\SOFTWARE\Microsoft\Tracing\REACHit_RASAPI32] NON TRAITÉ [HKLM64\SOFTWARE\Microsoft\Tracing\REACHit_RASMANCS] ========== Récapitulatif ========== 4 : Processus mémoire 22 : Clés du Registre 34 : Valeurs du Registre 1 : Eléments de donnée du Registre 3 : Dossiers 25 : Fichiers 2 : Logiciels 1 : Préférences navigateur 2 : Tache planifiée 7 : Autre End of clean in 03mn 56s ========== Chemin de fichier rapport ========== C:\Users\Antonin\AppData\Roaming\ZHP\ZHPFix[R1].txt - 29/01/2016 15:49:35 [7301] -
[Résolu] Infection carabinée
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
Je suis dessus! -
[Résolu] Infection carabinée
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
Et voila le rapport! http://www.cjoint.com/c/FADoIt04EhA -
[Résolu] Infection carabinée
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
Je m'y attèle de ce pas! Merci, mille fois merci! -
Bonjour, Je suis étudiant et j'ai besoin de mon ordinateur quotidiennement pour les cours etc... Toujours est-il que j'ai attrapé un sale virus qui m'installe des tas de choses indésirables, fait capoter mon navigateur et j'en passe... Je vient donc demander l'aide de personnes qualifiés,étant moi même un grand novice de l'informatique. Merci de bien vouloir m'accorder votre aide, j'en serais plus que reconnaissant! (je reste scotché devant mon ordi en vous attendant ) Cordialement.
-
Ordinateur infecté
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
Excusez moi, mais j'ai fait la betise de mal m'y prendre pour le rapport du premier sujet, du coup impossible de chargr ou naviguer sur la page avec ce nombre de caractères et mon ordi infecté tout lent, s'il vous plait je ne voulais pas mal faire! -
Ordinateur infecté
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
Ha j'ai encore des pop ups ... -
Ordinateur infecté
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
Et voila le dernier rapport! http://cjoint.com/?3KmsTdvrIB3 Quant à mon ordi il va beaucoup mieux j'ai l'impression! Mille fois merci d'avoir été clair et serviable comme ça, vraiment ce que vous faites est utile et bienvenue!!!! -
Ordinateur infecté
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
Alors voila le scan SFTGC : http://cjoint.com/?3Klw7ZQJE1s Et le rapport MBAM : http://cjoint.com/?3KmsTdvrIB3 -
Ordinateur infecté
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
Mea culpa, l'étape 2 est faite, voici le rapport : http://cjoint.com/?3KlwvYtcKuB -
Ordinateur infecté
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
J'ai fait ce que vous m'avez demandé, voila le rapport : http://cjoint.com/?3Klwa5Ak8Fc Merci de m'aider! -
Bonjour à tous, J 'ai un problème d'infection avec mon ordinateur. Il manifeste une lenteur extrême, des pop ups intempestifs, redirection vers des pages étranges... J'ai remarqué un programme du nom de boxore client et de plus j'ai omiga search au démarrage de chrome et de internet explorer. Voici le lien de mon scan ZHP diag : : http://cjoint.com/?0Klvx3UrJLA
-
Omiga Plus et Boxore client infectieux
Alakazamm a répondu à un(e) sujet de Alakazamm dans Analyses et éradication malwares
merci de me prendre en charge! ~ Rapport de ZHPDiag v2013.11.6.11 - Nicolas Coolman (06/11/2013) ~ Lancé par Anto (06/11/2013 22:26:55) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v10.0.9200.16721 GCIE: Google Chrome v30.0.1599.101 (Defaut) ---\\ Informations sur les produits Windows ~ Langage: Français Windows 8 Home Premium Edition, 64-bit (Build 9200) Windows Server License Manager Script : OK ~ ion : Windows® Operating System, OEM_DM channel Windows ID Activation : OK ~ Windows Partial Key : XTJYG Windows License : OK ~ Windows Remaining Initializations Number : 998 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système avast! Free Antivirus v8.0.1489.0 Norton Internet Security v20.4.0.40 Windows Defender W8 ---\\ Logiciels d'optimisation du système ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 6041 MB (67% free) System Restore: Activé (Enable) System drive C: has 855 GB (93%) free of 911 GB ---\\ Mode de connexion au système ~ Computer Name: SHAKA_ZULU ~ User Name: Anto ~ All Users Names: HomeGroupUser$, Antonin, Anto, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Anto\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Anto\AppData\Roaming\ ~ %Desktop% : C:\Users\Anto\Desktop\ ~ %Favorites% : C:\Users\Anto\Favorites\ ~ %LocalAppData% : C:\Users\Anto\AppData\Local\ ~ %StartMenu% : C:\Users\Anto\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 855 Go of 911 Go) D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 20 Go) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: 41 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280] [MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608] [MD5.D28B35DE88D27EFB27DF4B1E8319E3C0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/09/2013 - 23:55:10.) -- C:\Windows\System32\wininet.dll [2241024] [MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120] [MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408] [MD5.36D6A3201721558A8AFBCC09C2DA4C2C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.06/11/2012 - 04:53:44.) -- C:\Windows\system32\Drivers\AFD.sys [560640] [MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840] [MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544] [MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080] [MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784] [MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168] [MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640] [MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920] [MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688] [MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776] [MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544] [MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984] [MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928] [MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712] [MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248] [MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/3 ~ Mes musiques (My Musics) : 1/42 ~ Mes Favoris (My Favorites) : 1/8 ~ Mes Documents (My Documents) : 1/2193 ~ Mon Bureau (My Desktop) : 2/1344 ~ Menu demarrer (Programs) : 1/25 ~ Hidden Files: Scanned in 00mn 07s ---\\ Processus lancés [MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.2376] [MD5.92F0C2F900FA70F2B614FEDCD59832DA] - (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Anto\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736] [PID.1624] [MD5.8E331DBFB86B682696ED16D90EC1F11F] - (.Spotify Ltd - Spotify.) -- C:\Users\Anto\AppData\Roaming\Spotify\spotify.exe [4752384] [PID.3424] [MD5.B7995C675014EEBE77A0BEB7AFCCFC08] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432] [PID.3896] [MD5.A9732510C6D8E3C954DB2F249AAC9818] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512] [PID.3960] [MD5.9F3655267BA37004F519ABDDB3AEE244] - (.Hewlett-Packard Development Company, L.P. - HP CoolSense.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008] [PID.3156] [MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.1556] [MD5.569E547273C25B019054A12A40400ECE] - (.OpenOffice.org - OpenOffice.org 3.2.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [11318784] [PID.4000] [MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248040] [PID.3396] [MD5.4B723F33D7331F20E06F3A2FD76EC1D5] - (.OpenOffice.org - OpenOffice.org 3.2.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [11312128] [PID.4124] [MD5.9F96F98409B89C5806F4380867DD48E0] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.4176] [MD5.290DFF71C80B837339B897A328C711B8] - (.Boxore OU - Boxore Client.) -- C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe [961312] [PID.4252] =>Adware.Boxore [MD5.B748868FAA897E85414BF1588ADFC04C] - (...) -- C:\Users\Anto\AppData\Roaming\Spotify\Data\SpotifyHelper.exe [521216] [PID.4312] [MD5.1BF9D6476061B31CD7FC2BF848529A56] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368] [PID.2324] [MD5.D4DDB8CF58103E8CE8E99101C467C979] - (.Sun Microsystems, Inc. - Java Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [490728] [PID.728] [MD5.3E399A1328181C2A352472369DE2A93A] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [844752] [PID.3428] [MD5.BBD4F4E6EF4506BB672C33EA3E1652E8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8182784] [PID.5188] ~ Processes Running: Scanned in 00mn 02s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [user Data\Default] http://isearch.omiga-plus.com G0 - GCSP: Preference [user Data\Default][HomePage] http://isearch.omiga-plus.com G0 - GCSP: Preference [user Data\Default] http://isearch.omiga-plus.com G2 - GCE: Preference [user Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé) G2 - GCE: Preference [user Data\Default] [aohghmighlieiainnegkcijnfilokake] Documents Google v.0.5 (Activé) G2 - GCE: Preference [user Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé) G2 - GCE: Preference [user Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé) G2 - GCE: Preference [user Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé) G2 - GCE: Preference [user Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé) G2 - GCE: Preference [user Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock v.2.6.13, (Activé) G2 - GCE: Preference [user Data\Default] [gomekmidlodglbbmalcneegieacbdmki] avast! Online Security v.8.0.8, (Activé) G2 - GCE: Preference [user Data\Default] [ifohbjbgfchkkfhphahclmkpgejiplfo] Lightning Newtab v.1.1.6.6, (Désactivé) =>PUP.Elex G2 - GCE: Preference [user Data\Default] [iodhphmbcnpplemfjcgefdeniamildab] Sick Graffiti v.1 (Activé) G2 - GCE: Preference [user Data\Default] [khmbajnfeegpfichienonefldpjedofp] LyricsMonkey-15 v.1.25.16, (Activé) =>Adware.AddLyrics G2 - GCE: Preference [user Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [mkfokfffehpeedafpekjeddnmnjhmcmk] Norton Identity Protection v.2013.4.0.10 (Activé) G2 - GCE: Preference [user Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.5.0 (Activé) G2 - GCE: Preference [user Data\Default] [pbpohikckhbcljgombipcdoinkaedlfa] Smart Display v.1.6 (Activé) =>Spyware.SmartDisplay G2 - GCE: Preference [user Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé) ~ Google Browser: 21 Scanned in 00mn 22s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll ~ IE Browser: 11 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Norton Identity Protection [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection [64Bits] - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.dll O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper [64Bits] - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} . (.Hewlett-Packard - HP Network Check IE Plug-in.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline ~ BHO: 6 Scanned in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) -- C:\Program Files (x86)\Audacity\audacity.exe =>.The Audacity Team O4 - GS\Desktop [Public]: avast! Free Antivirus.lnk . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://isearch.omiga-plus.com =>Hijacker.Browsers O4 - GS\Desktop [Public]: iTunes.lnk . (.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe O4 - GS\Desktop [Public]: OpenOffice.org 3.2.lnk . (.OpenOffice.org - OpenOffice.org 3.2.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe O4 - GS\Program [Public]: Apple Software Update.lnk . (...) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe =>.Apple Inc O4 - GS\Program [Public]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) -- C:\Program Files (x86)\Audacity\audacity.exe =>.The Audacity Team O4 - GS\Program [Public]: Connected Music powered by Meridian.lnk . (.Meridian Audio Ltd - HP Connected Music.) -- C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe O4 - GS\Program [Public]: Connected Music powered by Universal Music Group.lnk . (...) -- C:\Program Files (x86)\Connected Music powered by Universal Music Group\Connected Music powered by Universal Music Group.exe O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline O4 - GS\Program [Public]: Microsoft Office.lnk . (...) -- C:\windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe O4 - GS\Program [Public]: Windows Live Movie Maker.lnk . (.Microsoft Corporation - Windows Live Movie Maker.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Live Photo Gallery.lnk . (.Microsoft Corporation - Windows Live Photo Gallery.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Store.lnk . (...) -- C:\Windows\WinStore\WinStore.htm O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Math Input Panel.lnk . (...) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe (.not file.) O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\system32\mstsc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d’écran.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Enregistreur d’actions.) -- C:\Windows\system32\psr.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\system32\charmap.exe =>.Microsoft Corporation O4 - GS\QuickLaunch [Antonin]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\QuickLaunch [Antonin]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\TaskBar [Antonin]: File Explorer.lnk . (...) -- C:\Users\Anto\AppData\Roaming\Microsoft\Windows\Libraries O4 - GS\TaskBar [Antonin]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\TaskBar [Antonin]: HP Utility Center.lnk . (.Hewlett-Packard Development Company, L.P. - HP Premium Utilities.) -- C:\Program Files (x86)\Hewlett-Packard\HP Utility Center\HPPU.exe O4 - GS\TaskBar [Antonin]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Program [Antonin]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Accessories [Antonin]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation O4 - GS\Desktop [Antonin]: Armagetron Advanced.lnk . (...) -- C:\Users\Anto\Jeux\Armagetron Advanced\armagetronad.exe O4 - GS\QuickLaunch [Anto]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://isearch.omiga-plus.com =>Hijacker.Browsers O4 - GS\QuickLaunch [Anto]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com =>Hijacker.Browsers O4 - GS\TaskBar [Anto]: File Explorer.lnk . (...) -- C:\Users\Anto\AppData\Roaming\Microsoft\Windows\Libraries O4 - GS\TaskBar [Anto]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://isearch.omiga-plus.com =>Hijacker.Browsers O4 - GS\TaskBar [Anto]: HP Utility Center.lnk . (.Hewlett-Packard Development Company, L.P. - HP Premium Utilities.) -- C:\Program Files (x86)\Hewlett-Packard\HP Utility Center\HPPU.exe O4 - GS\TaskBar [Anto]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com =>Hijacker.Browsers O4 - GS\Program [Anto]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com =>Hijacker.Browsers O4 - GS\Program [Anto]: Spotify.lnk . (.Spotify Ltd - Spotify.) -- C:\Users\Anto\AppData\Roaming\Spotify\spotify.exe O4 - GS\Accessories [Anto]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation O4 - GS\Desktop [Anto]: Armagetron Advanced.lnk . (...) -- C:\Users\Anto\Jeux\Armagetron Advanced\armagetronad.exe O4 - GS\Desktop [Anto]: MyPC Backup.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup O4 - GS\Desktop [Anto]: Spotify.lnk . (.Spotify Ltd - Spotify.) -- C:\Users\Anto\AppData\Roaming\Spotify\spotify.exe O4 - GS\Desktop [Anto]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman O4 - GS\Desktop [Anto]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman ~ Global Startup: 52 Scanned in 00mn 01s ---\\ Applications lancées au démarrage du sytème (O4) O4 - GS\Startup [Anto]: MyPC Backup.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup O4 - GS\Startup [Anto]: OpenOffice.org 3.2.lnk . (...) -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [sysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) O4 - HKLM\..\Run: [M-Audio Taskbar Icon] . (.Avid Technology, Inc. - M-Audio Task Bar Icon Applet.) -- C:\Windows\system32\M-AudioTaskBarIcon.exe O4 - HKCU\..\Run: [spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Anto\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe O4 - HKCU\..\Run: [spotify] . (.Spotify Ltd - Spotify.) -- C:\Users\Anto\AppData\Roaming\Spotify\spotify.exe O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe O4 - HKLM\..\Wow6432Node\Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Wow6432Node\Run: [HP CoolSense] . (.Hewlett-Packard Development Company, L.P. - HP CoolSense.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe O4 - HKLM\..\Wow6432Node\Run: [boxore Client] . (.Boxore OU - Boxore Client.) -- C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe =>Adware.Boxore O4 - HKUS\S-1-5-21-4227430698-2437772651-996475901-1003\..\Run: [spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Anto\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe O4 - HKUS\S-1-5-21-4227430698-2437772651-996475901-1003\..\Run: [spotify] . (.Spotify Ltd - Spotify.) -- C:\Users\Anto\AppData\Roaming\Spotify\spotify.exe ~ Application: Scanned in 00mn 00s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll ~ Winsock: 7 Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{7D34AFF3-4B5E-4679-9C76-E64E7DA22ED6}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{F38EDB24-55EB-4937-AA05-1B06DD1731E8}: DhcpNameServer = 192.168.55.55 O17 - HKLM\System\CS1\Services\Tcpip\..\{7D34AFF3-4B5E-4679-9C76-E64E7DA22ED6}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{F38EDB24-55EB-4937-AA05-1B06DD1731E8}: DhcpNameServer = 192.168.55.55 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Computer Backup (MyPC Backup) (BackupStack) . (.Just Develop It - Backup Stack.) - C:\Program Files (x86)\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co O23 - Service: oem15.inf (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\System32\Hpservice.exe O23 - Service: HPWMISVC (HPWMISVC) . (.Hewlett-Packard Development Company, L.P. - HP Quick Launch WMI Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Patch Tool..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: Intel® Capability Licensing Service In (Intel® Capability Licensing Service Interface) . (.Intel® Corporation - Intel® Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® ME Service (Intel® ME Service) . (.Intel Corporation - Intel® ME Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel® Dynamic Application Loader Host (jhi_service) . (.Intel Corporation - Intel® Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: Intel® Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Norton Internet Security (NIS) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe O23 - Service: Service Software Update (Software_update (Software_update) . (.The Software Group - Software Update.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore O23 - Service: C:\Windows\System32\stlang64.dll (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: Intel® Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Wsys Service (WsysSvc) . (.Wsys Co., Ltd. - Wsys Control 10.2.1.2652.) - C:\ProgramData\eSafe\eGdpSvc.exe =>PUP.eSafeSecurity ~ Services: 18 Scanned in 00mn 41s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1082] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1086] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForAnto.job [350] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\LyricsMonkey-15-chromeinstaller.job [2004] =>Adware.AddLyrics O39 - APT:Automatic Planified Task - C:\Windows\Tasks\LyricsMonkey-15-codedownloader.job [1288] =>Adware.AddLyrics O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job [932] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job [936] [MD5.5CE2C1433B9B634591F0A1C4C1203A0B] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [251784] [MD5.C34968C46A99BBD6248D30F9F1B778C2] [APT] [boxSoftwareUpdate] (...) -- C:\ProgramData\BoxUpdChk\updchk.exe [177152] =>Adware.Boxore [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [MD5.AF51D4FE088A3EFA5303B36FFFD0581B] [APT] [HPCeeScheduleForAnto] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [91704] [MD5.B11DE85F716861E2F4A3207CE921FD6C] [APT] [LyricsMonkey-15-chromeinstaller] (.knaShoel.) -- C:\Program Files (x86)\LyricsMonkey-15\LyricsMonkey-15-chromeinstaller.exe [471040] =>Adware.AddLyrics [MD5.04945FD8BC811DC4FF7232767F0639AD] [APT] [LyricsMonkey-15-codedownloader] (.knaShoel.) -- C:\Program Files (x86)\LyricsMonkey-15\LyricsMonkey-15-codedownloader.exe [494592] =>Adware.AddLyrics [MD5.B7F55E2AE978D3D34F7876EE5D689AAE] [APT] [MirageAgent] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [MD5.C66557728011B83C4FFAE7DD022F99DA] [APT] [Norton WSC Integration] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [163944] [MD5.95E0514907B680814073BB945DDB800B] [APT] [softwareUpdateTaskMachineCore] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore [MD5.95E0514907B680814073BB945DDB800B] [APT] [softwareUpdateTaskMachineUA] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984] [MD5.829AD42B9B9E3F589DAA30ACCAB76214] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [524192] [MD5.829AD42B9B9E3F589DAA30ACCAB76214] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [524192] [MD5.70240BB9753DC1C9A66D6F37344B3957] [APT] [update Check] (.Hewlett-Packard Company.) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [590752] [MD5.9F2EC6FD16C94344BB7B7A455891827D] [APT] [WarrantyChecker] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1209248] [MD5.7720251986778B402978761589434491] [APT] [Norton Error Analyzer] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [54096] [MD5.7720251986778B402978761589434491] [APT] [Norton Error Processor] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [54096] ~ Scheduled Task: 31 Scanned in 00mn 06s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll ~ Active Setup: 9 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\Drivers\aswrdr2.sys O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys ~ Drivers: 36 Scanned in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: 7 Wonders II - (.WildTangent.) [HKLM][64Bits] -- WTA-b580a5d0-d757-493e-a771-5790ffbd06d4 O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player O42 - Logiciel: Aloha TriPeaks - (.WildTangent.) [HKLM][64Bits] -- WTA-1af3ded9-d4e4-4c00-b121-ab31a7e4bee8 O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {46F044A5-CE8B-4196-984E-5BD6525E361D} O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc O42 - Logiciel: Armagetron Advanced 0.2.8.3.2 - (.Armagetron Advanced Team.) [HKLM][64Bits] -- Armagetron Advanced O42 - Logiciel: Audacity 2.0.5 - (.Audacity Team.) [HKLM][64Bits] -- Audacity_is1 O42 - Logiciel: Bejeweled 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-b8206883-ac6f-41b7-ad6e-3e015a50502e O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {CA2B24FD-EE10-42B9-B049-AA80268E7E21} =>Adware.Boxore O42 - Logiciel: Build-a-lot 4 - Power Source - (.WildTangent.) [HKLM][64Bits] -- WTA-ab633024-8553-452d-96bd-085dcac291d7 O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-4be72924-8458-478d-b1b6-15ec2eb069c3 O42 - Logiciel: Connected Music powered by Universal Music Group version 1.0 - (.Snowite.) [HKLM][64Bits] -- {46037DC7-F927-46DF-935F-D6F122BDD34B}_is1 O42 - Logiciel: Cradle of Rome 2 - (.WildTangent.) [HKLM][64Bits] -- WTA-659d86bf-becb-49b3-a0cf-c9c7bcfca012 O42 - Logiciel: Crazy Chicken Soccer - (.WildTangent.) [HKLM][64Bits] -- WTA-94ed8ce0-3301-4350-92c0-139eb9fe5ff7 O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79} O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1fD-4101-A42B-0C564F9E8E79} O42 - Logiciel: CyberLink PhotoDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A} O42 - Logiciel: CyberLink PhotoDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {4862344A-A39C-4897-ACD4-A1BED5163C5A} O42 - Logiciel: CyberLink PowerDVD - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B} O42 - Logiciel: CyberLink PowerDVD - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B} O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32} O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {B0B4F6D2-F2AE-451A-9496-6F2F6A897B32} O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: Energy Star - (.Hewlett-Packard.) [HKLM][64Bits] -- {0FA995CC-C849-4755-B14B-5404CC75DC24} O42 - Logiciel: Farm Frenzy - (.WildTangent.) [HKLM][64Bits] -- WTA-d2174b67-76f8-442d-bc9b-3855b245818f O42 - Logiciel: Final Drive Fury - (.WildTangent.) [HKLM][64Bits] -- WTA-b7591a36-7656-461f-8e47-3608f3f0f4cc O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {192A227B-A8C8-4C6D-B939-21FAEB007E1E} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Governor of Poker 2 Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-5e486fb9-693e-4c8f-9766-22e6a946a7d9 O42 - Logiciel: HP 3D DriveGuard - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {01BA2999-D426-422B-AD01-9937288E55F9} O42 - Logiciel: HP Connected Music (Meridian - installer) - (.Meridian Audio Ltd.) [HKLM][64Bits] -- StartHPConnectedMusic O42 - Logiciel: HP CoolSense - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {16B7BDA1-B967-4D2D-8B27-E12727C28350} O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544} O42 - Logiciel: HP Documentation - (.Hewlett-Packard.) [HKLM][64Bits] -- {D044EBE7-94E7-4C49-90FC-9069E3F374E1} O42 - Logiciel: HP Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent hp Master Uninstall O42 - Logiciel: HP Postscript Converter - (.Hewlett-Packard.) [HKLM][64Bits] -- {6E14E6D6-3175-4E1A-B934-CAB5A86367CD} O42 - Logiciel: HP Quick Launch - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {609B11CC-8CED-4116-AD8A-A72168894D39} O42 - Logiciel: HP Recovery Manager - (.Hewlett-Packard.) [HKLM][64Bits] -- {528AB81B-D65A-4AB0-A2B6-82B51A087D01} O42 - Logiciel: HP Registration Service - (.Hewlett-Packard.) [HKLM][64Bits] -- {E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA} O42 - Logiciel: HP Software Framework - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {1D9458B5-414A-419E-824B-5F8AA148884E} O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {B8019B54-F9BE-490A-9619-6D06F18F129F} =>.Hewlett-Packard Co O42 - Logiciel: HP Utility Center - (.Hewlett-Packard.) [HKLM][64Bits] -- {0C57987A-A03A-4B95-A309-D23F78F406CA} O42 - Logiciel: HP Wireless Button Driver - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {941DE69D-6CEE-4171-8F1F-3D7E352AA498} O42 - Logiciel: Hewlett-Packard ACLM.NET v1.2.0.0 - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F} O42 - Logiciel: IDT Audio - (.IDT.) [HKLM][64Bits] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001} O42 - Logiciel: Intel® Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} O42 - Logiciel: Intel® Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} O42 - Logiciel: Intel® SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B} O42 - Logiciel: Java 6 Update 20 - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216020FF} O42 - Logiciel: Jeux WildTangent - (.WildTangent.) [HKLM][64Bits] -- WildTangent wildgames Master Uninstall O42 - Logiciel: Jewel Match 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-c6924c67-e5af-4227-a86f-432467e46b33 O42 - Logiciel: Jewel Quest II - (.WildTangent.) [HKLM][64Bits] -- WTA-76879604-c041-4d4d-a657-eb9f55424f20 O42 - Logiciel: Jewel Quest Solitaire 2 - (.WildTangent.) [HKLM][64Bits] -- WTA-60fbd713-3998-49a6-b3b9-a1ab06c3b260 O42 - Logiciel: LyricsMonkey-15 - (.knaShoel.) [HKLM][64Bits] -- LyricsMonkey-15 =>Adware.AddLyrics O42 - Logiciel: M-Audio FastTrackPro Driver 6.0.7 (x64) - (.M-Audio.) [HKLM][64Bits] -- {73089240-023C-11E0-9AE3-2BA1DFD72085} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: Mahjongg Artifacts - (.WildTangent.) [HKLM][64Bits] -- WTA-17cff04e-dc4a-4fb1-88e3-19330e88bd0c O42 - Logiciel: MyPC Backup - (.MyPC Backup.) [HKLM][64Bits] -- MyPC Backup =>PUP.MyPCBackup O42 - Logiciel: Mystery of Mortlake Mansion - (.WildTangent.) [HKLM][64Bits] -- WTA-fd6dd22a-08de-4df8-8436-c88a8a617ec9 O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM][64Bits] -- NIS O42 - Logiciel: OpenOffice.org 3.2 - (.OpenOffice.org.) [HKLM][64Bits] -- {266517E6-D866-439D-919C-B8B1A52E6080} O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WTA-f56c0d32-46dd-4ef4-a74a-5520690e5f7c O42 - Logiciel: Qualcomm Atheros Driver Installation Program - (.Qualcomm Atheros.) [HKLM][64Bits] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7} O42 - Logiciel: Ranch Rush 2 - Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-4b672fbb-c511-418b-9608-cdb2d00d6076 O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Realtek PCIE Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {C1594429-8296-4652-BF54-9DBE4932A44C} O42 - Logiciel: Spotify - (.Spotify AB.) [HKCU][64Bits] -- Spotify O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey O42 - Logiciel: Trinklit Supreme - (.WildTangent.) [HKLM][64Bits] -- WTA-ac87ae2a-f152-4fb4-8456-dc3224791c31 O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App O42 - Logiciel: Virtual Families - (.WildTangent.) [HKLM][64Bits] -- WTA-48c40b80-a6e1-471b-8f66-76831a36f436 O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM][64Bits] -- WTA-f7b8a4db-0d94-4d3a-a7e4-391f861ea22c O42 - Logiciel: WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp O42 - Logiciel: Wsys Control 10.2.1.2652 - (.Wsys Co., Ltd..) [HKLM][64Bits] -- WsysControl =>PUP.eSafeSecurity O42 - Logiciel: Zuma's Revenge - (.WildTangent.) [HKLM][64Bits] -- WTA-bd4be9fe-69c5-4928-8950-a287ef899e78 O42 - Logiciel: avast! Free Antivirus v8.0.1489.0 - (.AVAST Software.) [HKLM][64Bits] -- avast O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {A535111D-95C8-487F-869E-CE4C239972D2} O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} ~ Logic: 156 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\AVAST Software] [HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider [HKCU\Software\AppDataLow\Software\LyricsMonkey-15] =>Adware.AddLyrics [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Audacity] [HKCU\Software\Boxore] =>Adware.Boxore [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CyberLink] [HKCU\Software\Google] [HKCU\Software\Hewlett-Packard] [HKCU\Software\InstalledThirdPartyPrograms] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\M-Audio] [HKCU\Software\Macromedia] [HKCU\Software\Mine] [HKCU\Software\MozillaPlugins] [HKCU\Software\Netscape] [HKCU\Software\Norton] [HKCU\Software\OpenOffice.org] [HKCU\Software\Policies] [HKCU\Software\RegisteredApplications] [HKCU\Software\Software] [HKCU\Software\Symantec] [HKCU\Software\Synaptics] [HKCU\Software\Wow6432Node] [HKCU\Software\ZebHelpProcess Helper] [HKLM\Software\ASIO] [HKLM\Software\ATI Technologies] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\Dolby] [HKLM\Software\GEAR Software] [HKLM\Software\HPQ] [HKLM\Software\Hewlett-Packard] [HKLM\Software\IDT] [HKLM\Software\InstalledOptions] [HKLM\Software\InstalledThirdPartyPrograms] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\M-Audio] [HKLM\Software\Macromedia] [HKLM\Software\Norton] [HKLM\Software\ODBC] [HKLM\Software\Policies] [HKLM\Software\RTLSetup] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\Symantec] [HKLM\Software\Synaptics] [HKLM\Software\Wow6432Node\ASIO] [HKLM\Software\Wow6432Node\AVAST Software] [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\AppDataLow] [HKLM\Software\Wow6432Node\Apple Computer, Inc.] [HKLM\Software\Wow6432Node\Apple Inc.] [HKLM\Software\Wow6432Node\Atheros] [HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore [HKLM\Software\Wow6432Node\Caphyon] [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\CyberLink] [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\Hewlett-Packard] [HKLM\Software\Wow6432Node\IDT] [HKLM\Software\Wow6432Node\Insyde] [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\JavaSoft] [HKLM\Software\Wow6432Node\JreMetrics] [HKLM\Software\Wow6432Node\Khronos] [HKLM\Software\Wow6432Node\Lake] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\Norton] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\OpenOffice.org] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\Qualcomm Atheros] [HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.] [HKLM\Software\Wow6432Node\Realtek] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\Software] [HKLM\Software\Wow6432Node\Sun Microsystems] [HKLM\Software\Wow6432Node\Symantec] [HKLM\Software\Wow6432Node\WildTangent] [HKLM\Software\Wow6432Node\eSafeSecControl] =>PUP.eSafeSecurity [HKLM\Software\Wow6432Node\omiga-plusSoftware] [HKLM\Software\Wow6432Node] ~ Key Software: 172 Scanned in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 19/10/2013 - 23:32:47 - [2,316] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc O43 - CFD: 06/11/2013 - 22:08:28 - [45,734] ----D C:\Program Files (x86)\Audacity O43 - CFD: 04/10/2012 - 14:23:39 - [0,602] ----D C:\Program Files (x86)\Bonjour O43 - CFD: 06/11/2013 - 20:40:27 - [1,791] ----D C:\Program Files (x86)\Boxore =>Adware.Boxore O43 - CFD: 19/10/2013 - 23:32:02 - [156,710] ----D C:\Program Files (x86)\Common Files O43 - CFD: 17/08/2012 - 17:39:57 - [2,557] ----D C:\Program Files (x86)\Connected Music powered by Universal Music Group O43 - CFD: 04/10/2012 - 14:45:07 - [-2034,481] ----D C:\Program Files (x86)\CyberLink O43 - CFD: 01/06/2013 - 01:26:10 - [486,779] ----D C:\Program Files (x86)\Google O43 - CFD: 28/03/2013 - 18:31:10 - [360,840] ----D C:\Program Files (x86)\Hewlett-Packard O43 - CFD: 17/08/2012 - 17:49:29 - [781,712] ----D C:\Program Files (x86)\HP Games O43 - CFD: 17/08/2012 - 17:39:51 - [0,671] ----D C:\Program Files (x86)\HPConnectedMusic O43 - CFD: 04/10/2012 - 14:42:51 - [158,107] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 04/10/2012 - 14:19:33 - [136,797] ----D C:\Program Files (x86)\Intel O43 - CFD: 14/10/2013 - 17:36:21 - [4,623] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 25/10/2013 - 17:26:03 - [174,677] ----D C:\Program Files (x86)\iTunes O43 - CFD: 19/10/2013 - 15:08:36 - [86,366] ----D C:\Program Files (x86)\Java O43 - CFD: 19/10/2013 - 15:11:46 - [15,541] ----D C:\Program Files (x86)\JRE O43 - CFD: 06/11/2013 - 22:08:28 - [2,867] ----D C:\Program Files (x86)\LyricsMonkey-15 =>Adware.AddLyrics O43 - CFD: 17/08/2012 - 17:31:29 - [6,085] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 17/08/2012 - 17:35:46 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 26/07/2012 - 09:12:59 - [0,023] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 03/08/2012 - 23:37:58 - [0,025] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 06/11/2013 - 22:08:28 - [27,154] ----D C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup O43 - CFD: 04/10/2012 - 14:53:15 - [366,877] ----D C:\Program Files (x86)\Norton Internet Security O43 - CFD: 04/10/2012 - 14:52:34 - [20,860] ----D C:\Program Files (x86)\NortonInstaller O43 - CFD: 26/03/2013 - 23:32:24 - [1,567] R---D C:\Program Files (x86)\Online Services O43 - CFD: 19/10/2013 - 15:11:41 - [370,139] ----D C:\Program Files (x86)\OpenOffice.org 3 O43 - CFD: 04/10/2012 - 14:24:23 - [3,873] ----D C:\Program Files (x86)\Qualcomm Atheros O43 - CFD: 04/10/2012 - 14:22:21 - [30,560] ----D C:\Program Files (x86)\Realtek O43 - CFD: 03/08/2012 - 23:37:58 - [36,536] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 06/11/2013 - 20:38:57 - [5,214] ----D C:\Program Files (x86)\Software O43 - CFD: 04/10/2012 - 14:54:40 - [2,444] ----D C:\Program Files (x86)\SymSilent O43 - CFD: 17/08/2012 - 17:49:15 - [0,441] ----D C:\Program Files (x86)\WildGames O43 - CFD: 17/08/2012 - 17:49:28 - [15,705] ----D C:\Program Files (x86)\WildTangent Games O43 - CFD: 28/09/2013 - 21:41:13 - [1,038] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 17/08/2012 - 17:36:07 - [98,217] ----D C:\Program Files (x86)\Windows Live O43 - CFD: 27/03/2013 - 23:18:00 - [5,466] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 05/04/2013 - 15:13:48 - [3,494] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 26/07/2012 - 09:12:59 - [7,243] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 22/09/2013 - 21:13:39 - [5,226] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 26/07/2012 - 09:12:59 - [0] -SH-D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 06/11/2013 - 22:25:21 - [17,077] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman O43 - CFD: 25/10/2013 - 17:25:01 - [96,844] ----D C:\Program Files (x86)\Common Files\Apple O43 - CFD: 04/10/2012 - 14:16:55 - [13,438] ----D C:\Program Files (x86)\Common Files\Intel O43 - CFD: 19/10/2013 - 15:09:26 - [1,175] ----D C:\Program Files (x86)\Common Files\Java O43 - CFD: 01/04/2013 - 19:39:55 - [33,649] ----D C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 17/08/2012 - 17:28:39 - [1,416] ----D C:\Program Files (x86)\Common Files\Nikon O43 - CFD: 04/10/2012 - 14:18:01 - [0,185] ----D C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 26/07/2012 - 09:13:01 - [0,003] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 27/03/2013 - 00:32:10 - [0,595] ----D C:\Program Files (x86)\Common Files\Symantec Shared O43 - CFD: 27/03/2013 - 23:17:59 - [9,406] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 17/08/2012 - 17:34:53 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 25/10/2013 - 17:26:05 - [2,774] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 O43 - CFD: 06/11/2013 - 20:31:13 - [0] ----D C:\ProgramData\Adobe O43 - CFD: 19/10/2013 - 23:32:34 - [36,786] ----D C:\ProgramData\Apple O43 - CFD: 25/10/2013 - 17:24:59 - [64,707] ----D C:\ProgramData\Apple Computer O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Application Data O43 - CFD: 26/03/2013 - 23:54:42 - [0] ----D C:\ProgramData\Armagetron O43 - CFD: 01/06/2013 - 01:22:47 - [19,391] ----D C:\ProgramData\AVAST Software O43 - CFD: 06/11/2013 - 22:08:22 - [0,169] ----D C:\ProgramData\BoxUpdChk =>Adware.Boxore O43 - CFD: 26/03/2013 - 20:59:03 - [0] -SH-D C:\ProgramData\Bureau O43 - CFD: 06/11/2013 - 19:53:04 - [0,014] ----D C:\ProgramData\CyberLink O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Desktop O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Documents O43 - CFD: 06/11/2013 - 22:08:22 - [1,637] ----D C:\ProgramData\eSafe =>PUP.eSafeSecurity O43 - CFD: 04/10/2012 - 14:58:59 - [122,700] ----D C:\ProgramData\Hewlett-Packard O43 - CFD: 04/10/2012 - 14:32:26 - [0,058] ----D C:\ProgramData\install_clap O43 - CFD: 04/10/2012 - 14:19:36 - [0,028] ----D C:\ProgramData\Intel O43 - CFD: 26/03/2013 - 20:59:03 - [0] -SH-D C:\ProgramData\Menu Démarrer O43 - CFD: 28/03/2013 - 07:42:03 - [1929,517] -S--D C:\ProgramData\Microsoft O43 - CFD: 26/03/2013 - 20:59:03 - [0] -SH-D C:\ProgramData\Modèles O43 - CFD: 26/03/2013 - 23:56:17 - [317,810] ----D C:\ProgramData\Norton O43 - CFD: 04/10/2012 - 14:52:34 - [3,795] ----D C:\ProgramData\NortonInstaller O43 - CFD: 01/04/2013 - 19:49:30 - [0,048] ----D C:\ProgramData\PRICache O43 - CFD: 04/10/2012 - 14:24:18 - [0,022] ----D C:\ProgramData\Qualcomm Atheros O43 - CFD: 05/10/2012 - 00:10:12 - [0,001] ----D C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Start Menu O43 - CFD: 19/10/2013 - 15:09:29 - [0] ----D C:\ProgramData\Sun O43 - CFD: 04/10/2012 - 14:27:54 - [0,002] ----D C:\ProgramData\Synaptics O43 - CFD: 04/10/2012 - 14:42:54 - [1,428] ----D C:\ProgramData\Temp O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Templates O43 - CFD: 07/04/2013 - 17:45:04 - [-814,991] ----D C:\ProgramData\WildTangent O43 - CFD: 17/08/2012 - 17:41:01 - [43,928] ----D C:\ProgramData\{BE4DD016-EE56-4AC8-9832-69281423A3D4} O43 - CFD: 26/03/2013 - 23:32:27 - [0] ----D C:\Users\Anto\AppData\Roaming\Adobe O43 - CFD: 25/10/2013 - 17:32:01 - [2,510] ----D C:\Users\Anto\AppData\Roaming\Apple Computer O43 - CFD: 26/03/2013 - 23:59:32 - [0,677] ----D C:\Users\Anto\AppData\Roaming\Armagetron O43 - CFD: 06/11/2013 - 22:08:18 - [0,002] ----D C:\Users\Anto\AppData\Roaming\Audacity O43 - CFD: 06/11/2013 - 19:52:44 - [0] ----D C:\Users\Anto\AppData\Roaming\CyberLink O43 - CFD: 28/03/2013 - 18:28:46 - [0,004] ----D C:\Users\Anto\AppData\Roaming\Hewlett-Packard O43 - CFD: 27/03/2013 - 19:09:20 - [0] ----D C:\Users\Anto\AppData\Roaming\hpqlog O43 - CFD: 30/03/2013 - 05:26:57 - [0] ----D C:\Users\Anto\AppData\Roaming\Identities O43 - CFD: 26/03/2013 - 23:40:16 - [0] ----D C:\Users\Anto\AppData\Roaming\Macromedia O43 - CFD: 07/10/2013 - 17:35:51 - [4,723] -S--D C:\Users\Anto\AppData\Roaming\Microsoft O43 - CFD: 20/10/2013 - 13:20:35 - [2,276] ----D C:\Users\Anto\AppData\Roaming\OpenOffice.org O43 - CFD: 06/11/2013 - 22:21:41 - [68,675] ----D C:\Users\Anto\AppData\Roaming\Spotify O43 - CFD: 26/03/2013 - 23:29:55 - [0] ----D C:\Users\Anto\AppData\Roaming\Synaptics O43 - CFD: 07/04/2013 - 17:45:06 - [0,022] ----D C:\Users\Anto\AppData\Roaming\WildTangent O43 - CFD: 06/11/2013 - 22:28:25 - [0,016] ----D C:\Users\Anto\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 19/10/2013 - 23:32:49 - [0] ----D C:\Users\Anto\AppData\Local\Apple O43 - CFD: 25/10/2013 - 17:26:22 - [10,161] ----D C:\Users\Anto\AppData\Local\Apple Computer O43 - CFD: 26/03/2013 - 23:28:35 - [0] -SH-D C:\Users\Anto\AppData\Local\Application Data O43 - CFD: 26/03/2013 - 23:42:26 - [1,557] ----D C:\Users\Anto\AppData\Local\Apps O43 - CFD: 02/11/2013 - 00:37:42 - [31,074] ----D C:\Users\Anto\AppData\Local\CrashDumps O43 - CFD: 06/11/2013 - 19:52:42 - [0,005] ----D C:\Users\Anto\AppData\Local\CyberLink O43 - CFD: 26/03/2013 - 23:42:47 - [0] ----D C:\Users\Anto\AppData\Local\Deployment O43 - CFD: 01/06/2013 - 01:26:12 - [727,890] ----D C:\Users\Anto\AppData\Local\Google O43 - CFD: 06/11/2013 - 22:08:21 - [0,010] ----D C:\Users\Anto\AppData\Local\Hewlett-Packard O43 - CFD: 26/03/2013 - 23:28:35 - [0] -SH-D C:\Users\Anto\AppData\Local\Historique O43 - CFD: 06/04/2013 - 02:09:21 - [139,925] ----D C:\Users\Anto\AppData\Local\Microsoft O43 - CFD: 01/04/2013 - 19:49:34 - [102,767] ----D C:\Users\Anto\AppData\Local\Packages O43 - CFD: 29/10/2013 - 20:32:57 - [0] ----D C:\Users\Anto\AppData\Local\Programs O43 - CFD: 06/11/2013 - 20:38:57 - [0] ----D C:\Users\Anto\AppData\Local\Software O43 - CFD: 05/11/2013 - 22:28:22 - [1516,690] ----D C:\Users\Anto\AppData\Local\Spotify O43 - CFD: 06/11/2013 - 22:25:01 - [101,666] ----D C:\Users\Anto\AppData\Local\Temp O43 - CFD: 26/03/2013 - 23:28:35 - [0] -SH-D C:\Users\Anto\AppData\Local\Temporary Internet Files O43 - CFD: 26/03/2013 - 23:29:13 - [0] ----D C:\Users\Anto\AppData\Local\VirtualStore O43 - CFD: 26/07/2012 - 09:13:00 - [0,004] R---D C:\Users\Anto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 26/07/2012 - 09:13:00 - [0,001] R---D C:\Users\Anto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 14/10/2013 - 20:26:44 - [0] R---D C:\Users\Anto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 26/07/2012 - 09:13:00 - [0] ----D C:\Users\Anto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 06/11/2013 - 22:08:17 - [0,002] ----D C:\Users\Anto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup =>PUP.MyPCBackup O43 - CFD: 06/11/2013 - 22:08:17 - [0,002] R---D C:\Users\Anto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 26/07/2012 - 09:13:00 - [0,005] R---D C:\Users\Anto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools ~ Program Folder: 125 Scanned in 00mn 37s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.655204BFF0F202D9C736357705E30CEF] - 04/11/2013 - 22:21:44 ---A- . (...) -- C:\Windows\PFRO.log [14482] O44 - LFC:[MD5.ABA620DABE3C568D9B2114804215B4F0] - 06/11/2013 - 22:11:29 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.7D87F5E252FC50EF9277FCDD44EFADE5] - 06/11/2013 - 22:17:33 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1994298] O44 - LFC:[MD5.39D945D76A1EEB23F1D86E5DB2349EF7] - 06/11/2013 - 22:17:33 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [158234] O44 - LFC:[MD5.75E08AD02A7F6A8FAB82B7FBF86F8E61] - 06/11/2013 - 22:17:33 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [188148] O44 - LFC:[MD5.5833AB229C304074E7A6B55089346797] - 06/11/2013 - 22:17:33 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [774720] O44 - LFC:[MD5.D376A3DA5CA6A999D87A629F5AFE2BFE] - 06/11/2013 - 22:17:33 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [874848] O44 - LFC:[MD5.7D87F5E252FC50EF9277FCDD44EFADE5] - 06/11/2013 - 22:17:33 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1994298] O44 - LFC:[MD5.39D945D76A1EEB23F1D86E5DB2349EF7] - 06/11/2013 - 22:17:33 ---A- . (...) -- C:\Windows\System32\perfc009.dat [158234] O44 - LFC:[MD5.75E08AD02A7F6A8FAB82B7FBF86F8E61] - 06/11/2013 - 22:17:33 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [188148] O44 - LFC:[MD5.5833AB229C304074E7A6B55089346797] - 06/11/2013 - 22:17:33 ---A- . (...) -- C:\Windows\System32\perfh009.dat [774720] O44 - LFC:[MD5.D376A3DA5CA6A999D87A629F5AFE2BFE] - 06/11/2013 - 22:17:33 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [874848] O44 - LFC:[MD5.51B7BB97DCFB12C9492DB2A50B7E5DE8] - 06/11/2013 - 22:28:48 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1436519] O44 - LFC:[MD5.8E98D21EE06192492A5671A6144D092F] - 25/10/2013 - 17:26:09 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/10/2013 - 17:30:22 --HA- . (...) -- C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf [0] O44 - LFC:[MD5.E788F5EBA896FF242A602D604DC72F17] - 29/10/2013 - 21:32:27 ---A- . (...) -- C:\Windows\setupact.log [42145] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 31/10/2013 - 13:01:53 ---A- . (...) -- C:\Windows\SysNative\HP_ActiveX_Patch_NOT_DETECTED.txt [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 31/10/2013 - 13:01:53 ---A- . (...) -- C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt [0] ~ Files: 18 Scanned in 00mn 35s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.AB401F7D83ACBC5E23BCA6BE6465C527] - 01/11/2013 - 13:05:55 ---A- - C:\Windows\Prefetch\DSMUSERTASK.EXE-D4A83970.pf O45 - LFCP:[MD5.97F9EDBCAF69589C98BCFEAC6FF04D5D] - 01/11/2013 - 13:06:09 ---A- - C:\Windows\Prefetch\SOFTWAREUPDATE.EXE-2ED64A89.pf O45 - LFCP:[MD5.674AB3C8A0FCC85E2DB94B176A7AAB50] - 01/11/2013 - 13:06:11 ---A- - C:\Windows\Prefetch\ITUNES.EXE-07AC1693.pf O45 - LFCP:[MD5.EE9AA5E04E0ACCBAFCB245144BDFF432] - 01/11/2013 - 14:43:52 ---A- - C:\Windows\Prefetch\MSPAINT.EXE-512C7E1E.pf O45 - LFCP:[MD5.7414F23336AF5E6F4EAAC57FE677E91C] - 02/11/2013 - 15:53:48 ---A- - C:\Windows\Prefetch\ARMAGETRONAD.EXE-3014A8F0.pf O45 - LFCP:[MD5.B53F94D0694A6841B1C3A299E237D1B7] - 04/11/2013 - 22:21:22 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-39AABA37.pf O45 - LFCP:[MD5.FDB7105B825845796ED3A96B4818F197] - 04/11/2013 - 22:23:36 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf O45 - LFCP:[MD5.FEEDB42DB483DDA2B86595B90761D2CF] - 04/11/2013 - 22:24:04 ---A- - C:\Windows\Prefetch\SPOTIFY.EXE-00A2CD2D.pf O45 - LFCP:[MD5.FA6F59A6673FC81207C8C6F5D83E5600] - 04/11/2013 - 22:24:30 ---A- - C:\Windows\Prefetch\AgCx_SC4.db O45 - LFCP:[MD5.9826A9A0C78FF24D025916324145895D] - 05/11/2013 - 03:00:11 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-3C5D03F7.pf O45 - LFCP:[MD5.79F13659198A95B571085070A768B3AF] - 05/11/2013 - 03:00:14 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-D593A5D9.pf O45 - LFCP:[MD5.35555618E8DA4A0F45F5D4C66EECA647] - 05/11/2013 - 03:00:14 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-4DB88ADA.pf O45 - LFCP:[MD5.20507F15DD6CFC8043ACC1DDC77C5C65] - 05/11/2013 - 03:00:14 ---A- - C:\Windows\Prefetch\NGENTASK.EXE-CD4E002C.pf O45 - LFCP:[MD5.F3CA5CA9A07273E88FD38A47DFA68CC4] - 05/11/2013 - 03:00:15 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-55FE3087.pf O45 - LFCP:[MD5.2E7899CA8FB3C92633C5794942798A32] - 05/11/2013 - 22:40:02 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5511E724.pf O45 - LFCP:[MD5.0D040CE0087A7661D6306192470C58F4] - 05/11/2013 - 22:49:50 ---A- - C:\Windows\Prefetch\dynreservedpri.db O45 - LFCP:[MD5.0163B5EF4E504CEC3A918294631FED30] - 05/11/2013 - 22:50:59 ---A- - C:\Windows\Prefetch\GTA_SA.EXE-A9E8EC9E.pf O45 - LFCP:[MD5.356E8FF360521C1B280E316E90358E45] - 06/11/2013 - 07:31:05 ---A- - C:\Windows\Prefetch\TASKHOSTEX.EXE-7356AAC0.pf O45 - LFCP:[MD5.2B5C727A147BD824C685235E705F0CAE] - 06/11/2013 - 07:31:14 ---A- - C:\Windows\Prefetch\SETTINGSYNCHOST.EXE-DD400067.pf O45 - LFCP:[MD5.55C9187B2BB2E4013317D890BD398DE2] - 06/11/2013 - 20:05:39 ---A- - C:\Windows\Prefetch\YOUCAM_WEBCAM_CAMERA_VIDEO.EX-51E3F77E.pf O45 - LFCP:[MD5.EBCEFA6DCC17B7A46F5E824F22065275] - 06/11/2013 - 20:05:41 ---A- - C:\Windows\Prefetch\RICHVI~1.EXE-61E02F36.pf O45 - LFCP:[MD5.B3E7B778B8CFE782B769D1317D7187E5] - 06/11/2013 - 20:05:58 ---A- - C:\Windows\Prefetch\CLUPDATER.EXE-62E47E7F.pf O45 - LFCP:[MD5.887B9B49DA078335F9EA7033326FC92E] - 06/11/2013 - 20:19:33 ---A- - C:\Windows\Prefetch\INSTALL_FLASHPLAYER11X32_MSSD-5A21FC85.pf O45 - LFCP:[MD5.6CF7333D6AC058BFB2125BF0139911B2] - 06/11/2013 - 20:33:42 ---A- - C:\Windows\Prefetch\VCREDIST_X64.EXE-4AC0DFE6.pf O45 - LFCP:[MD5.8FC07C13A11B9EB8E7EEA34E950F5B9D] - 06/11/2013 - 20:34:09 ---A- - C:\Windows\Prefetch\TASKKILL.EXE-3D8A2F61.pf O45 - LFCP:[MD5.944732F4624729790E07DA94DB6D4D81] - 06/11/2013 - 20:36:14 ---A- - C:\Windows\Prefetch\CLTRT.EXE-CE1303C7.pf O45 - LFCP:[MD5.CB23D7A6060A1BF7C6C18B1E57F4B99A] - 06/11/2013 - 20:36:32 ---A- - C:\Windows\Prefetch\BAOFENG.EXE-8CEF2C7F.pf O45 - LFCP:[MD5.6130F0A5AE68D7FE6C58B6E6A48D60EF] - 06/11/2013 - 20:36:47 ---A- - C:\Windows\Prefetch\EGDPSVC.EXE-F16FB9B3.pf O45 - LFCP:[MD5.528DB3BE78FCE42CFB4651B7C5FA4CC5] - 06/11/2013 - 20:40:30 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-BAE57A74.pf O45 - LFCP:[MD5.2335F122CF1C2C599B875C14E7C2C74D] - 06/11/2013 - 20:40:57 ---A- - C:\Windows\Prefetch\WAJAM_DOWNLOAD.EXE-ADCCD430.pf =>Toolbar.Wajam O45 - LFCP:[MD5.CBFD3D8526954D5DE74E9E6023C8B59E] - 06/11/2013 - 21:03:41 ---A- - C:\Windows\Prefetch\Layout.ini O45 - LFCP:[MD5.BED49DEEACCEBED2A310EF5C231269FB] - 06/11/2013 - 21:13:20 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx O45 - LFCP:[MD5.5792654032F5786F060EEA1F1836E400] - 06/11/2013 - 21:13:48 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6AA5D6C5.pf O45 - LFCP:[MD5.F2AC3C614D50F7CEDF83D9BCB4A92777] - 06/11/2013 - 21:14:20 ---A- - C:\Windows\Prefetch\AgCx_SC1.db O45 - LFCP:[MD5.0A93D344759491C4607BE7AFF1745B07] - 06/11/2013 - 21:17:21 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4227430698-2437772651-996475901-1003.db O45 - LFCP:[MD5.929DAA0203E9922603C86F016DF04E6A] - 06/11/2013 - 21:17:21 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-4227430698-2437772651-996475901-1003.db O45 - LFCP:[MD5.4E1B0A1E80FCDFA693E94897F6B6B641] - 06/11/2013 - 21:17:33 ---A- - C:\Windows\Prefetch\AVAST.SETUP-50B30900.pf O45 - LFCP:[MD5.8CDC95421D61FE94413AAA13CEA8FC01] - 06/11/2013 - 21:17:49 ---A- - C:\Windows\Prefetch\AVBUGREPORT.EXE-E4EA699E.pf O45 - LFCP:[MD5.6A4D62F03BCBF95F46F6FA020D533ADA] - 06/11/2013 - 21:30:58 ---A- - C:\Windows\Prefetch\ASOELNCH.EXE-186E13A3.pf O45 - LFCP:[MD5.02044CD35F2664D48DD6A95204349429] - 06/11/2013 - 21:46:12 ---A- - C:\Windows\Prefetch\SYSTEMPROPERTIESPROTECTION.EX-9E926287.pf O45 - LFCP:[MD5.65F59835907E9831D835AA00053F5C90] - 06/11/2013 - 21:47:05 ---A- - C:\Windows\Prefetch\WBENGINE.EXE-86775975.pf O45 - LFCP:[MD5.D10207D05C26F95D9ED79541F61E05B4] - 06/11/2013 - 21:48:56 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-A1396DE2.pf O45 - LFCP:[MD5.497D05E340987CD347F3DC543B5A7A39] - 06/11/2013 - 21:49:02 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-44194444.pf O45 - LFCP:[MD5.500A40E1BC22FFF8AC87B576E8CBCE20] - 06/11/2013 - 21:49:03 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-94CE7668.pf O45 - LFCP:[MD5.85F99A96D990DC9F0CD08A153DAB1D7B] - 06/11/2013 - 21:58:31 ---A- - C:\Windows\Prefetch\LPKSETUP.EXE-EE6EE0C2.pf O45 - LFCP:[MD5.B8BBC7CC1F3D7B22B62F0251F3E0E293] - 06/11/2013 - 21:58:42 ---A- - C:\Windows\Prefetch\AVASTUI.EXE-DC11C262.pf O45 - LFCP:[MD5.1EB0A3D06F2FE13194DC29745DD889CA] - 06/11/2013 - 21:58:43 ---A- - C:\Windows\Prefetch\APSDAEMON.EXE-8C865900.pf O45 - LFCP:[MD5.7ED90B9617D84ECAA5977E47A8CB9946] - 06/11/2013 - 21:58:43 ---A- - C:\Windows\Prefetch\JUSCHED.EXE-4B303C70.pf O45 - LFCP:[MD5.931E69AB3A667F00007AFB58318A8FBC] - 06/11/2013 - 21:58:43 ---A- - C:\Windows\Prefetch\SOFFICE.EXE-7F5AFD1D.pf O45 - LFCP:[MD5.7454B1D898B2AEBDFE58C55B2CB65864] - 06/11/2013 - 21:58:45 ---A- - C:\Windows\Prefetch\AVASTEMUPDATE.EXE-0DD1597D.pf O45 - LFCP:[MD5.98F25B06CF22F637EADE38D6FBF5A47A] - 06/11/2013 - 21:58:46 ---A- - C:\Windows\Prefetch\ITUNESHELPER.EXE-722A54DB.pf O45 - LFCP:[MD5.5C150562D956E26FC78B2B62E267EFEE] - 06/11/2013 - 21:58:51 ---A- - C:\Windows\Prefetch\BOXORE.EXE-666CD123.pf =>Adware.Boxore O45 - LFCP:[MD5.57C40A39A0651296615289A30ECE3FBA] - 06/11/2013 - 21:58:54 ---A- - C:\Windows\Prefetch\SOFFICE.BIN-72E915F8.pf O45 - LFCP:[MD5.93EB56A4F3200656C1AC4EA20DB72230] - 06/11/2013 - 21:59:24 ---A- - C:\Windows\Prefetch\IPODSERVICE.EXE-AB17D83E.pf O45 - LFCP:[MD5.60E79D4D36DFBA507816F0083A0B06E7] - 06/11/2013 - 22:00:35 ---A- - C:\Windows\Prefetch\HPQWMIEX.EXE-8CE5A739.pf O45 - LFCP:[MD5.644A8E4115432BBA4860446F544F8D26] - 06/11/2013 - 22:00:46 ---A- - C:\Windows\Prefetch\CTFMON.EXE-286F3259.pf O45 - LFCP:[MD5.1E010FE593D33A0C4198754551A35E89] - 06/11/2013 - 22:01:01 ---A- - C:\Windows\Prefetch\RSTRUI.EXE-F76EBF17.pf O45 - LFCP:[MD5.3C872C9EED0144CF0D226DCE8AF9E543] - 06/11/2013 - 22:01:29 ---A- - C:\Windows\Prefetch\VDSLDR.EXE-35269815.pf O45 - LFCP:[MD5.5D8CDA8F84AD242037BED9A2F61F1113] - 06/11/2013 - 22:01:29 ---A- - C:\Windows\Prefetch\VSSVC.EXE-206E55B3.pf O45 - LFCP:[MD5.586AEA99E009D49AD5A85481C0C1A484] - 06/11/2013 - 22:01:33 ---A- - C:\Windows\Prefetch\VDS.EXE-F11BF333.pf O45 - LFCP:[MD5.A0171FA221421AAFE73D2D00BC9B0CB1] - 06/11/2013 - 22:02:41 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-E35F76FB.pf O45 - LFCP:[MD5.F8AD9A755A9E11F0F4F1EAE2BFCD5B82] - 06/11/2013 - 22:04:49 ---A- - C:\Windows\Prefetch\AgRobust.db O45 - LFCP:[MD5.B2820573AB469D510D135BB3159AE64F] - 06/11/2013 - 22:04:49 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin O45 - LFCP:[MD5.CC1654D4C41713E6B22D1666F5E04D70] - 06/11/2013 - 22:04:52 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db O45 - LFCP:[MD5.39C05A5BB0B21DC2CBB5CA400D02ACD4] - 06/11/2013 - 22:04:52 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db O45 - LFCP:[MD5.FAB93775CD37EDFB1B567BC80EBCB52F] - 06/11/2013 - 22:04:52 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db O45 - LFCP:[MD5.BF01B3B3393B52FB13D7D7C0C6E3EBDC] - 06/11/2013 - 22:12:03 ---A- - C:\Windows\Prefetch\HKCMD.EXE-15DC91D5.pf O45 - LFCP:[MD5.B5E0A82CBA69C281041C427D0B45266C] - 06/11/2013 - 22:12:03 ---A- - C:\Windows\Prefetch\IGFXPERS.EXE-82C794F2.pf O45 - LFCP:[MD5.C002124583A94355555B3FD72FAE898D] - 06/11/2013 - 22:12:03 ---A- - C:\Windows\Prefetch\IGFXTRAY.EXE-21BDFE68.pf O45 - LFCP:[MD5.E27121664EB5F893488755549121F0B2] - 06/11/2013 - 22:12:03 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-EF8503D3.pf O45 - LFCP:[MD5.22432E9FD7D7B37097B4648E2D7E07E6] - 06/11/2013 - 22:12:03 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-574A519D.pf O45 - LFCP:[MD5.492BD14CD3F05932B9FE1D2E5C214662] - 06/11/2013 - 22:12:03 ---A- - C:\Windows\Prefetch\SYNTPENH.EXE-2DD080ED.pf O45 - LFCP:[MD5.38C98723387D7770314F1D89009CB566] - 06/11/2013 - 22:12:19 ---A- - C:\Windows\Prefetch\SPOTIFYHELPER.EXE-84102D5B.pf O45 - LFCP:[MD5.933B8F83E95A4A1C6AD81AC45D9F1222] - 06/11/2013 - 22:13:15 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-62E5E10F.pf O45 - LFCP:[MD5.B66C02CED0A23021E4FA6EA4A36CD01B] - 06/11/2013 - 22:13:19 ---A- - C:\Windows\Prefetch\SOFTWAREUPDATE.EXE-39F79F3B.pf O45 - LFCP:[MD5.E48A0FD518497A0EA21409FC663FB8D5] - 06/11/2013 - 22:13:20 ---A- - C:\Windows\Prefetch\SOFTWARECRASHHANDLER.EXE-5F240164.pf O45 - LFCP:[MD5.8D2DDB5B70E1D1BE408ABC1A69499BE9] - 06/11/2013 - 22:13:22 ---A- - C:\Windows\Prefetch\SYMERR.EXE-E8E6C194.pf O45 - LFCP:[MD5.C374ECEE3793D870562156A2B17630B1] - 06/11/2013 - 22:13:26 ---A- - C:\Windows\Prefetch\HPSA_SERVICE.EXE-1776F51A.pf O45 - LFCP:[MD5.1A1BF876BA74079258FE21F8D094BF35] - 06/11/2013 - 22:13:26 ---A- - C:\Windows\Prefetch\RICONMAN.EXE-D63AD6B8.pf O45 - LFCP:[MD5.0E4AD0754DFAD0FBBFF862D5CFD5EB40] - 06/11/2013 - 22:13:27 ---A- - C:\Windows\Prefetch\INTELMEFWSERVICE.EXE-265333D9.pf O45 - LFCP:[MD5.7E004E542CD125527BA5C2B1DD095849] - 06/11/2013 - 22:13:27 ---A- - C:\Windows\Prefetch\LMS.EXE-409EDB07.pf O45 - LFCP:[MD5.FB084AD3B3A26FE713A9BF9027B5F3DF] - 06/11/2013 - 22:13:28 ---A- - C:\Windows\Prefetch\CCSVCHST.EXE-DFB7FC90.pf O45 - LFCP:[MD5.6F704A7FC88B7D7FB049D5B527B71CCC] - 06/11/2013 - 22:13:40 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-6520183E.pf O45 - LFCP:[MD5.54892B49BD7EEFE6018CC93B291C1D57] - 06/11/2013 - 22:13:41 ---A- - C:\Windows\Prefetch\CCSVCHST.EXE-DFB7FC8F.pf O45 - LFCP:[MD5.8E279F789DF152C2C77F79C9F4CABFEE] - 06/11/2013 - 22:13:41 ---A- - C:\Windows\Prefetch\WSCSTUB.EXE-4252D809.pf O45 - LFCP:[MD5.5C30F1E84F17F0399076FFBD2EFF42FA] - 06/11/2013 - 22:13:50 ---A- - C:\Windows\Prefetch\UNS.EXE-9B1279FB.pf O45 - LFCP:[MD5.2B57BA4770C1959F759948A79F4F8085] - 06/11/2013 - 22:13:58 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-13D172B9.pf O45 - LFCP:[MD5.099FB043296E9AE13C753F8470570ED9] - 06/11/2013 - 22:15:24 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-7D63BB4C.pf O45 - LFCP:[MD5.0E12AD05D9B8468DDA5F2BCA24A81EF0] - 06/11/2013 - 22:15:59 ---A- - C:\Windows\Prefetch\Op-EXPLORER.EXE-03C49D11-000000F5.pf O45 - LFCP:[MD5.9FCB87108BF2BB07B5C33B38F5E66FF1] - 06/11/2013 - 22:16:04 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C7028A70.pf O45 - LFCP:[MD5.B1FFC82B993AF70BF75025C59E87CABD] - 06/11/2013 - 22:16:15 ---A- - C:\Windows\Prefetch\DELEGATE_EXECUTE.EXE-DB697BCE.pf O45 - LFCP:[MD5.A87618B310EA7BCC610F08A6B15986CA] - 06/11/2013 - 22:17:02 ---A- - C:\Windows\Prefetch\JAVA.EXE-CE2F6437.pf O45 - LFCP:[MD5.27EF783B00E6C0B5C579DADFDFD43C75] - 06/11/2013 - 22:17:11 ---A- - C:\Windows\Prefetch\JUCHECK.EXE-3F4853CB.pf O45 - LFCP:[MD5.693F55B68CCDDEED69146D655910B2A4] - 06/11/2013 - 22:18:35 ---A- - C:\Windows\Prefetch\CLTLMH.EXE-810A302E.pf O45 - LFCP:[MD5.2B3ADB4C9F6789B761D8C79F0F56B39A] - 06/11/2013 - 22:21:25 ---A- - C:\Windows\Prefetch\IGFXSRVC.EXE-F41E6E8E.pf O45 - LFCP:[MD5.78FBC838A2ECA45284386F4E5544DF3F] - 06/11/2013 - 22:23:07 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-C6CFE2A8.pf O45 - LFCP:[MD5.A679E1E1C0F21B2A1D5F55ED19CC3425] - 06/11/2013 - 22:24:03 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-9848A323.pf O45 - LFCP:[MD5.892D909315B85EDB8D06FA3E33677247] - 06/11/2013 - 22:24:05 ---A- - C:\Windows\Prefetch\CONSENT.EXE-2D674CE4.pf O45 - LFCP:[MD5.4217DFF23F21819F97591AB3FDFFA570] - 06/11/2013 - 22:24:10 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50AF0BCC.pf O45 - LFCP:[MD5.63902F715636AC07268CA0CB97F48D29] - 06/11/2013 - 22:24:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-23205583.pf O45 - LFCP:[MD5.0DCB4A13D4E736BDE81334A95CB5F445] - 06/11/2013 - 22:24:12 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-20D5F52A.pf O45 - LFCP:[MD5.34397A6988F2DDEDF9F4AA11551924C6] - 06/11/2013 - 22:24:14 ---A- - C:\Windows\Prefetch\CSC.EXE-4D47A477.pf O45 - LFCP:[MD5.33022AB311654AEC271059F9FE68D7A8] - 06/11/2013 - 22:24:14 ---A- - C:\Windows\Prefetch\CVTRES.EXE-9077A165.pf O45 - LFCP:[MD5.0D841025E45BC8795ED0AE09CEE1FEAD] - 06/11/2013 - 22:24:15 ---A- - C:\Windows\Prefetch\HPCEE.EXE-5D942735.pf O45 - LFCP:[MD5.36EE18D2B96AA332CA56E4D4D2BB9C89] - 06/11/2013 - 22:24:15 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-6CA4EF05.pf O45 - LFCP:[MD5.7197CD89231BA66435FD3870F997908B] - 06/11/2013 - 22:24:17 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-ADFCEEEF.pf O45 - LFCP:[MD5.87A4F5DC58D8D9A4D14C2CD852D1C4B2] - 06/11/2013 - 22:24:54 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-985C34E6.pf O45 - LFCP:[MD5.87D674C543438FB4EE31C949DE604F3A] - 06/11/2013 - 22:25:04 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-38926D07.pf O45 - LFCP:[MD5.73667171736839FF8DBD912273BB84BD] - 06/11/2013 - 22:25:04 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-210D3DBE.pf O45 - LFCP:[MD5.FF2120D8346E99087CB0F2AAFF7D18BC] - 06/11/2013 - 22:25:10 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C1C2EFBE.pf O45 - LFCP:[MD5.71E96AA284E1EF06B69D3E003CDFB511] - 06/11/2013 - 22:25:13 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-10E4267C.pf O45 - LFCP:[MD5.DE4F930673575BB23D8735B2350E7683] - 06/11/2013 - 22:25:13 ---A- - C:\Windows\Prefetch\THUMBNAILEXTRACTIONHOST.EXE-C3FB8861.pf O45 - LFCP:[MD5.ED65BAD77706DCDABAF126CA9A3A0B63] - 06/11/2013 - 22:25:16 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-5F2753B1.pf O45 - LFCP:[MD5.394FC38074ED1D270C6584DEE0488759] - 06/11/2013 - 22:25:27 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-C7289479.pf O45 - LFCP:[MD5.0531B41E6951686261B7E867AEE1C323] - 06/11/2013 - 22:27:00 ---A- - C:\Windows\Prefetch\CONHOST.EXE-F98A1078.pf O45 - LFCP:[MD5.7E1122CDEEEC78FD54D5EE9F63D561E0] - 06/11/2013 - 22:27:00 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-E9FF6526.pf O45 - LFCP:[MD5.F542F994789C8B5BDA7740BDF4971F7E] - 06/11/2013 - 22:27:08 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-7B160CA5.pf O45 - LFCP:[MD5.595A13513F726B5AF23470EF63706A10] - 06/11/2013 - 22:27:08 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-0C8A533A.pf O45 - LFCP:[MD5.6DD647B10CC24D4CA96245FF9BA50893] - 06/11/2013 - 22:27:11 ---A- - C:\Windows\Prefetch\PV.EXE-D9D90B9C.pf O45 - LFCP:[MD5.3C6020C11E1B2C67D48268A4C0B76BCF] - 06/11/2013 - 22:27:15 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5B401A7E.pf O45 - LFCP:[MD5.118EE023FCDA50A87F6410E327B55218] - 06/11/2013 - 22:27:20 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-BB49B536.pf O45 - LFCP:[MD5.75F6388DEBCB7872528FBA10D2E1656A] - 06/11/2013 - 22:27:33 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-29D61DAB.pf O45 - LFCP:[MD5.F0ABEC25288EB30775FBFFAFD7DC6A16] - 06/11/2013 - 22:27:35 ---A- - C:\Windows\Prefetch\TIWORKER.EXE-375F3D59.pf O45 - LFCP:[MD5.F4570C18A7998E2FB31B562DC6FD42B5] - 06/11/2013 - 22:27:35 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-B018CCBF.pf O45 - LFCP:[MD5.52F6DAF96E6DEA7004BD6B3AB2F27D63] - 06/11/2013 - 22:27:41 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-7D20CFB0.pf O45 - LFCP:[MD5.21526E95DAD95BC9E6E16E21A31FB947] - 06/11/2013 - 22:27:43 ---A- - C:\Windows\Prefetch\CMD.EXE-2EB3E6E2.pf O45 - LFCP:[MD5.F3F60B28BAF8767CB27BCB58399586E0] - 06/11/2013 - 22:27:46 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-D08B2113.pf O45 - LFCP:[MD5.C8182D9E90F6AB317A80D3E6C26E36C8] - 06/11/2013 - 22:28:06 ---A- - C:\Windows\Prefetch\CHROME.EXE-CCF9F3F4.pf O45 - LFCP:[MD5.AF08ACBE87C20AADB9AFE72F2E116A8C] - 06/11/2013 - 22:28:25 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-0AD36442.pf O45 - LFCP:[MD5.90AAC80881D4024C8C6B4A414630D881] - 07/10/2013 - 17:36:01 ---A- - C:\Windows\Prefetch\SPEECHUXWIZ.EXE-76AD27CE.pf O45 - LFCP:[MD5.E4E7E61149A07B7D5CDA1E7502CA78A4] - 07/10/2013 - 20:35:44 ---A- - C:\Windows\Prefetch\WEBCAM.EXE-0FC158C9.pf O45 - LFCP:[MD5.5BFE0AF4880E1DF7B4BAAC62E1C0DC4B] - 10/10/2013 - 07:47:37 ---A- - C:\Windows\Prefetch\HPSAOBJUTIL7.EXE-BE8A4479.pf O45 - LFCP:[MD5.125061E2B3552F38A2EFEE8B889EF567] - 10/10/2013 - 11:46:47 ---A- - C:\Windows\Prefetch\HPPU.EXE-52E9C521.pf O45 - LFCP:[MD5.B996CF24C6BA08A5E610B2CAD252BCFF] - 10/10/2013 - 21:19:23 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-AAE490D4.pf O45 - LFCP:[MD5.1E0D4D38A9C66664797F6D8EB28A6336] - 11/10/2013 - 17:12:04 ---A- - C:\Windows\Prefetch\CLEANUPTXRLOGS.EXE-E3BABE71.pf O45 - LFCP:[MD5.794B30957885EE5683B5B52290E91437] - 14/10/2013 - 20:27:34 ---A- - C:\Windows\Prefetch\SPOTIFY_NEW.EXE-4E9945CA.pf O45 - LFCP:[MD5.5444F8C564E0215F5C8ED6E854EAF8F4] - 14/10/2013 - 21:18:03 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-917C29EF.pf O45 - LFCP:[MD5.517C647A6142D75B59960F5152CF0F4C] - 17/10/2013 - 09:09:05 ---A- - C:\Windows\Prefetch\HPSAOBJUTIL.EXE-654DEED6.pf O45 - LFCP:[MD5.7EF8E610D768F0A43264B18B68DDE53D] - 19/10/2013 - 15:09:39 ---A- - C:\Windows\Prefetch\VCREDIST_X64.EXE-D9D5C1EC.pf O45 - LFCP:[MD5.A03B19AE8E0A2022B2EED760E1DB2AC5] - 19/10/2013 - 15:09:43 ---A- - C:\Windows\Prefetch\INSTALL.EXE-CF3757CE.pf O45 - LFCP:[MD5.471C2F6E0BBA790B59422E47CDBCD489] - 22/10/2013 - 19:32:46 ---A- - C:\Windows\Prefetch\GLCND.EXE-DD45F588.pf O45 - LFCP:[MD5.086BECF9CE160D2D4A8A6FD88139C40E] - 22/10/2013 - 19:34:59 ---A- - C:\Windows\Prefetch\MSOO.EXE-C716B01E.pf O45 - LFCP:[MD5.F9A1E43324E991B7F39A6CBCD2A50C98] - 22/10/2013 - 22:46:22 ---A- - C:\Windows\Prefetch\SETUP_WM.EXE-5D2609E7.pf O45 - LFCP:[MD5.C58FAB870E605EC44EBF9176FCCBFD74] - 23/10/2013 - 09:37:01 ---A- - C:\Windows\Prefetch\X16-32697.EXE-3B3CC4B3.pf O45 - LFCP:[MD5.95499EAFC6E7AB93D01CF865798C7755] - 23/10/2013 - 09:37:21 ---A- - C:\Windows\Prefetch\SETUP.EXE-BD3F4A60.pf O45 - LFCP:[MD5.99D1A19EC0F9F2AFC1A0AE291F5D973F] - 24/10/2013 - 06:14:35 ---A- - C:\Windows\Prefetch\TASKKILL.EXE-ECD4FD3D.pf O45 - LFCP:[MD5.EDBDAC8734C5F0777BA378C175979156] - 24/10/2013 - 18:09:15 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-08E78623.pf O45 - LFCP:[MD5.A285DC73A368236CDEAC6FD0097811CA] - 25/10/2013 - 17:23:39 ---A- - C:\Windows\Prefetch\ITUNES64SETUP.EXE-DDF3E1EF.pf O45 - LFCP:[MD5.E37EF79994ECB4DA3B3CF5B92EA3E865] - 26/10/2013 - 01:06:09 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-B28CC291.pf O45 - LFCP:[MD5.1A45CB4E39A1E17E10702BD446566C3F] - 28/10/2013 - 00:56:44 ---A- - C:\Windows\Prefetch\WWAHOST.EXE-F7FB8768.pf O45 - LFCP:[MD5.8F79F16789BBE9E7F841409C14403ADC] - 29/10/2013 - 20:25:47 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-0987E158.pf O45 - LFCP:[MD5.096C39D3A05ADDDEBF534DB44341D251] - 29/10/2013 - 20:31:16 ---A- - C:\Windows\Prefetch\AgCx_S1_S-1-5-21-4227430698-2437772651-996475901-1003.snp.db O45 - LFCP:[MD5.AC152344DA9A39E3637365AF59BE497A] - 29/10/2013 - 20:33:03 ---A- - C:\Windows\Prefetch\AUDACITY-WIN-2.0.5.TMP-644F8585.pf O45 - LFCP:[MD5.A7E608B89E3CA55E0C9C010EC35F2DF8] - 29/10/2013 - 20:33:06 ---A- - C:\Windows\Prefetch\AUDACITY-WIN-2.0.5.TMP-EAC32CD6.pf O45 - LFCP:[MD5.269968F909D26B56E3B350D73EF8F4C6] - 29/10/2013 - 21:40:11 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf O45 - LFCP:[MD5.A0EB74FDA192F30CBA66C509A7C29E3E] - 29/10/2013 - 21:40:16 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf O45 - LFCP:[MD5.B1C2E01AF15C710008097A43730175F4] - 29/10/2013 - 21:48:16 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-04919305.pf O45 - LFCP:[MD5.181F2B281A76DFE4529C28ADB3BFD405] - 29/10/2013 - 21:49:03 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-6B9D1FA5.pf O45 - LFCP:[MD5.955E5B6D0BE71D44F1B26CA1F54C2B0F] - 29/10/2013 - 22:16:00 ---A- - C:\Windows\Prefetch\AUDACITY.EXE-87708940.pf O45 - LFCP:[MD5.1BE0F1F59FC4EFF3E8EF617476DE2D0D] - 29/10/2013 - 22:28:47 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-93B4A79A.pf O45 - LFCP:[MD5.F98ED901A003DB72042E26323D8C490C] - 29/10/2013 - 22:48:54 ---A- - C:\Windows\Prefetch\OPENWITH.EXE-BA0DC300.pf O45 - LFCP:[MD5.7A862F48186643AC5DFAA4E21C8B9C2E] - 30/10/2013 - 16:14:32 ---A- - C:\Windows\Prefetch\AUDACITY.EXE-B597CCBB.pf O45 - LFCP:[MD5.02A8680409205C40B620372E1E32A5C6] - 30/10/2013 - 16:18:04 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-276AC160.pf O45 - LFCP:[MD5.7836E7E1ADD58F7AD45B57A4B3F3D529] - 30/10/2013 - 16:41:34 ---A- - C:\Windows\Prefetch\WMPLAYER.EXE-B0AD61F0.pf O45 - LFCP:[MD5.23FDF98BC436E2EDB0B91EF31289B6BE] - 30/10/2013 - 22:39:54 ---A- - C:\Windows\Prefetch\AgCx_SC2.db O45 - LFCP:[MD5.72C1D4124B059AD304815F0A5B9916B2] - 30/10/2013 - 23:13:07 ---A- - C:\Windows\Prefetch\HELPPANE.EXE-5A92E3D5.pf O45 - LFCP:[MD5.75509218399DB5248558C98C69925B05] - 31/10/2013 - 13:01:51 ---A- - C:\Windows\Prefetch\DETECTION_PREMIUMALERT.EXE-5EC8742E.pf O45 - LFCP:[MD5.6875208AAC5E7AF3F2538206E5103A6C] - 31/10/2013 - 13:01:51 ---A- - C:\Windows\Prefetch\LOWDISKSPACEDETECTION.EXE-7B96660D.pf ~ Prefetcher: 168 Scanned in 00mn 02s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll ~ LSA: 9 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 17 Scanned in 00mn 00s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 17 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 ~ MWPE Keys: 3 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.4F18D4C7EA14F11A7211F60D553C03DB] - 26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [106736] ~ Drivers: 17 Scanned in 00mn 00s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 03/11/2013 - 22:29:56 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fr.wikipedia.org_0.localstorage [3072] O61 - LFC: 03/11/2013 - 22:29:56 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fr.wikipedia.org_0.localstorage-journal [3608] O61 - LFC: 03/11/2013 - 22:30:01 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YB7CKHCB\macromedia.com\support\flashplayer\sys\#p1.soundcloud.com\settings.sol [87] O61 - LFC: 03/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YB7CKHCB\p1.soundcloud.com\analytics.sol [374] O61 - LFC: 03/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YB7CKHCB\p1.soundcloud.com\player.swf\SCPlayer.sol [74] O61 - LFC: 03/11/2013 - 22:30:03 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\AD2F1837.GettingStartedwithWindows8_v10z8vjag6ke6\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:03 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\AD2F1837.HPConnectedPhotopoweredbySnapfish_v10z8vjag6ke6\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:03 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\AD2F1837.HPRegistration_v10z8vjag6ke6\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:03 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\BrowserChoice_cw5n1h2txyewy\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:03 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\Settings\settings.dat [262144] O61 - LFC: 03/11/2013 - 22:30:03 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:03 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:03 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\eBayInc.eBay_1618n3s9xq8tw\Settings\settings.dat [8192] =>Toolbar.eBay O61 - LFC: 03/11/2013 - 22:30:04 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:04 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:04 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:04 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\Microsoft.Bing_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:04 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\Microsoft.Camera_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:04 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\Microsoft.Media.PlayReadyClient_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:04 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:04 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:04 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\Microsoft.VCLibs.110.00_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:04 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\Microsoft.VCLibs.110_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:04 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\microsoft.microsoftskydrive_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:04 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Settings\settings.dat [8192] =>.Microsoft Corporation O61 - LFC: 03/11/2013 - 22:30:04 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\Settings\settings.dat [262144] O61 - LFC: 03/11/2013 - 22:30:05 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\Microsoft.WinJS.1.0.RC_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:05 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\Microsoft.WinJS.1.0_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:05 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:07 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\Settings\settings.dat [262144] =>.Microsoft Corporation O61 - LFC: 03/11/2013 - 22:30:07 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\SymantecCorporation.NortonStudio_v68kp9n051hdp\Settings\settings.dat [8192] =>.Symantec Corporation O61 - LFC: 03/11/2013 - 22:30:07 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\WinStore_cw5n1h2txyewy\Settings\settings.dat [8192] O61 - LFC: 03/11/2013 - 22:30:07 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\Settings\settings.dat [8192] O61 - LFC: 04/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_disqus.com_0.localstorage [3072] O61 - LFC: 04/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_disqus.com_0.localstorage-journal [3608] O61 - LFC: 04/11/2013 - 22:29:57 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_0 [45056] O61 - LFC: 04/11/2013 - 22:29:57 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_1 [270336] O61 - LFC: 04/11/2013 - 22:30:08 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\01\0166af0494c01255dc089512b97db0a81de6e657.file [24485] O61 - LFC: 04/11/2013 - 22:30:09 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\0a\0adb5e7facbd452b16da6e444a114fe94ca51908.file [39972] O61 - LFC: 04/11/2013 - 22:30:10 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\13\13354a6fa73e0695d3af8e466d84e3e99c24ef6e.file [23544] O61 - LFC: 04/11/2013 - 22:30:11 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\1c\1c9803f18f6ed434e0eacb89b142cb32dfdaa53c.file [30653] O61 - LFC: 04/11/2013 - 22:30:12 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\1e\1ef2180a511451fd87a6381d0b88e8a36b67540c.file [28118] O61 - LFC: 04/11/2013 - 22:30:12 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\1f\1fa12d9b1b83e4bd9f4ea13dc856bd16eb3aac99.file [28460] O61 - LFC: 04/11/2013 - 22:30:12 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\21\21f98bdf6c559d2a5f66942bbae2a09f1757180c.file [138752] O61 - LFC: 04/11/2013 - 22:30:12 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\22\220fbca4d52e7408ffab6c334b3a3523b3336828.file [38267] O61 - LFC: 04/11/2013 - 22:30:13 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\26\26978a38a0764157269fd0215074d84b683009d5.file [40638] O61 - LFC: 04/11/2013 - 22:30:13 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\27\274d11653235b12bacb061650bbebd006e0b2a8e.file [17665] O61 - LFC: 04/11/2013 - 22:30:14 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\28\28349b7b8767564220b80237d69847c0879dbe9b.file [37337] O61 - LFC: 04/11/2013 - 22:30:14 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\28\283689a2aad3b2bb2e0b048096605c81a0b83307.file [12290] O61 - LFC: 04/11/2013 - 22:30:15 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\32\32a9122292df5a6161a8108dd5e17427b4e48d5b.file [34595] O61 - LFC: 04/11/2013 - 22:30:15 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\33\337f3b29f4366d8a3df494bde7a7bff704e9ad4f.file [17135] O61 - LFC: 04/11/2013 - 22:30:17 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\3d\3dc4711db62537ca0683acae6d31300668f33fda.file [34469] O61 - LFC: 04/11/2013 - 22:30:17 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\3e\3eed237f830f0fa8e1009619c9fe144e4c4793fc.file [30496] O61 - LFC: 04/11/2013 - 22:30:17 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\40\403fd76139ec71e0b895b18c140570f2d25e60ed.file [22011] O61 - LFC: 04/11/2013 - 22:30:19 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\47\47e1c8c2ada008c854389f374484ff4faa7f544f.file [66361] O61 - LFC: 04/11/2013 - 22:30:19 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\49\491d67d8faa627e9de169810512ec010508bff22.file [29803] O61 - LFC: 04/11/2013 - 22:30:19 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\4b\4b75909f71d49eab498e73af3641d74fc7a755a5.file [86910] O61 - LFC: 04/11/2013 - 22:30:21 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\52\5206834c25d39d26a2949fed886e877d971c14df.file [32778] O61 - LFC: 04/11/2013 - 22:30:21 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\56\5639c689e78176c930043802ba0d3d24f6d095ad.file [52103] O61 - LFC: 04/11/2013 - 22:30:21 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\58\58725bf4699bdb9b04dcfaf4cb94a50993e25d98.file [139412] O61 - LFC: 04/11/2013 - 22:30:22 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\5d\5db0ed2ad0ceca8903989d11777b34154fa79dd1.file [17419] O61 - LFC: 04/11/2013 - 22:30:23 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\62\62878bf638bed7cf3aaa17d84293ef78369a67ed.file [51466] O61 - LFC: 04/11/2013 - 22:30:23 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\62\62991b85276517dc14c4ed48cfbea3ab4bdac9f0.file [77912] O61 - LFC: 04/11/2013 - 22:30:23 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\64\64f3ab762a0c544b3ec3a8be5b9c90bd8a5c3c6c.file [24487] O61 - LFC: 04/11/2013 - 22:30:24 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\66\664769f9609211a27c69a3c3ebb6776084c635d3.file [40662] O61 - LFC: 04/11/2013 - 22:30:24 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\66\66f739fe1fc377669491154f6a3dc681d90e3397.file [5789] O61 - LFC: 04/11/2013 - 22:30:24 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\69\697d2927ed24295127252ebd68051a1992dadc6b.file [21546] O61 - LFC: 04/11/2013 - 22:30:24 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\6c\6c2c48ce48f9786760ad05889ee9168238eaa2c4.file [99175] O61 - LFC: 04/11/2013 - 22:30:25 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\6c\6c6dfb7496316622eef67e4df215e38488be5a40.file [79030] O61 - LFC: 04/11/2013 - 22:30:25 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\6f\6f091bba0a9fc5e5418a98fc9258312ea0d721ad.file [90178] O61 - LFC: 04/11/2013 - 22:30:27 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\7c\7ca0fbb7036cc4dba4565ba6d36c67fa3818c6a2.file [49950] O61 - LFC: 04/11/2013 - 22:30:27 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\7d\7d63b04a1bff4dfde0155b01ef2e8c6e0d1a6e64.file [15556] O61 - LFC: 04/11/2013 - 22:30:27 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\80\80e9ca2853799f8dc2c3628d2a94bda89e67b288.file [29769] O61 - LFC: 04/11/2013 - 22:30:28 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\81\81bd64d91651b1cd45fdaa66d89ea0730e078fa4.file [32352] O61 - LFC: 04/11/2013 - 22:30:28 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\83\839785169364df91270bae87269bb0da9d20bb50.file [35367] O61 - LFC: 04/11/2013 - 22:30:28 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\85\85953051346d31c5b84361209e57ce40bc25b46c.file [41758] O61 - LFC: 04/11/2013 - 22:30:28 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\85\85dfc9698d1eefe2790127e72b0e8ed80bc83537.file [50986] O61 - LFC: 04/11/2013 - 22:30:28 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\87\87805d0a3ba4b14c5259b4856f82570a52fdf7a7.file [6226] O61 - LFC: 04/11/2013 - 22:30:29 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\8a\8a2168642d7d843d51b4ad03d0ab91a16bcbd49a.file [28779] O61 - LFC: 04/11/2013 - 22:30:29 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\8a\8a5a1f655a3ac9784e01e67f63d384db9380f780.file [30829] O61 - LFC: 04/11/2013 - 22:30:29 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\8e\8e5d995a65b065902b8d904e2e157da3436a7c89.file [19678] O61 - LFC: 04/11/2013 - 22:30:30 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\8e\8e9dfdc0030a0f1c367813e18e72125ba0ba493e.file [44862] O61 - LFC: 04/11/2013 - 22:30:30 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\8f\8f459b1452022bab39647b520665fb6db13d15ee.file [35601] O61 - LFC: 04/11/2013 - 22:30:30 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\91\911e851698ec0df7bf6f3d0770e292b38fa6d694.file [12502] O61 - LFC: 04/11/2013 - 22:30:30 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\91\91633c27240cfef6c795b11f899b3ad8f3ecb0a1.file [128333] O61 - LFC: 04/11/2013 - 22:30:30 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\92\9225c9fcba8dc2765fcb2a9a762d31b23909d15f.file [45250] O61 - LFC: 04/11/2013 - 22:30:30 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\92\92cf562e44d21a07e603f2d77406296a7baae5f8.file [98316] O61 - LFC: 04/11/2013 - 22:30:30 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\94\9480248560b178c1c51dafcccfdda76e71d2fd4b.file [31546] O61 - LFC: 04/11/2013 - 22:30:31 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\95\955eccf95a7d858aa1f5509ad2ac81de7254b8c4.file [39233] O61 - LFC: 04/11/2013 - 22:30:31 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\95\95ce328b90dcfcd71b1f25629ba661512cb3b2b6.file [30352] O61 - LFC: 04/11/2013 - 22:30:31 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\97\97d33268607fa19fe26b4b1f80a826ab0e7d14ca.file [20312] O61 - LFC: 04/11/2013 - 22:30:32 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\9d\9dacfde3b50d5948f5e0c9ab40282fc16ab49292.file [11497] O61 - LFC: 04/11/2013 - 22:30:32 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\9f\9fc645ae758277a4a1564ad8beb18ecc5b50b979.file [13912] O61 - LFC: 04/11/2013 - 22:30:32 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\9f\9fc7c8f44b9ef0e01213627d14d931b7b995d45f.file [44571] O61 - LFC: 04/11/2013 - 22:30:33 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\a7\a7d4e4bf85df6fd1630d89e21243e9accfad6c06.file [41772] O61 - LFC: 04/11/2013 - 22:30:34 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\ab\abbaa39ddfa8b37749244c1a44200a4364a502b4.file [38908] O61 - LFC: 04/11/2013 - 22:30:34 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\ac\ac6239810be275bfdb35f4e2199b39cfc3af39ec.file [30002] O61 - LFC: 04/11/2013 - 22:30:34 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\ac\ac808c79788631d49b66ffcd261881c0619af843.file [30056] O61 - LFC: 04/11/2013 - 22:30:35 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\af\afc8a45a99b1e90e620b972864bebb0eabb2af56.file [37464] O61 - LFC: 04/11/2013 - 22:30:36 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\b8\b8541794540c6e2ea630134237450be550913e4b.file [48924] O61 - LFC: 04/11/2013 - 22:30:36 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\ba\ba36537f97521696a8fcd2e8bc06825e05a16cb2.file [33952] O61 - LFC: 04/11/2013 - 22:30:36 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\bb\bb9afb9a1dbdf0a7fd2ff2bdb92a859bd215104f.file [25096] O61 - LFC: 04/11/2013 - 22:30:36 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\be\beb57012273d83bd3171d7847db2bcf43cc55e2a.file [23047] O61 - LFC: 04/11/2013 - 22:30:36 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\be\bee2629c6383de735c613d07c243e7a596caa33f.file [27358] O61 - LFC: 04/11/2013 - 22:30:37 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\bf\bfe1ca97e7e8bac48e74b8374595c2ede95cb0a7.file [36761] O61 - LFC: 04/11/2013 - 22:30:37 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\c1\c144b6f72f92f22fdaf758d2ea9e41562865eabc.file [183973] O61 - LFC: 04/11/2013 - 22:30:39 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\ca\cabb75d28058bda5bdbfe140a222c86863293159.file [29532] O61 - LFC: 04/11/2013 - 22:30:39 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\cc\ccb9399ad8ae86a4e1cd40df8d5bf864b941db08.file [22881] O61 - LFC: 04/11/2013 - 22:30:39 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\ce\ce72caa8089878e26d391201a5a5669ec0a72eb8.file [27426] O61 - LFC: 04/11/2013 - 22:30:39 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\cf\cf64d8bb29bc78aa6a66004fd190d8ffd9a90e7b.file [13699] O61 - LFC: 04/11/2013 - 22:30:39 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\cf\cf6ae2a58dbaed454b4f68dff64f43ee3342942f.file [26084] O61 - LFC: 04/11/2013 - 22:30:40 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\d1\d1eb5cc5d184a5458795ba83d8936b6e5af178f6.file [23371] O61 - LFC: 04/11/2013 - 22:30:40 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\d2\d2e4a23f84660582da3c021434c7fdcad47df7d1.file [28014] O61 - LFC: 04/11/2013 - 22:30:40 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\d4\d4555bc4ddc0405b3cbb4c9d315be6e68cafcc22.file [109470] O61 - LFC: 04/11/2013 - 22:30:41 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\d6\d6a9d45d14b214a6baaf9c8ac99e95fa8208c627.file [46334] O61 - LFC: 04/11/2013 - 22:30:42 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\db\db26c609162a1135e4c7ffdb1592acf0e854374a.file [6589] O61 - LFC: 04/11/2013 - 22:30:42 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\db\db3b6077f231dc9076c052f653967dcae6384eb8.file [42215] O61 - LFC: 04/11/2013 - 22:30:42 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\dd\dd30a202efa566cef63c344d2f66cc6f9b12a407.file [138536] O61 - LFC: 04/11/2013 - 22:30:42 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\de\ded5db0ad727b4d002c2e4dc4d5f58204dd3cca7.file [36976] O61 - LFC: 04/11/2013 - 22:30:43 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\e1\e1f175025d836a955e62a67a1ddfffe213dfbc0d.file [28144] O61 - LFC: 04/11/2013 - 22:30:43 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\e3\e396f6f64dae4facf479a639636644db77c92641.file [37324] O61 - LFC: 04/11/2013 - 22:30:43 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\e6\e6524fe14da5e915dd757f4eb03f191d0c8faf82.file [43529] O61 - LFC: 04/11/2013 - 22:30:44 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\ea\eaa4b48a9bc2b0389fde323b6c823598743f0f2e.file [4544] O61 - LFC: 04/11/2013 - 22:30:44 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\ec\ec5be46ca4f387f6819c75c1f7c96c1d88fdc5dd.file [28623] O61 - LFC: 04/11/2013 - 22:30:44 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\ed\edd7701823cc91f973290bfe0daec61b7a615b66.file [23021] O61 - LFC: 04/11/2013 - 22:30:45 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\f0\f0505fe080c828f1161fbd20bf14b98dcf07fb01.file [35149] O61 - LFC: 04/11/2013 - 22:30:45 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\f2\f25770eb66e87d8c0e0a182f745fa876c9a5a942.file [42740] O61 - LFC: 04/11/2013 - 22:30:45 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\f2\f2c32faaedc1fc2da5989c0d5ff7ad2c2469fc3d.file [31838] O61 - LFC: 04/11/2013 - 22:30:45 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\f3\f3c233e83cdb7fa6a27297f29d49b5a3f202ad08.file [450517] O61 - LFC: 04/11/2013 - 22:30:45 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\f4\f4c674efcc693f45c457d4401b5efdb5bcf26f8f.file [29862] O61 - LFC: 04/11/2013 - 22:30:45 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\f5\f5ca347845242fa12c403b9671f5dd858f7a3ca6.file [47235] O61 - LFC: 04/11/2013 - 22:30:46 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\f7\f703ffd6e39165ed15121afd8e7bed9287cf07e2.file [35419] O61 - LFC: 04/11/2013 - 22:30:46 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\f8\f86c8c7435b5fb70a152e3ef0b37237d5ed4cce4.file [31409] O61 - LFC: 04/11/2013 - 22:30:46 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\f9\f991bb703cf93dbe1950d3679e2523d0e82c4a41.file [25461] O61 - LFC: 04/11/2013 - 22:30:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\fd\fd236209bf6ddfa29913df7fb9006cae9c08add2.file [31221] O61 - LFC: 04/11/2013 - 22:30:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\fd\fd4d73cde3adb7740733ffa0f06808aa215a34c6.file [52110] O61 - LFC: 04/11/2013 - 22:30:54 ---A- . (...) -- C:\Users\Anto\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Office\Histories.xcu [26354] O61 - LFC: 04/11/2013 - 22:31:14 --HA- . (...) -- C:\Users\Anto\Downloads\.~lock.ORESUND MEGABRIDGE kidikoi.docx# [111] O61 - LFC: 04/11/2013 - 22:31:17 ---A- . (...) -- C:\Users\Anto\Downloads\ORESUND MEGABRIDGE kidikoi.docx [18347] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\CHANGELOG [28044] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\adblock_start_chrome.js [4020] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\adblock_start_common.js [6889] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\background.js [33522] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\bandaids.js [3693] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\button\popup.css [1371] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\button\popup.html [3732] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\button\popup.js [6220] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\filtering\domainset.js [3646] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\filtering\fifocache.js [922] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\filtering\filternormalizer.js [8094] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\filtering\filteroptions.js [1398] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\filtering\filterset.js [6060] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\filtering\filtertypes.js [10076] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\filtering\myfilters.js [24690] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\functions.js [6395] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\idlehandler.js [1999] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\img\icon128.png [9863] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\img\icon16.png [753] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\img\icon16_grayscale.png [3067] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\img\icon16_grayscale@2x.png [3563] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\img\icon19-grayscale.png [869] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\img\icon19-whitelisted.png [1829] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\img\icon19.png [689] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\img\icon24.png [2299] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\img\icon32.png [1904] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\img\icon38-grayscale.png [2877] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\img\icon38-whitelisted.png [3968] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\img\icon38.png [2712] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\img\icon48.png [3307] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\jquery\css\images\ui-bg_flat_55_999999_40x100.png [180] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\jquery\css\images\ui-bg_flat_75_aaaaaa_40x100.png [180] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\jquery\css\images\ui-bg_glass_45_0078ae_1x400.png [136] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\jquery\css\images\ui-bg_glass_55_f8da4e_1x400.png [131] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\jquery\css\images\ui-bg_glass_75_79c9ec_1x400.png [132] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\jquery\css\images\ui-bg_gloss-wave_50_38cfff_500x100.png [89] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\jquery\css\images\ui-bg_gloss-wave_75_2191c0_500x100.png [89] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\jquery\css\images\ui-bg_inset-hard_100_fcfdfd_1x100.png [88] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\jquery\css\images\ui-icons_056b93_256x240.png [5355] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\jquery\css\images\ui-icons_d8e7f3_256x240.png [4369] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\jquery\css\jquery-ui.custom.css [21592] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\jquery\css\override-page.css [2764] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\jquery\jquery-ui.custom.min.js [55999] O61 - LFC: 05/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\jquery\jquery.cookie.js [4246] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\LICENSE [35121] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\README.markdown [88] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\ar\messages.json [91496] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\bg\messages.json [99060] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\ca\messages.json [55063] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\cs\messages.json [57789] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\da\messages.json [53754] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\de\messages.json [55050] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\el\messages.json [95022] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\en\messages.json [51280] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\es\messages.json [53268] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\fi\messages.json [54450] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\fr\messages.json [54895] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\he\messages.json [80231] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\hr\messages.json [53753] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\hu\messages.json [55137] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\id\messages.json [53062] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\it\messages.json [53484] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\ja\messages.json [63820] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\ko\messages.json [60411] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\nb\messages.json [53222] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\nl\messages.json [52773] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\pl\messages.json [55526] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\pt_BR\messages.json [55059] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\pt_PT\messages.json [54437] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\ro\messages.json [54772] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\ru\messages.json [102031] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\sk\messages.json [57331] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\sl\messages.json [54145] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\sr\messages.json [53968] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\sv\messages.json [54313] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\te\messages.json [92885] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\tr\messages.json [58042] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\uk\messages.json [93413] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\zh_CN\messages.json [56762] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\_locales\zh_TW\messages.json [56616] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\jquery\jquery.min.js [93868] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\manifest.json [2448] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\options\customize.html [5800] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\options\customize.js [7750] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\options\filters.html [1558] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\options\filters.js [22465] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\options\general.html [1605] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\options\general.js [1721] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\options\index.html [1956] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\options\index.js [2086] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\options\options.css [2328] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\pages\adreport.html [8530] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\pages\adreport.js [10206] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\pages\resourceblock.html [7787] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\pages\resourceblock.js [26884] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\pages\subscribe.html [1076] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\pages\subscribe.js [1203] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\port.js [13137] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\stats.js [7128] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\uiscripts\blacklisting\blacklistui.js [14897] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\uiscripts\blacklisting\clickwatcher.js [5439] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\uiscripts\blacklisting\elementchain.js [1344] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\uiscripts\blacklisting\overlay.js [1095] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\uiscripts\blacklisting\rightclick_hook.js [402] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\uiscripts\load_jquery_ui.js [1510] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\uiscripts\send_content_to_back.js [1586] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\uiscripts\top_open_blacklist_ui.js [1620] O61 - LFC: 05/11/2013 - 22:29:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\uiscripts\top_open_whitelist_ui.js [5409] O61 - LFC: 05/11/2013 - 22:29:54 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [416279] =>PUP.Bomlabio O61 - LFC: 05/11/2013 - 22:29:56 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.midilibre.fr_0.localstorage [3072] O61 - LFC: 05/11/2013 - 22:29:56 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.midilibre.fr_0.localstorage-journal [3608] O61 - LFC: 05/11/2013 - 22:30:01 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YB7CKHCB\fbstatic-a.akamaihd.net\play.spotify.com.sol [88] O61 - LFC: 05/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YB7CKHCB\s.ytimg.com\soundData.sol [49] O61 - LFC: 05/11/2013 - 22:30:07 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\offline.bnk [3792] O61 - LFC: 05/11/2013 - 22:30:14 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\2c\2c800541cf20b8dd2a5bb0c2ff1c10066a2fcf05.file [66247] O61 - LFC: 05/11/2013 - 22:30:15 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\31\3100aee306a527b713d515e9ca0982a81228bf41.file [196766] O61 - LFC: 05/11/2013 - 22:30:22 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\5e\5e2927bfb4036180acb510fb532d936e0d1efb94.file [197572] O61 - LFC: 05/11/2013 - 22:30:33 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\a1\a1d8b6bd955dab935b3ae618b723989fe0804080.file [23054] O61 - LFC: 05/11/2013 - 22:30:33 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\a2\a22204c11685a7e53f7fbcf55e26c7f790acc0bc.file [164603] O61 - LFC: 05/11/2013 - 22:30:39 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\ce\cefb032205a0a8bf6e003a68171505f9b610cd60.file [83367] O61 - LFC: 05/11/2013 - 22:30:46 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\fc\fc67aa7b51f1f5386b8b8c9e51ae1e3aacc0e86e.file [44303] O61 - LFC: 05/11/2013 - 22:30:47 ---A- . (.The Software Group.) -- C:\Users\Anto\AppData\Local\Temp\BoxoreInstaller.exe [621168] =>Adware.Boxore O61 - LFC: 05/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\MircosoftStudio\1.1.6.6.crx [416279] O61 - LFC: 05/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\MircosoftStudio\DataBase [1125392] O61 - LFC: 05/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\MircosoftStudio\UpDate.dll [92672] O61 - LFC: 05/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\MircosoftStudio\conf [56] O61 - LFC: 05/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\MircosoftStudio\ep.zip [38849] O61 - LFC: 05/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\MircosoftStudio\gfl_omiga-plus.db [112] O61 - LFC: 05/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\MircosoftStudio\gfl_omiga-plus.json [296] O61 - LFC: 05/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\fullpackage_temp\DataBase [1125392] O61 - LFC: 05/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\fullpackage_temp\UpDate.dll [92672] O61 - LFC: 05/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\fullpackage_temp\conf [56] O61 - LFC: 05/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\fullpackage_temp\ep.zip [38849] O61 - LFC: 05/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\fullpackage_temp\gfl_omiga-plus.json [296] O61 - LFC: 05/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\fullpackage_temp\newtab.crx [416279] O61 - LFC: 05/11/2013 - 22:30:48 ---A- . (.北京暴风科技股份有限公司.) -- C:\Users\Anto\AppData\Local\Temp\MircosoftStudio\Baofeng.exe [116608] O61 - LFC: 05/11/2013 - 22:30:48 ---A- . (.北京暴风科技股份有限公司.) -- C:\Users\Anto\AppData\Local\Temp\fullpackage_temp\Baofeng.exe [116608] O61 - LFC: 05/11/2013 - 22:30:54 ---A- . (...) -- C:\Users\Anto\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Office\Recovery.xcu [1287] O61 - LFC: 05/11/2013 - 22:30:54 ---A- . (...) -- C:\Users\Anto\AppData\Roaming\Spotify\Users\1113592365-user\prefs [480] O61 - LFC: 05/11/2013 - 22:30:55 ---A- . (...) -- C:\Users\Anto\Documents\GTA San Andreas User Files\GTASAsf1.b [202752] O61 - LFC: 05/11/2013 - 22:30:55 ---A- . (...) -- C:\Users\Anto\Documents\GTA San Andreas User Files\gta_sa.set [2900] O61 - LFC: 06/11/2013 - 22:29:46 ---A- . (...) -- C:\Users\Anto\AppData\Local\CyberLink\YouCam\subsys.cache [4771] O61 - LFC: 06/11/2013 - 22:29:46 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Bookmarks [3505] O61 - LFC: 06/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak [3505] O61 - LFC: 06/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Cookies [955392] O61 - LFC: 06/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal [16384] O61 - LFC: 06/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies [6144] O61 - LFC: 06/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies-journal [4640] O61 - LFC: 06/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT [16] O61 - LFC: 06/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG [0] O61 - LFC: 06/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old [148] O61 - LFC: 06/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000612 [1842] O61 - LFC: 06/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extension State\CURRENT [16] O61 - LFC: 06/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG [0] O61 - LFC: 06/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old [267] O61 - LFC: 06/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000351 [463] O61 - LFC: 06/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\data.json [0] O61 - LFC: 06/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db [7168] O61 - LFC: 06/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db-journal [5672] O61 - LFC: 06/11/2013 - 22:29:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_khmbajnfeegpfichienonefldpjedofp_0\2 [16384] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\background.html [1567] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\crossriderManifest.json [762] =>PUP.CrossRider O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\manifest.xml [1787] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins.json [12601] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\101_cortica_m.js [751] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\102_dealply_m.js [1768] =>PUP.DealPly O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\103_intext_5_m.js [3102] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\104_jollywallet_m.js [165884] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\105_corticas_m.js [640] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\107_coupish_m.js [2325] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\108_icm_m.js [5018] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\116_ads_only_5_m.js [2997] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\117_coupons_intext_ads_5_m.js [3225] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\119_similar_web_m.js [5235] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\120_luck_m.js [1247] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\123_intext_adv_m.js [916] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js [798] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\125_arcadi2_m.js [930] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\126_revizer_ws_m.js [1340] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\127_revizer_p_m.js [1221] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\128_superfish_pricora_m.js [771] =>Adware.Pricora O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\129_widdit_m.js [593] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\135_arcadi3_m.js [930] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\138_getdeal_m.js [1424] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\13_CrossriderAppUtils.js [6034] =>PUP.CrossRider O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\141_corticas_ru_m.js.js [720] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\142_intext_fa_m.js [819] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\14_CrossriderUtils.js [12369] =>PUP.CrossRider O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\155_ibario_pops_m.js [743] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\158_50onred_ads_only_no_fb_m.js [3090] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\159_cortica_rollover_m.js [783] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\170_icm1_5_m.js [6482] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\171_arcadi2_sourceID_m.js [1005] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js [989] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\175_coolmirage_m.js [3305] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\17_jQuery.js [79982] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\19_CHAppAPIWrapper.js [6327] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\1_base.js [6908] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\21_debug.js [3676] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\22_resources.js [9082] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\28_initializer.js [664] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\47_resources_background.js [7720] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\4_jquery_1_7_1.js [94180] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\64_appApiMessage.js [2332] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\72_appApiValidation.js [23239] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\78_CrossriderInfo.js [2234] =>PUP.CrossRider O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\7_hooks.js [801] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\80_CHPopupAppAPI.js [194] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\87_ginyas_wrapper.js [20377] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\91_monetizationLoader.js.js [141597] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\92_superfish_m.js [695] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\93_superfish_no_coupons_m.js [1332] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\97_resourceApiWrapper.js [3299] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\plugins\9_search_engine_hook.js [2285] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\userCode\background.js [429] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\extensionData\userCode\extension.js [442] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\icons\actions\1.png [1223] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\icons\icon128.png [2433] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\icons\icon16.png [869] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\icons\icon48.png [1727] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\api\chrome.js [11475] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\api\cookie.js [11793] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\api\message.js [3346] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\api\pageAction.js [1737] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\api\pageActionBG.js [2473] O61 - LFC: 06/11/2013 - 22:29:52 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\background.js [28862] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\lib\app_api.js [6376] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\lib\bg_app_api.js [4458] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\lib\consts.js [288] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\lib\cookie_store.js [5905] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\lib\crossriderAPI.js [11366] =>PUP.CrossRider O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\lib\delegate.js [2002] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\lib\events.js [5757] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\lib\extensionDataStore.js [6294] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\lib\installer.js [315] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\lib\logFile.js [775] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\lib\logging.js [944] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\lib\onBGDocumentLoad.js [480] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\lib\popupResource\newPopup.js [40] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\lib\popupResource\popup.js [45] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\lib\reports.js [4841] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\lib\storageWrapper.js [491] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\lib\updateManager.js [5665] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\lib\util.js [5142] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\lib\xhr.js [2478] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\js\main.js [8452] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\manifest.json [1276] O61 - LFC: 06/11/2013 - 22:29:53 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp\1.25.16_0\popup.html [139] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Favicons [1464320] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal [16384] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT [16] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG [0] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG.old [142] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000012 [279] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\History [2256896] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache [144486] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\History-journal [16384] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Last Session [1128] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Last Tabs [846] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\khmbajnfeegpfichienonefldpjedofp\CURRENT [16] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\khmbajnfeegpfichienonefldpjedofp\LOG [0] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\khmbajnfeegpfichienonefldpjedofp\LOG.old [259] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\khmbajnfeegpfichienonefldpjedofp\MANIFEST-000013 [101] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fnopmpmeehlabkfhidnechiihgpfoaif_0.localstorage [3072] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fnopmpmeehlabkfhidnechiihgpfoaif_0.localstorage-journal [3608] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gighmmpiobklfepjocnamgkkbiglidom_0.localstorage [5347328] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gighmmpiobklfepjocnamgkkbiglidom_0.localstorage-journal [16384] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gomekmidlodglbbmalcneegieacbdmki_0.localstorage [250880] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gomekmidlodglbbmalcneegieacbdmki_0.localstorage-journal [16384] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_khmbajnfeegpfichienonefldpjedofp_0.localstorage [3072] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_khmbajnfeegpfichienonefldpjedofp_0.localstorage-journal [3608] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage [14336] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage-journal [14960] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage [3072] O61 - LFC: 06/11/2013 - 22:29:55 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal [3608] O61 - LFC: 06/11/2013 - 22:29:56 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.live-lyrics.com_0.localstorage [2785280] =>Adware.AddLyrics O61 - LFC: 06/11/2013 - 22:29:56 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.live-lyrics.com_0.localstorage-journal [16384] =>Adware.AddLyrics O61 - LFC: 06/11/2013 - 22:29:57 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage [3072] O61 - LFC: 06/11/2013 - 22:29:57 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal [3608] O61 - LFC: 06/11/2013 - 22:29:57 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage [76800] O61 - LFC: 06/11/2013 - 22:29:57 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal [16384] O61 - LFC: 06/11/2013 - 22:29:57 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Managed Mode Settings [8] O61 - LFC: 06/11/2013 - 22:30:01 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor [285696] O61 - LFC: 06/11/2013 - 22:30:01 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal [16384] O61 - LFC: 06/11/2013 - 22:30:01 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs [28672] O61 - LFC: 06/11/2013 - 22:30:01 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs-journal [8768] O61 - LFC: 06/11/2013 - 22:30:01 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\5Q2KQLKD\4BAE91DBAEF0CEEC0FCE5505D96DDEA865EDBFC1.heu [151] O61 - LFC: 06/11/2013 - 22:30:01 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\5Q2KQLKD\84D36BDF5E2577BFB0B8CE6A12A8646BB1AADDDD.heu [151] O61 - LFC: 06/11/2013 - 22:30:01 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\5Q2KQLKD\8F903698240FE799F61EEDA8595181137B996156.heu [151] O61 - LFC: 06/11/2013 - 22:30:01 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\5Q2KQLKD\98EECA3E014A0FA3C4C613006BDCEA12DA3BEACE.heu [151] O61 - LFC: 06/11/2013 - 22:30:01 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\5Q2KQLKD\ABD49354324081CEBB8F60184CF5FEE81F0F9298.heu [151] O61 - LFC: 06/11/2013 - 22:30:01 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\5Q2KQLKD\B63185FCA5D2BDBB568593F2BF232E87E5A20A7E.heu [151] O61 - LFC: 06/11/2013 - 22:30:01 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\5Q2KQLKD\B63185FCA5D2BDBB568593F2BF232E87E5A20A7E.swz [141160] O61 - LFC: 06/11/2013 - 22:30:01 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\5Q2KQLKD\D888AEE0CE49F58A35C32EB138EDD00F0D6B9FAE.heu [151] O61 - LFC: 06/11/2013 - 22:30:01 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\5Q2KQLKD\cacheSize.txt [8] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YB7CKHCB\macromedia.com\support\flashplayer\sys\#www.ajaxcdn.org\settings.sol [85] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YB7CKHCB\macromedia.com\support\flashplayer\sys\settings.sol [1441] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YB7CKHCB\www.ajaxcdn.org\swf.swf\dm_cookie.sol [415] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Preferences [319026] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\QuotaManager [13312] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal [8768] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT [16] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG [0] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old [277] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-001022 [402] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Shortcuts [135168] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal [16384] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3 [81920] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3-journal [16384] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Top Sites [319488] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal [16384] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity [2556] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Visited Links [131072] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Web Data [96256] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal [4624] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Local State [47906] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom [7778912] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [1390616] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies [6144] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal [4640] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist [135288] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Safe Browsing Download [1156060] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist [19536] O61 - LFC: 06/11/2013 - 22:30:02 ---A- . (...) -- C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist [6728] O61 - LFC: 06/11/2013 - 22:30:03 --HA- . (...) -- C:\Users\Anto\AppData\Local\IconCache.db [38204] O61 - LFC: 06/11/2013 - 22:30:06 ---A- . (...) -- C:\Users\Anto\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\Settings\settings.dat [262144] O61 - LFC: 06/11/2013 - 22:30:07 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Browser\Local Storage\sp_13d1cdcb746f7ebad4841d147797c3cbbe9881be.discover_0.localstorage [14336] O61 - LFC: 06/11/2013 - 22:30:07 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Browser\Local Storage\sp_13d1cdcb746f7ebad4841d147797c3cbbe9881be.discover_0.localstorage-journal [10832] O61 - LFC: 06/11/2013 - 22:30:07 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Browser\Local Storage\sp_312ddaf029fa2123ae249d461ac856462f0f22d8.notification-popup_0.localstorage [313344] O61 - LFC: 06/11/2013 - 22:30:07 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Browser\Local Storage\sp_312ddaf029fa2123ae249d461ac856462f0f22d8.notification-popup_0.localstorage-journal [16384] O61 - LFC: 06/11/2013 - 22:30:07 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Browser\Local Storage\sp_d88faeba607b93ad6e81a35ebb9378832f4be09d.feed_0.localstorage [315392] O61 - LFC: 06/11/2013 - 22:30:07 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Browser\Local Storage\sp_d88faeba607b93ad6e81a35ebb9378832f4be09d.feed_0.localstorage-journal [16384] O61 - LFC: 06/11/2013 - 22:30:07 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\mercury.db [46410752] O61 - LFC: 06/11/2013 - 22:30:07 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\mercury.db-wal [1288024] O61 - LFC: 06/11/2013 - 22:30:09 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\0a\0a7815c2c0366fb01f6591f4bd4362a3e9d3f41e.file [16927] O61 - LFC: 06/11/2013 - 22:30:11 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\18\1803b259589eb4468499a6bca2a6bd92d1efdb34.file [118294] O61 - LFC: 06/11/2013 - 22:30:11 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\18\185a9ecb33ec0f91f74c2d738877fb912dead9b0.file [34002] O61 - LFC: 06/11/2013 - 22:30:11 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\19\19222f2d50666fecd3962b79a86bd3ae1e59a4f1.file [33540] O61 - LFC: 06/11/2013 - 22:30:13 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\27\270ab0dd86b6da90aa0cb7abb7d2d539624f59c7.file [62054] O61 - LFC: 06/11/2013 - 22:30:14 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\29\292e0963594dd3c4b9b8654992dfe62fa10aaaf5.file [13385] O61 - LFC: 06/11/2013 - 22:30:14 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\2a\2a1e367e5e1cfff1a1123bec9fbe593e8077a6e1.file [33624] O61 - LFC: 06/11/2013 - 22:30:15 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\31\31af7b1283def7f80df7447a0950deb4df3ea14d.file [589894] O61 - LFC: 06/11/2013 - 22:30:16 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\36\3602d0b09747387722949b8aa16f87c70f0632bf.file [63145] O61 - LFC: 06/11/2013 - 22:30:16 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\38\384ab3fbcc3cc363e5792079fc31f19b41df16b3.file [4527] O61 - LFC: 06/11/2013 - 22:30:16 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\38\38f1b55f38a310d2277166f55eefaff8cf293a5f.file [105631] O61 - LFC: 06/11/2013 - 22:30:17 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\3a\3ae582a8a723473dfcec6506fbde2892c25b390d.file [41689] O61 - LFC: 06/11/2013 - 22:30:17 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\3c\3c22aeb3e7d57bc7951eb5b73ef39b3efede12d6.file [19515] O61 - LFC: 06/11/2013 - 22:30:17 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\3c\3c790591ddf88129b792f3b7a852ccc903447594.file [25385] O61 - LFC: 06/11/2013 - 22:30:17 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\3d\3d5aa0bcc660eb964d602f56dc17b5efdc293703.file [25566] O61 - LFC: 06/11/2013 - 22:30:18 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\45\459d8f0209a58602e0173b1fee495a5a20a0783e.file [56511] O61 - LFC: 06/11/2013 - 22:30:19 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\48\48b2e2af6b0260e868761f8de28dce8b2246d8b7.file [57901] O61 - LFC: 06/11/2013 - 22:30:21 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\51\51e9d46a9bdc4b881f9a8dba3174f65c43e98bd7.file [84133] O61 - LFC: 06/11/2013 - 22:30:21 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\52\52de683ad2a86aaf14080bcd93ab191d69fc1d35.file [56996] O61 - LFC: 06/11/2013 - 22:30:21 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\56\56807099b4ba1a3a60e23735bc2018d916409367.file [42846] O61 - LFC: 06/11/2013 - 22:30:26 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\7a\7a427f3a7ef1ad4b4e506d1cb18d7fb3d8a16fb7.file [7353] O61 - LFC: 06/11/2013 - 22:30:27 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\80\805fb6952263991d9a11d03077ff3e6dc57a8631.file [18371] O61 - LFC: 06/11/2013 - 22:30:28 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\84\8498ba7b3ec7c8568ed3f7805150ec42891eeb95.file [107558] O61 - LFC: 06/11/2013 - 22:30:30 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\94\94dbad5a25707360e0346602f94f8c879b1fc0ee.file [1274038] O61 - LFC: 06/11/2013 - 22:30:33 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\a0\a0858467e22991ea229c0ed112ac2b611759b8f9.file [589894] O61 - LFC: 06/11/2013 - 22:30:33 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\a1\a187ec497460c334acc8ee4e6705c0d70095a450.file [92868] O61 - LFC: 06/11/2013 - 22:30:36 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\bb\bbef01167bdb3e3337a0e052d3ab0ea0f51077b0.file [589894] O61 - LFC: 06/11/2013 - 22:30:37 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\bf\bf92f4be8c58f06f7a341d1bc88ca87df372acf7.file [1274038] O61 - LFC: 06/11/2013 - 22:30:38 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\c7\c77f75e7ec98388ea0f551a97d9b8543c6cb67ab.file [52948] O61 - LFC: 06/11/2013 - 22:30:38 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\c8\c8e22caef794e58c9623daf6a18c85681c7c8610.file [589894] O61 - LFC: 06/11/2013 - 22:30:38 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\c9\c9db6ff77b46410e53fcc3ee18a0377a01440361.file [28994] O61 - LFC: 06/11/2013 - 22:30:39 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\ca\cabe4632df8bb917923f56498861c6f2bfe9617d.file [457270] O61 - LFC: 06/11/2013 - 22:30:39 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\ce\ce2c7b8bae82774175ba9f5842bec2a7e5eb1150.file [13228] O61 - LFC: 06/11/2013 - 22:30:40 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\d3\d3d9651ad8280b06eb3c1290da0a0bc1c7140949.file [23812] O61 - LFC: 06/11/2013 - 22:30:41 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\d8\d8c527d371f40267aac0c9cebca8d2019c691c2c.file [90740] O61 - LFC: 06/11/2013 - 22:30:43 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\e2\e2bc21ca4194f44b16386e8d1ed0cccc2e98f898.file [1274038] O61 - LFC: 06/11/2013 - 22:30:44 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\e8\e81ed23c7c4d21fa0711b3d8bdcfd5ac27dbbfde.file [114016] O61 - LFC: 06/11/2013 - 22:30:44 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\ed\ed2e348a035c35271339ccad69265d6e9ce659ed.file [19372] O61 - LFC: 06/11/2013 - 22:30:46 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\f6\f688a9b4d67ea1bc0d621bd1e80cd970e0f8cbfc.file [28865] O61 - LFC: 06/11/2013 - 22:30:46 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\f8\f800707283bb96f7a3a86d1d4f6036beb5962179.file [27782] O61 - LFC: 06/11/2013 - 22:30:46 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\fc\fc269c338aac853c4ed376691cde6fbe0dde9ace.file [1274038] O61 - LFC: 06/11/2013 - 22:30:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Spotify\Storage\fc\fcc9184118603d8abafa7113efaf1410d5c4354d.file [2870] O61 - LFC: 06/11/2013 - 22:30:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\BackupSetup.exe [10355400] O61 - LFC: 06/11/2013 - 22:30:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\au-descriptor-1.7.0_45-b18.xml [8891] O61 - LFC: 06/11/2013 - 22:30:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\chart_data.dat [20570] O61 - LFC: 06/11/2013 - 22:30:47 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\dd_vcredistMSI662A.txt [396042] O61 - LFC: 06/11/2013 - 22:30:47 ---A- . (.LyricsMonkey.) -- C:\Users\Anto\AppData\Local\Temp\AddLyrics3.EXE [106414] =>Adware.AddLyrics O61 - LFC: 06/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\MPBSETUP.EXE [73848] O61 - LFC: 06/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\MSIef58f.LOG [394] O61 - LFC: 06/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\MircosoftStudio\package1.zip [1395008] O61 - LFC: 06/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\Pin.xml [99] O61 - LFC: 06/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\Pin2.xml [99] O61 - LFC: 06/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\Trans.xml [95] O61 - LFC: 06/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\dd_vcredistUI662A.txt [11478] O61 - LFC: 06/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\fullpackage_temp\gfl_omiga-plus.db [89] O61 - LFC: 06/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\fullpackage_temp\package1.zip [1395008] O61 - LFC: 06/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\fullpackage_temp\package2.zip [1703069] O61 - LFC: 06/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\nsaC041.tmp\Registry.dll [25088] O61 - LFC: 06/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\nsi72D9.tmp\Registry.dll [25088] O61 - LFC: 06/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\nskBB17.tmp\Registry.dll [25088] O61 - LFC: 06/11/2013 - 22:30:48 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\nsx19DE.tmp\nsSCM.dll [5632] O61 - LFC: 06/11/2013 - 22:30:48 ---A- . (.Boxore.) -- C:\Users\Anto\AppData\Local\Temp\OBBoxore.EXE [663455] =>Adware.Boxore O61 - LFC: 06/11/2013 - 22:30:48 ---A- . (.Microsoft Corporation.) -- C:\Users\Anto\AppData\Local\Temp\vcredist_x64.exe [4961800] O61 - LFC: 06/11/2013 - 22:30:48 ---A- . (.Qdkpau.) -- C:\Users\Anto\AppData\Local\Temp\LyricsMonkey_1060-1053.exe [5480072] =>Adware.AddLyrics O61 - LFC: 06/11/2013 - 22:30:48 ---A- . (.Skytech Co., Ltd..) -- C:\Users\Anto\AppData\Local\Temp\gfl_omiga-plus.exe [454808] O61 - LFC: 06/11/2013 - 22:30:48 ---A- . (.Wajam product.) -- C:\Users\Anto\AppData\Local\Temp\WajamIM.EXE [135644] =>Toolbar.Wajam O61 - LFC: 06/11/2013 - 22:30:48 ---A- . (.Wsys Co., Ltd..) -- C:\Users\Anto\AppData\Local\Temp\fullpackage_temp\eGdpSvc.exe [1706136] =>PUP.eSafeSecurity O61 - LFC: 06/11/2013 - 22:30:50 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\~DF4D4FA737060F72E8.TMP [312320] O61 - LFC: 06/11/2013 - 22:30:50 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\~DF8EF950D803185C2A.TMP [312320] O61 - LFC: 06/11/2013 - 22:30:51 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\~DFA36E5E76A00B3E83.TMP [312320] O61 - LFC: 06/11/2013 - 22:30:51 ---A- . (...) -- C:\Users\Anto\AppData\Local\Temp\~DFE54D8D11BB32CFF4.TMP [312320] O61 - LFC: 06/11/2013 - 22:30:53 ---A- . (...) -- C:\Users\Anto\AppData\Roaming\OpenOffice.org\3\.lock [140] O61 - LFC: 06/11/2013 - 22:30:54 ---A- . (...) -- C:\Users\Anto\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Office\Common.xcu [851] O61 - LFC: 06/11/2013 - 22:30:54 ---A- . (...) -- C:\Users\Anto\AppData\Roaming\Spotify\Users\1113592365-user\Apps\discover\Cookies [8192] O61 - LFC: 06/11/2013 - 22:30:54 ---A- . (...) -- C:\Users\Anto\AppData\Roaming\Spotify\Users\1113592365-user\Apps\discover\Cookies-journal [5672] O61 - LFC: 06/11/2013 - 22:30:54 ---A- . (...) -- C:\Users\Anto\AppData\Roaming\Spotify\Users\1113592365-user\Cookies\Cookies [19456] O61 - LFC: 06/11/2013 - 22:30:54 ---A- . (...) -- C:\Users\Anto\AppData\Roaming\Spotify\Users\1113592365-user\Cookies\Cookies-journal [11864] O61 - LFC: 06/11/2013 - 22:30:54 ---A- . (...) -- C:\Users\Anto\AppData\Roaming\Spotify\Users\1113592365-user\ad.bnk [6660] O61 - LFC: 06/11/2013 - 22:30:54 ---A- . (...) -- C:\Users\Anto\AppData\Roaming\Spotify\Users\1113592365-user\guistate [6523] O61 - LFC: 06/11/2013 - 22:30:54 ---A- . (...) -- C:\Users\Anto\AppData\Roaming\Spotify\Users\1113592365-user\local-files.bnk [2373] O61 - LFC: 06/11/2013 - 22:30:54 ---A- . (...) -- C:\Users\Anto\AppData\Roaming\Spotify\Users\1113592365-user\purchased.bnk [178] O61 - LFC: 06/11/2013 - 22:30:54 ---A- . (...) -- C:\Users\Anto\AppData\Roaming\Spotify\Users\1113592365-user\track-player.bnk [10076] O61 - LFC: 06/11/2013 - 22:30:54 ---A- . (...) -- C:\Users\Anto\AppData\Roaming\Spotify\Users\1113592365-user\watch-sources.bnk [1055] O61 - LFC: 06/11/2013 - 22:30:54 ---A- . (...) -- C:\Users\Anto\AppData\Roaming\Spotify\prefs [916] O61 - LFC: 06/11/2013 - 22:30:54 ---A- . (...) -- C:\Users\Anto\AppData\Roaming\Spotify\running [0] O61 - LFC: 06/11/2013 - 22:30:54 ---A- . (...) -- C:\Users\Anto\AppData\Roaming\Spotify\watchdog.bnk [0] O61 - LFC: 06/11/2013 - 22:30:54 ---A- . (...) -- C:\Users\Anto\AppData\Roaming\ZHP\Log.txt [16754] =>.Nicolas Coolman O61 - LFC: 06/11/2013 - 22:30:54 ---A- . (...) -- C:\Users\Anto\AppData\Roaming\ZHP\TestsZHPDiag.txt [2820] =>.Nicolas Coolman O61 - LFC: 06/11/2013 - 22:31:14 ---A- . (...) -- C:\Users\Anto\Documents\Youcam\CyberLink YouCam(Webcam).lnk [1227] O61 - LFC: 06/11/2013 - 22:31:14 ---A- . (...) -- C:\Users\Anto\Documents\Youcam\EffectManualOrder\ManualOrder_Avatar.xml [2111] O61 - LFC: 06/11/2013 - 22:31:14 ---A- . (...) -- C:\Users\Anto\Documents\Youcam\EffectManualOrder\ManualOrder_Distortion.xml [1383] O61 - LFC: 06/11/2013 - 22:31:14 ---A- . (...) -- C:\Users\Anto\Documents\Youcam\EffectManualOrder\ManualOrder_Emotion.xml [1961] O61 - LFC: 06/11/2013 - 22:31:14 ---A- . (...) -- C:\Users\Anto\Documents\Youcam\EffectManualOrder\ManualOrder_Filter.xml [1469] O61 - LFC: 06/11/2013 - 22:31:14 ---A- . (...) -- C:\Users\Anto\Documents\Youcam\EffectManualOrder\ManualOrder_Frame.xml [1225] O61 - LFC: 06/11/2013 - 22:31:14 ---A- . (...) -- C:\Users\Anto\Documents\Youcam\EffectManualOrder\ManualOrder_FunnyScene.xml [864] O61 - LFC: 06/11/2013 - 22:31:14 ---A- . (...) -- C:\Users\Anto\Documents\Youcam\EffectManualOrder\ManualOrder_Gadget.xml [3199] O61 - LFC: 06/11/2013 - 22:31:16 ---A- . (...) -- C:\Users\Anto\Downloads\install_flashplayer11x32_mssd_aih_other.exe [380008] O61 - LFC: 06/11/2013 - 22:31:17 ---A- . (.Nicolas Coolman.) -- C:\Users\Anto\Downloads\ZHPDiag2.exe [6846222] =>.Nicolas Coolman ~ 45 Fichiers temporaires (Temporary files) ~ 2 Fichiers cookies (Cookies files) ~ Files: 571 Scanned in 01mn 32s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.) ~ FASS Keys: 11 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://isearch.omiga-plus.com O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com =>Hijacker.Browsers ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {2fa28606-de77-4029-af96-b231e3b8f827} - (Ask.com) - http://eu.ask.com O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} [DefaultScope] - (omiga-plus) - http://isearch.omiga-plus.com O69 - SBI: SearchScopes [HKCU] {b7fca997-d0fb-4fe0-8afd-255e89cf9671} - (Yahoo) - http://fr.search.yahoo.com O69 - SBI: SearchScopes [HKCU] {D944BB61-2E34-4DBF-A683-47E505C587DC} - (eBay) - http://rover.ebay.com =>Toolbar.eBay O69 - SBI: SearchScopes [HKCU] {E6AE7BD3-51DE-4A17-AE79-74E3520DCBBD} - (Propositions de recherche Amazon.fr) - http://www.amazon.fr ~ Keys: Scanned in 00mn 00s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [190976] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [309248] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1366016] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1156096] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99840] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll [358400] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [107520] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [62976] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [438784] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [305664] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [3275776] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [826368] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [565760] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [894464] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [151552] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [105472] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1285632] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [219648] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [80896] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [134144] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [291328] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84992] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [97792] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [190976] O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1964544] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [47104] O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [207872] O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll [161792] O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [180224] ~ Services: 34 Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.858D895AD40DE9779E78C39A116F9553] [sPRF][06/11/2013] (...) -- C:\Users\Anto\AppData\Local\Temp\BackupSetup.exe [10355400] [MD5.2F08D91BFE7D5B863F7DDE4826B1955F] [sPRF][05/11/2013] (.The Software Group - Software Update Setup.) -- C:\Users\Anto\AppData\Local\Temp\BoxoreInstaller.exe [621168] =>Adware.Boxore [MD5.6EEA4426C3CA5A6A49869CA1302CDEC0] [sPRF][06/11/2013] (...) -- C:\Users\Anto\AppData\Local\Temp\chart_data.dat [20570] [MD5.171F1BB73D0238A7A56126D3459ECDCD] [sPRF][15/10/2008] (...) -- C:\Users\Anto\AppData\Local\Temp\Extract.exe [50432] [MD5.61DD48D96CDBD6452A9BA3148D258CDA] [sPRF][06/11/2013] (.Skytech Co., Ltd. - Skytech Downloader.) -- C:\Users\Anto\AppData\Local\Temp\gfl_omiga-plus.exe [454808] [MD5.C3852F789300BC3A7AC16B926F612094] [sPRF][06/11/2013] (.Qdkpau - Nnjlvqpo.) -- C:\Users\Anto\AppData\Local\Temp\LyricsMonkey_1060-1053.exe [5480072] =>Adware.AddLyrics [MD5.48C216AF17C96CAD7100A1A1ABF24D4B] [sPRF][03/05/2013] (.Spotify Ltd - Spotify Installer.) -- C:\Users\Anto\AppData\Local\Temp\SpotifyUpgrader.exe [20709088] [MD5.40395C175553CB14D2050888EFCCDF00] [sPRF][06/11/2013] (.Microsoft Corporation - Microsoft Visual C++ 2008 Redistributable Setup.) -- C:\Users\Anto\AppData\Local\Temp\vcredist_x64.exe [4961800] [MD5.F0F3706910D84499E7845934117022BA] [sPRF][15/07/2013] (...) -- C:\Users\Anto\AppData\Local\Temp\wajam_download.exe [55363] =>Toolbar.Wajam ~ Files: 9 Scanned in 00mn 02s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "vm-monitoring-rpc" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "vm-monitoring-dcom" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper" | In - None - P6 - FALSE | .(.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\system32\wininit.exe O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Netlogon-TCP-RPC-In" | In - None - P6 - FALSE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "ProximityUxHost-Sharing-In-TCP-NoScope" | In - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe O87 - FAEL: "ProximityUxHost-Sharing-Out-TCP-NoScope" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Hôte UX de proximité.) -- C:\Windows\system32\proximityuxhost.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-DAS-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnPHost-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-DAS-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\Windows\system32\dashost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PlayTo-In-UDP-NoScope" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-In-UDP-LocalSubnetScope" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-Out-UDP-NoScope" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-Out-UDP-LocalSubnetScope" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-In-RTSP-NoScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-In-RTSP-LocalSubnetScope" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-In-RTSP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\system32\mdeserver.exe O87 - FAEL: "PlayTo-SSDP-Discovery-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PlayTo-QWave-In-UDP-PlayToScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PlayTo-QWave-Out-UDP-PlayToScope" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PlayTo-QWave-In-TCP-PlayToScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PlayTo-QWave-Out-TCP-PlayToScope" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "TPMVSCMGR-Server-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe O87 - FAEL: "TPMVSCMGR-Server-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "TPMVSCMGR-Server-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe O87 - FAEL: "TPMVSCMGR-Server-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\Windows\system32\RmtTpmVscMgrSvr.exe O87 - FAEL: "Collab-P2PHost-In-TCP" |In - None - P6 - TRUE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.) O87 - FAEL: "Collab-P2PHost-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.) O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.) O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\p2phost.exe (.not file.) O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-In-TCP" |In - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.) O87 - FAEL: "MCX-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.) O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-TERMSRV-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.) O87 - FAEL: "MCX-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.) O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-Prov-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcx2prov.exe (.not file.) O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-McrMgr-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcrmgr.exe (.not file.) O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{C36D1C6D-7BE5-4D8C-BE13-9735494C7701}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe O87 - FAEL: "{6DFD3DE9-9ECD-4141-B534-DE0261E45832}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "{99462EF4-D17C-4EFC-8A12-C1266FDBC03E}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "{36ACF1BC-D431-428E-88BE-AE7926103521}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe O87 - FAEL: "{73819E27-7E6F-44AC-A182-F7FD65E1FFF3}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe O87 - FAEL: "{DCEBFA3D-10B0-4FCF-822D-CAE608FB5313}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDVD 10.0.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.exe O87 - FAEL: "{AAC55985-E0AF-4C29-B541-7930D3C3B182}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDirector 10.) -- C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exe O87 - FAEL: "{B5C37C80-FDD7-4B93-8307-39092667C992}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{DF3A0078-2ECE-4596-9D00-F92D8CC2EE08}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{49970796-8037-443D-A58E-45FFAD66AC40}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "{86F71C1C-E009-4229-980D-E15E17BF8455}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{D95E56B7-8535-4425-8783-24984C44CB1C}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{7B5244E0-4E13-4633-848A-A01A20402FF8}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{5B84B6F3-D676-4FBA-88C3-E350F7AA9EF2}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{57BCB545-9C31-474F-9176-D2C1377B8272}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{7136B450-2BA9-4A1F-8608-4F57BAC356A3}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{EAB226AD-DE0E-44BE-AF36-92CC6FBE2294}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{594F21F9-8A97-423E-9CF6-47DC88C5EB89}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{5D0357F8-FB58-4C78-9CED-2582302A180A}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{DE181E68-153C-41B7-9F1F-03B0B139051C}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{ABA77A1C-1738-4C9B-86A1-53038168FAF4}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{B60A1317-A402-4FD1-9BD8-580D6829BA12}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{3E27BEB7-D76E-412A-B246-6D1716E95430}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{18BB9314-E973-4953-931A-042845EC5A85}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{9E176939-3D5A-4DA0-B1C1-59E68EB97650}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{E5C09E9E-21BA-460B-983A-4D3FE801FD16}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{D0BCC7A6-ECBF-4273-B137-598577B75F69}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "TCP Query User{0152BACB-6776-493F-A3EC-95FC5B451E52}C:\users\anto\appdata\roaming\spotify\spotify.exe" | In - Private - P6 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\users\anto\appdata\roaming\spotify\spotify.exe O87 - FAEL: "UDP Query User{9ECBAC10-AF4E-4E3E-BAB1-592538EF80E2}C:\users\anto\appdata\roaming\spotify\spotify.exe" | In - Private - P17 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\users\anto\appdata\roaming\spotify\spotify.exe O87 - FAEL: "TCP Query User{A43E5912-82E5-4756-A5F9-E4A5DBC4CCD9}C:\users\anto\appdata\roaming\spotify\spotify.exe" | In - Public - P6 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\users\anto\appdata\roaming\spotify\spotify.exe O87 - FAEL: "UDP Query User{4FC52955-55E9-4355-AA03-9517C14352F0}C:\users\anto\appdata\roaming\spotify\spotify.exe" | In - Public - P17 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\users\anto\appdata\roaming\spotify\spotify.exe O87 - FAEL: "TCP Query User{E13CFF47-7580-42BB-9A7C-60E9B55DB079}C:\users\anto\jeux\armagetron advanced\armagetronad.exe" | In - Public - P6 - TRUE | .(...) -- C:\users\anto\jeux\armagetron advanced\armagetronad.exe O87 - FAEL: "UDP Query User{FDC2E301-0F91-4C8C-A7D0-45D37AC841D8}C:\users\anto\jeux\armagetron advanced\armagetronad.exe" | In - Public - P17 - TRUE | .(...) -- C:\users\anto\jeux\armagetron advanced\armagetronad.exe O87 - FAEL: "{FD433357-01CA-40BB-B713-32AAEB2F657B}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe O87 - FAEL: "{282949CE-CF2E-438A-B9A9-354ADE44498D}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe O87 - FAEL: "{1DBE63E3-D3D7-4FAE-95EB-5786AACBF7B2}" | In - Public - P6 - TRUE | .(.Wsys Co., Ltd. - Wsys Control 10.2.1.2652.) -- C:\ProgramData\eSafe\eGdpSvc.exe =>PUP.eSafeSecurity ~ Firewall: 240 Scanned in 00mn 02s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "00004159070000000000000000F01FEC" . (.Microsoft Office.) -- C:\windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe O90 - PUC: "0694AF70830BBE9498B1F95939A05A44" . (.HP Customer Experience Enhancements.) -- C:\windows\Installer\{07FA4960-B038-49EB-891B-9F95930AA544}\ARPPRODUCTICON.exe O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico O90 - PUC: "1ADB7B61769BD2D4B8721E72722C3805" . (.HP CoolSense.) -- C:\windows\Installer\{16B7BDA1-B967-4D2D-8B27-E12727C28350}\_853F67D554F05449430E7E.exe O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon O90 - PUC: "2B0163E6D0340BE4183EB2758E9BEDD8" . (.Bonjour.) -- C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\Bonjour.ico O90 - PUC: "2D6F4B0BEA2FA1544969F6F2A698B723" . (.PowerDirector.) -- C:\Windows\Installer\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\ARPPRODUCTICON.exe O90 - PUC: "2FCC6D4EFAA0C9B4D95E98E3CDB9B4AA" . (.HP Registration Service.) -- C:\Windows\Installer\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}\ARPPRODUCTICON.exe O90 - PUC: "42C6FBF1Df1C10144AB2C065F4E9E897" . (.Media Suite.) -- C:\Windows\Installer\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\ARPPRODUCTICON.exe O90 - PUC: "45B9108BEB9FA0946991D6601FF821F9" . (.HP Support Assistant.) -- C:\windows\Installer\{B8019B54-F9BE-490A-9619-6D06F18F129F}\ARPPRODUCTICON.exe =>.Hewlett-Packard Co O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico =>.Apple Inc O90 - PUC: "5A440F64B8EC691489E4B56D25E563D1" . (.Apple Application Support.) -- C:\Windows\Installer\{46F044A5-CE8B-4196-984E-5BD6525E361D}\WinInstall.ico O90 - PUC: "5B8549D1A414E91428B4F5A81A8488E4" . (.HP Software Framework.) -- C:\windows\Installer\{1D9458B5-414A-419E-824B-5F8AA148884E}\app_1.exe O90 - PUC: "6E715662668DD93419C98B1B5AE20608" . (.OpenOffice.org 3.2.) -- C:\Windows\Installer\{266517E6-D866-439D-919C-B8B1A52E6080}\soffice.ico O90 - PUC: "701043F6AA9F6C745BC43C1AF91155F3" . (.Hewlett-Packard ACLM.NET v1.2.0.0.) -- C:\windows\Installer\{6F340107-F9AA-47C6-B54C-C3A19F11553F}\ARPPRODUCTICON.exe O90 - PUC: "7C43C21609E58D74B9C5F017D78D7262" . (.swMSM.) -- C:\windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe O90 - PUC: "7EBE440D7E4994C409CF09963E3F471E" . (.HP Documentation.) -- C:\Windows\Installer\{D044EBE7-94E7-4C49-90FC-9069E3F374E1}\NotebookDocs.exe O90 - PUC: "8994BF104C33134458DE70E9E3FE7ED5" . (.YouCam.) -- C:\Windows\Installer\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\ARPPRODUCTICON.exe O90 - PUC: "9992AB10624DB224DA10997382E8559F" . (.HP 3D DriveGuard.) -- C:\Windows\Installer\{01BA2999-D426-422B-AD01-9937288E55F9}\controlPanelIcon.exe O90 - PUC: "A4432684C93A7984CA4D1AEB5D61C3A5" . (.PhotoDirector.) -- C:\windows\Installer\{4862344A-A39C-4897-ACD4-A1BED5163C5A}\ARPPRODUCTICON.exe O90 - PUC: "A78975C0A30A59B43A902DF3874F60AC" . (.HP Utility Center.) -- C:\Windows\Installer\{0C57987A-A03A-4B95-A309-D23F78F406CA}\ARPPRODUCTICON.exe O90 - PUC: "B18BA825A56D0BA42A6B285BA180D710" . (.HP Recovery Manager.) -- C:\windows\Installer\{528AB81B-D65A-4AB0-A2B6-82B51A087D01}\_853F67D554F05449430E7E.exe O90 - PUC: "B722A2918C8AD6C49B9312AFBE00E7E1" . (.Google Drive.) -- C:\Windows\Installer\{192A227B-A8C8-4C6D-B939-21FAEB007E1E}\DriveIcon O90 - PUC: "CC11B906DEC86114DAA87A128698D493" . (.HP Quick Launch.) -- C:\windows\Installer\{609B11CC-8CED-4116-AD8A-A72168894D39}\_853F67D554F05449430E7E.exe O90 - PUC: "CC599AF0948C55741BB44540CC57CD42" . (.Energy Star.) -- C:\Windows\Installer\{0FA995CC-C849-4755-B14B-5404CC75DC24}\_853F67D554F05449430E7E.exe O90 - PUC: "D111535A8C59F78468E9ECC43299272D" . (.iTunes.) -- C:\Windows\Installer\{A535111D-95C8-487F-869E-CE4C239972D2}\Installer.ico O90 - PUC: "D96ED149EEC61714F8F1D3E753A24A89" . (.HP Wireless Button Driver.) -- C:\Windows\Installer\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}\ARPPRODUCTICON.exe O90 - PUC: "DE532CED4A8571542A874CE1D8EABAB3" . (.PowerDVD.) -- C:\Windows\Installer\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\ARPPRODUCTICON.exe O90 - PUC: "DF42B2AC01EE9B240B94AA0862E8E712" . (.Boxore Client.) -- C:\Windows\Installer\{CA2B24FD-EE10-42B9-B049-AA80268E7E21}\boxore.ico =>Adware.Boxore O90 - PUC: "E78D5FE2DB7BF85448824E0D8B4B6EC5" . (.Apple Mobile Device Support.) -- C:\Windows\Installer\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}\Installer.ico ~ Update Products: 74 Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.9448C6D833E76147214DD912CF0327FE] [WIS][29/10/2013] (.M-Audio - Installer for M-Audio FastTrackPro Driver 6.0.7 (x64).) -- C:\Windows\Installer\1391db23.msi [3743744] [MD5.98B71EBBC205A824FF4030FECA79B6C1] [WIS][26/09/2013] (.Google, Inc. - Google Drive.) -- C:\Windows\Installer\66181f2.msi [31623168] [MD5.E32A1A1B9CC600CF062E0E429925841A] [WIS][16/08/2013] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\9e9dd49.msi [1974272] =>Adware.Boxore ~ WIS: 75 Scanned in 00mn 08s ---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 09/05/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SS - | Auto 19/09/2013 38440 | (BackupStack) . (.Just Develop It.) - C:\Program Files (x86)\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SS - | Demand 08/08/2012 276288 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe SS - | Auto 26/03/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 26/03/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SR - | Auto 10/08/2012 85504 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co SR - | Demand 10/08/2012 1001376 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe SR - | Auto 10/08/2012 29600 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe SR - | Auto 31/07/2012 35232 | (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe SR - | Auto 14/07/2012 2451456 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe SR - | Auto 20/04/2012 635104 | (Intel® Capability Licensing Service Interface) . (.Intel® Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe SR - | Auto 18/07/2012 128896 | (Intel® ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe SR - | Demand 01/10/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 18/07/2012 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe SR - | Auto 18/07/2012 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe SR - | Auto 21/05/2013 144368 | (NIS) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe SS - | Auto 06/11/2013 119408 | (Software_update) . (.The Software Group.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore SS - | Demand 06/11/2013 119408 | (Software_update_m) . (.The Software Group.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore SR - | Auto 21/07/2012 321536 | (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe SR - | Auto 18/07/2012 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 06/11/2013 1706136 | (WsysSvc) . (.Wsys Co., Ltd..) - C:\ProgramData\eSafe\eGdpSvc.exe =>PUP.eSafeSecurity SR - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 10s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Run by Anto at 06/11/2013 22:32:54 ~ OS 64 not supported by MBR tool ~ MBR: 0 Scanned in 00mn 00s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Anto at 06/11/2013 22:32:56 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 12991 - (06/11/2013) Clés trouvées (Keys found) : 31 Valeurs trouvées (Values found) : 9 Dossiers trouvés (Folders found) : 11 Fichiers trouvés (Files found) : 15 [HKLM\Software\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo] =>PUP.Elex^ [HKLM\Software\Google\Chrome\Extensions\khmbajnfeegpfichienonefldpjedofp] =>Adware.AddLyrics^ [HKLM\Software\Google\Chrome\Extensions\pbpohikckhbcljgombipcdoinkaedlfa] =>Spyware.SmartDisplay^ [HKLM\SYSTEM\CurrentControlSet\Services\MyPC Backup) (BackupStack] =>PUP.MyPCBackup^ [HKLM\SYSTEM\CurrentControlSet\Services\Software_update (Software_update] =>Adware.Boxore^ [HKLM\SYSTEM\CurrentControlSet\Services\WsysSvc] =>PUP.eSafeSecurity^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CA2B24FD-EE10-42B9-B049-AA80268E7E21}] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\LyricsMonkey-15] =>Adware.AddLyrics^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup] =>PUP.MyPCBackup^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WsysControl] =>PUP.eSafeSecurity^ [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}] =>Toolbar.Babylon [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}] =>Toolbar.Babylon [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd [HKCU\Software\Boxore] =>Adware.Boxore [HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore [HKLM\Software\Wow6432Node\eSafeSecControl] =>PUP.eSafeSecurity [HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo] =>PUP.Elex [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}] =>Toolbar.Yahoo [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}] =>Toolbar.Yahoo [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}] =>Toolbar.Yahoo [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WsysControl] =>PUP.eSafeSecurity [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc] =>PUP.eSafeSecurity [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Boxore Client =>Adware.Boxore^ C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo =>PUP.Elex^ C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp =>Adware.AddLyrics^ C:\Users\Anto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa =>Spyware.SmartDisplay^ C:\Program Files (x86)\Boxore =>Adware.Boxore^ C:\Program Files (x86)\LyricsMonkey-15 =>Adware.AddLyrics^ C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup^ C:\ProgramData\BoxUpdChk =>Adware.Boxore^ C:\ProgramData\eSafe =>PUP.eSafeSecurity^ C:\Users\Anto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup =>PUP.MyPCBackup^ C:\Program Files (x86)\Software =>Adware.Boxore C:\Users\Anto\AppData\Local\Software =>Adware.Boxore C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe =>Adware.Boxore^ C:\Windows\Tasks\LyricsMonkey-15-chromeinstaller.job =>Adware.AddLyrics^ C:\Windows\Tasks\LyricsMonkey-15-codedownloader.job =>Adware.AddLyrics^ C:\ProgramData\BoxUpdChk\updchk.exe =>Adware.Boxore^ C:\Program Files (x86)\LyricsMonkey-15\LyricsMonkey-15-chromeinstaller.exe =>Adware.AddLyrics^ C:\Program Files (x86)\LyricsMonkey-15\LyricsMonkey-15-codedownloader.exe =>Adware.AddLyrics^ C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore^ [HKCU\Software\AppDataLow\Software\LyricsMonkey-15] =>Adware.AddLyrics^ C:\Users\Anto\AppData\Local\Temp\BoxoreInstaller.exe =>Adware.Boxore^ C:\Users\Anto\AppData\Local\Temp\LyricsMonkey_1060-1053.exe =>Adware.AddLyrics^ C:\Users\Anto\AppData\Local\Temp\wajam_download.exe =>Toolbar.Wajam^ C:\Windows\Installer\9e9dd49.msi =>Adware.Boxore^ C:\Users\Anto\AppData\Local\Temp\WajamIM.EXE =>Toolbar.Wajam C:\Users\Anto\AppData\Local\Temp\OBBoxore.EXE =>Adware.Boxore ~ Additionnel Scan: 290133 Items scanned in 00mn 29s ---\\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore ~ http://nicolascoolman.webs.com/apps/blog/show/33479906-pup-elex =>PUP.Elex ~ http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics =>Adware.AddLyrics ~ http://nicolascoolman.webs.com/apps/blog/show/32662245-spyware-smartdisplay =>Spyware.SmartDisplay ~ http://nicolascoolman.webs.com/apps/blog/show/33263878-hijacker-browser =>Hijacker.Browsers ~ http://nicolascoolman.webs.com/apps/blog/show/32174815-pup-mypcbackup =>PUP.MyPCBackup ~ http://nicolascoolman.webs.com/apps/blog/show/27588628-pup-esafesecurity =>PUP.eSafeSecurity ~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider ~ http://nicolascoolman.webs.com/apps/blog/show/27379491-toolbar-wajam =>Toolbar.Wajam ~ http://nicolascoolman.webs.com/apps/blog/show/34702976-toolbar-ebay =>Toolbar.eBay ~ http://nicolascoolman.webs.com/apps/blog/show/33460217-pup-bomlabio =>PUP.Bomlabio ~ http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply =>PUP.DealPly ~ http://nicolascoolman.webs.com/apps/blog/show/29294184-adware-pricora =>Adware.Pricora ~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon ~ http://nicolascoolman.webs.com/apps/blog/show/27672211-pup-v9software =>PUP.V9Software ~ http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd ~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo =>Toolbar.Yahoo ~ MSI: 17 link(s) detected in 00mn 30s End of the scan (2159 lines in 06mn 36s)(0)
